Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8F1FB822C3B211EF97D6EF85762E951A.roa
File: 8F1FB822C3B211EF97D6EF85762E951A.roa (raw, json)
Hash identifier: kl4PbM+k0b+9bske1id0HikbBZ3PYM+D+k6xfNCwMlE=
Subject key identifier: C4:FE:7F:77:34:09:9C:5E:47:5B:14:80:8B:D8:3B:7C:F9:CF:22:CF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EE51
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8F1FB822C3B211EF97D6EF85762E951A.roa
Signing time: Thu 26 Dec 2024 17:55:14 +0000
ROA not before: Thu 26 Dec 2024 17:55:11 +0000
ROA not after: Sun 12 Dec 2027 17:55:11 +0000
asID: 17561
IP address blocks: 45.204.25.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61009 (0xee51)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 17:55:11 2024 GMT
Not After : Dec 12 17:55:11 2027 GMT
Subject: CN=676d9882-fa12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:07:d3:91:38:1b:90:b2:aa:dd:f7:a1:1e:64:
29:fe:63:9b:ad:88:f5:6e:00:0d:a4:5b:08:b8:0e:
42:26:9e:92:b5:97:37:e5:14:50:a1:9d:30:58:66:
c2:9b:43:2f:df:a2:f9:54:b3:47:01:f9:57:b6:97:
dd:02:bc:bd:19:35:9a:d3:b6:e9:37:18:c7:0e:ff:
9b:69:ea:b9:7d:87:d3:4b:58:a3:74:e7:d5:a2:e8:
2c:9b:a5:a6:3a:c5:4d:09:b7:bf:72:77:2e:18:f9:
2a:e8:a7:d7:87:a5:b9:4f:6c:b8:5a:45:5d:95:26:
e8:76:56:a5:d2:5f:8b:00:cc:47:12:a0:41:2a:9b:
09:80:01:60:ac:ac:5a:94:ac:f9:36:5c:30:3e:ff:
fd:27:f5:eb:c3:5e:97:7f:f8:dd:f2:ff:d0:54:30:
42:b7:e1:79:e7:0a:96:5b:0f:ff:f4:d2:d6:d1:ce:
fa:b6:ce:e4:27:18:fb:56:94:d6:51:30:0c:42:e7:
9d:30:50:a0:9f:5d:f4:a0:28:f4:b5:15:49:d6:f9:
bf:d4:b3:c6:73:a2:f7:7e:ea:53:33:7d:5d:c2:99:
8a:99:41:2d:dd:4e:6d:7b:24:12:6b:4a:94:79:05:
64:4d:7c:f6:e9:e1:8d:e8:9c:e9:f6:20:c8:c9:73:
28:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:FE:7F:77:34:09:9C:5E:47:5B:14:80:8B:D8:3B:7C:F9:CF:22:CF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8F1FB822C3B211EF97D6EF85762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.204.25.0/24
Signature Algorithm: sha256WithRSAEncryption
79:66:1a:ff:8e:86:91:82:7f:9d:6f:09:13:9e:27:6e:30:ef:
99:a2:c1:41:56:a8:75:bb:2a:6f:e6:66:3c:06:1b:6d:7c:62:
ff:a5:8b:6c:b9:d4:b0:12:df:8c:97:f9:46:e6:15:fc:c4:bb:
ae:93:31:c5:5a:df:f6:0d:77:eb:c8:b7:be:41:f1:11:ea:39:
98:e9:35:96:5d:a7:dc:b5:f2:e0:a0:10:40:31:00:d2:58:af:
0b:0c:b4:76:44:59:8a:da:75:7c:16:14:ba:dc:bd:03:fb:a4:
f8:08:6e:63:d1:7a:cd:cc:61:b2:b6:2c:71:48:6d:34:d9:8e:
9b:65:e0:00:10:45:24:b8:2a:39:d9:58:4b:13:74:db:96:3d:
f1:4d:44:68:ac:ce:0a:24:b9:3c:6b:da:91:0c:1a:38:7e:5f:
54:bb:c3:15:76:a3:20:0c:27:0c:1a:f9:77:4e:ad:de:92:89:
ad:2f:6c:ed:a2:e9:46:a4:f8:7e:0f:e9:ba:56:56:ec:40:2d:
3e:d7:43:9e:77:9e:a4:a9:8d:0f:26:1c:a5:cd:a9:8f:55:11:
7a:4a:28:6b:2c:7a:e2:5d:14:62:52:64:f8:5e:37:b8:da:b3:
86:ef:5b:3a:17:2d:fc:61:06:82:ee:78:1a:da:76:14:4e:d9:
1c:bf:fd:86
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO5RMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTc1NTExWhcNMjcxMjEyMTc1NTExWjAYMRYw
FAYDVQQDEw02NzZkOTg4Mi1mYTEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtQfTkTgbkLKq3fehHmQp/mObrYj1bgANpFsIuA5CJp6StZc35RRQoZ0w
WGbCm0Mv36L5VLNHAflXtpfdAry9GTWa07bpNxjHDv+baeq5fYfTS1ijdOfVougs
m6WmOsVNCbe/cncuGPkq6KfXh6W5T2y4WkVdlSbodlal0l+LAMxHEqBBKpsJgAFg
rKxalKz5NlwwPv/9J/Xrw16Xf/jd8v/QVDBCt+F55wqWWw//9NLW0c76ts7kJxj7
VpTWUTAMQuedMFCgn130oCj0tRVJ1vm/1LPGc6L3fupTM31dwpmKmUEt3U5teyQS
a0qUeQVkTXz26eGN6Jzp9iDIyXMoFwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMT+
f3c0CZxeR1sUgIvYO3z5zyLPMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84RjFGQjgyMkMzQjIxMUVGOTdENkVGODU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcwZMA0GCSqGSIb3DQEBCwUA
A4IBAQB5Zhr/joaRgn+dbwkTniduMO+ZosFBVqh1uypv5mY8BhttfGL/pYtsudSw
Et+Ml/lG5hX8xLuukzHFWt/2DXfryLe+QfER6jmY6TWWXafctfLgoBBAMQDSWK8L
DLR2RFmK2nV8FhS63L0D+6T4CG5j0XrNzGGytixxSG002Y6bZeAAEEUkuCo52VhL
E3Tblj3xTURorM4KJLk8a9qRDBo4fl9Uu8MVdqMgDCcMGvl3Tq3ekomtL2ztoulG
pPh+D+m6VlbsQC0+10Oed56kqY0PJhylzamPVRF6SihrLHriXRRiUmT4Xje42rOG
71s6Fy38YQaC7nga2nYUTtkcv/2G
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:42:59 2025 by rpki-client