Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8EC1E352C32411EF9DCE8572762E951A.roa
File: 8EC1E352C32411EF9DCE8572762E951A.roa (raw, json)
Hash identifier: eZq524g9+N/UgSZChUhECRG5CRqONTgWyCj6gU1OWFk=
Subject key identifier: 76:68:03:10:16:A3:34:C8:6B:9F:33:B3:10:E5:11:61:11:56:9E:79
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EA69
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8EC1E352C32411EF9DCE8572762E951A.roa
Signing time: Thu 26 Dec 2024 00:58:45 +0000
ROA not before: Thu 26 Dec 2024 00:00:42 +0000
ROA not after: Sat 01 Mar 2025 00:00:42 +0000
asID: 984
IP address blocks: 45.201.0.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60009 (0xea69)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 00:00:42 2024 GMT
Not After : Mar 1 00:00:42 2025 GMT
Subject: CN=676caa45-00fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:16:bf:1b:4d:83:dd:fd:22:9b:16:72:7b:8c:
ee:da:e3:08:47:d4:c8:93:c3:59:49:f3:d8:8e:54:
62:3c:fc:c2:21:35:da:43:93:a9:f9:41:d7:c1:b2:
9f:3b:fb:bd:49:84:9b:56:64:f3:f7:76:9c:40:26:
48:4a:96:6a:60:fc:e9:9b:83:5c:63:8e:0f:b5:84:
67:da:61:15:48:15:c1:34:db:1f:12:6c:ef:19:67:
9a:05:78:84:79:8e:d3:01:88:6c:b5:ee:33:61:b3:
43:65:12:37:46:1d:4d:14:33:ee:18:16:7b:e3:98:
32:70:27:3a:6e:41:66:6c:04:88:54:85:56:cf:ed:
1b:4f:88:2a:b1:c0:7c:e3:72:de:25:ff:6c:90:0d:
92:12:f6:6b:b3:01:02:e0:2c:6e:96:4e:b0:46:4c:
ff:16:bc:2a:4f:06:c4:8a:53:3d:8f:07:13:83:83:
21:08:89:94:09:22:ca:d4:2a:00:60:8d:5e:d6:3c:
83:42:fa:54:53:ad:9d:91:47:d1:54:b4:18:87:38:
dc:6e:eb:8e:9c:a7:42:4a:fa:d3:11:a1:8d:f8:eb:
ae:60:4a:96:d0:37:ee:73:a6:d7:5d:e4:16:dc:31:
79:ab:6e:5a:c6:c7:ad:d4:ba:5b:65:31:78:c4:7f:
a6:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:68:03:10:16:A3:34:C8:6B:9F:33:B3:10:E5:11:61:11:56:9E:79
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8EC1E352C32411EF9DCE8572762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.201.0.0/17
Signature Algorithm: sha256WithRSAEncryption
a3:77:c7:0c:4b:0c:e0:b4:12:b1:25:8c:1c:63:2a:0d:39:23:
0a:ac:e9:e5:50:7a:2e:db:73:af:52:ad:89:a1:c2:a4:f0:08:
ba:5f:66:b8:cc:e7:99:2c:8a:37:1b:52:30:d9:f3:00:e8:64:
41:06:71:4d:d0:57:bf:e4:04:7d:c5:b2:4b:17:dd:b3:e6:89:
80:36:3d:67:7a:2c:34:a9:d1:f8:42:16:1d:e8:24:a1:ce:d7:
f4:c3:13:4d:f1:d7:32:34:fa:8e:3d:73:05:af:13:97:f8:f8:
8e:85:a8:a7:aa:eb:c0:56:6b:db:64:93:e8:be:bd:f9:99:0a:
c8:d6:92:76:6c:0c:5b:f5:9c:64:3b:81:f5:40:7e:ee:c8:6b:
68:24:07:dc:87:ee:76:81:31:70:cf:1c:d9:0c:e8:e4:12:bb:
f9:19:87:7e:b4:dd:1c:df:93:63:41:f4:96:79:d5:50:13:ac:
7c:16:33:4e:46:1a:04:ad:ce:fb:ed:55:c1:5b:c5:03:c5:00:
ad:3f:81:fd:94:a5:af:6f:cd:f3:69:f6:ad:01:bc:8b:74:1c:
4a:0a:5e:c0:0f:b7:97:65:9a:88:bf:59:96:aa:eb:82:c8:e3:
5a:a9:05:81:f9:5d:fb:b3:bd:4f:59:85:1e:81:33:58:49:85:
b1:3f:10:31
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOppMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDAwMDQyWhcNMjUwMzAxMDAwMDQyWjAYMRYw
FAYDVQQDEw02NzZjYWE0NS0wMGZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzxa/G02D3f0imxZye4zu2uMIR9TIk8NZSfPYjlRiPPzCITXaQ5Op+UHX
wbKfO/u9SYSbVmTz93acQCZISpZqYPzpm4NcY44PtYRn2mEVSBXBNNsfEmzvGWea
BXiEeY7TAYhste4zYbNDZRI3Rh1NFDPuGBZ745gycCc6bkFmbASIVIVWz+0bT4gq
scB843LeJf9skA2SEvZrswEC4Cxulk6wRkz/FrwqTwbEilM9jwcTg4MhCImUCSLK
1CoAYI1e1jyDQvpUU62dkUfRVLQYhzjcbuuOnKdCSvrTEaGN+OuuYEqW0Dfuc6bX
XeQW3DF5q25axset1LpbZTF4xH+mqwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHZo
AxAWozTIa58zsxDlEWERVp55MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84RUMxRTM1MkMzMjQxMUVGOURDRTg1NzI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQHLckAMA0GCSqGSIb3DQEBCwUA
A4IBAQCjd8cMSwzgtBKxJYwcYyoNOSMKrOnlUHou23OvUq2JocKk8Ai6X2a4zOeZ
LIo3G1Iw2fMA6GRBBnFN0Fe/5AR9xbJLF92z5omANj1neiw0qdH4QhYd6CShztf0
wxNN8dcyNPqOPXMFrxOX+PiOhainquvAVmvbZJPovr35mQrI1pJ2bAxb9ZxkO4H1
QH7uyGtoJAfch+52gTFwzxzZDOjkErv5GYd+tN0c35NjQfSWedVQE6x8FjNORhoE
rc777VXBW8UDxQCtP4H9lKWvb83zafatAbyLdBxKCl7AD7eXZZqIv1mWquuCyONa
qQWB+V37s71PWYUegTNYSYWxPxAx
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:45:41 2025 by rpki-client