Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8F4B54F2A8BC11EFBE93E197762E951A.roa
File: 8F4B54F2A8BC11EFBE93E197762E951A.roa (raw, json)
Hash identifier: f8lIlrsUBE1CHYGLTxtLBEqMB5E5RcLBoCpMg9xoEv4=
Subject key identifier: A8:33:0A:99:72:28:D8:18:E3:68:9C:19:CC:38:6E:CC:EE:74:D3:77
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D7B3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8F4B54F2A8BC11EFBE93E197762E951A.roa
Signing time: Fri 22 Nov 2024 10:28:48 +0000
ROA not before: Fri 22 Nov 2024 10:28:45 +0000
ROA not after: Sat 08 Nov 2025 10:28:45 +0000
asID: 133847
IP address blocks: 45.200.64.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 55219 (0xd7b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Nov 22 10:28:45 2024 GMT
Not After : Nov 8 10:28:45 2025 GMT
Subject: CN=67405ce0-e708
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:db:2b:b9:cc:40:75:d9:08:b4:66:93:cb:c2:
7c:18:31:b5:45:29:fe:30:37:28:2c:fb:5c:4c:68:
6d:58:67:09:62:ba:fa:b0:31:6a:e2:bf:10:7c:0d:
6f:7b:ce:e2:80:90:ce:3b:d9:d9:e2:a9:68:60:a9:
93:91:03:a7:1c:ac:50:c1:65:c1:3b:ae:33:9e:14:
84:0f:ff:c8:f9:74:10:72:43:09:ee:c2:79:85:71:
b6:ad:9e:69:66:b5:0b:b3:9e:e9:f9:3a:0d:07:cf:
3d:50:32:65:c8:a6:5c:5c:13:f7:84:22:63:c4:d8:
be:7d:e8:29:ec:e8:97:e6:c0:1f:b6:45:20:1a:2b:
2f:9a:7e:9f:c2:a8:bc:db:65:ff:ae:bc:0b:96:18:
67:f8:1c:85:a1:8c:57:80:33:96:3b:2a:c5:f3:26:
a8:11:80:0f:85:ef:d0:82:0b:10:fa:6c:53:88:22:
3c:5d:ad:23:e6:27:cb:81:60:1f:43:1b:b4:5e:53:
1c:fb:a5:d2:91:dc:b6:b1:88:1b:9b:25:73:3c:83:
7f:a0:db:f2:dd:01:bb:2c:cb:c1:2a:9b:33:f8:bf:
af:25:2b:eb:2e:f4:89:6b:0b:5e:c3:e5:9f:ad:49:
fa:80:fd:34:83:04:63:25:15:5a:76:52:b2:90:63:
cc:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:33:0A:99:72:28:D8:18:E3:68:9C:19:CC:38:6E:CC:EE:74:D3:77
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8F4B54F2A8BC11EFBE93E197762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.200.64.0/20
Signature Algorithm: sha256WithRSAEncryption
53:71:f9:af:49:93:51:a4:1a:46:87:9b:60:da:6a:a1:07:11:
06:3a:0d:10:80:39:ce:05:db:b2:3a:ae:54:06:92:49:f9:08:
80:99:26:79:84:7b:18:81:77:68:3f:5b:fa:f3:5c:32:5e:75:
fc:77:2b:31:78:a0:2a:ac:74:97:14:0d:90:a4:87:56:9a:a2:
38:3b:72:3d:04:af:7d:52:f7:b6:3c:b3:98:d0:ca:f7:15:51:
db:cf:bf:f1:3b:ef:19:ca:55:93:62:0f:1e:60:f2:25:11:42:
3c:98:a7:7e:12:ca:7d:9f:33:fc:81:b4:3b:40:45:a4:20:89:
37:e6:c6:d1:64:67:f7:af:a5:17:d6:f9:6c:f1:67:2e:95:07:
ff:1d:a1:d9:b2:a1:c2:be:3f:da:04:7a:57:6a:a7:63:44:19:
4d:9c:8e:99:4f:74:d9:85:fc:3a:c1:68:a0:46:e2:6d:f4:5d:
94:8e:38:fc:07:62:df:35:f8:be:ac:00:08:79:1a:d5:45:24:
7d:6c:50:9e:93:5d:71:af:19:ca:b6:08:66:78:f8:e0:bc:a9:
8d:9e:9e:54:b5:11:f7:10:4b:80:fb:62:9c:3f:93:c8:b6:ec:
c0:87:9e:c1:14:a7:76:8d:91:29:68:89:7f:de:42:2b:83:f6:
f8:c8:2c:98
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANezMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTIyMTAyODQ1WhcNMjUxMTA4MTAyODQ1WjAYMRYw
FAYDVQQDEw02NzQwNWNlMC1lNzA4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAt9srucxAddkItGaTy8J8GDG1RSn+MDcoLPtcTGhtWGcJYrr6sDFq4r8Q
fA1ve87igJDOO9nZ4qloYKmTkQOnHKxQwWXBO64znhSED//I+XQQckMJ7sJ5hXG2
rZ5pZrULs57p+ToNB889UDJlyKZcXBP3hCJjxNi+fegp7OiX5sAftkUgGisvmn6f
wqi822X/rrwLlhhn+ByFoYxXgDOWOyrF8yaoEYAPhe/QggsQ+mxTiCI8Xa0j5ifL
gWAfQxu0XlMc+6XSkdy2sYgbmyVzPIN/oNvy3QG7LMvBKpsz+L+vJSvrLvSJawte
w+WfrUn6gP00gwRjJRVadlKykGPMawIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKgz
CplyKNgY42icGcw4bszudNN3MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84RjRCNTRGMkE4QkMxMUVGQkU5M0UxOTc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQELchAMA0GCSqGSIb3DQEBCwUA
A4IBAQBTcfmvSZNRpBpGh5tg2mqhBxEGOg0QgDnOBduyOq5UBpJJ+QiAmSZ5hHsY
gXdoP1v681wyXnX8dysxeKAqrHSXFA2QpIdWmqI4O3I9BK99Uve2PLOY0Mr3FVHb
z7/xO+8ZylWTYg8eYPIlEUI8mKd+Esp9nzP8gbQ7QEWkIIk35sbRZGf3r6UX1vls
8WculQf/HaHZsqHCvj/aBHpXaqdjRBlNnI6ZT3TZhfw6wWigRuJt9F2Ujjj8B2Lf
Nfi+rAAIeRrVRSR9bFCek11xrxnKtghmePjgvKmNnp5UtRH3EEuA+2KcP5PItuzA
h57BFKd2jZEpaIl/3kIrg/b4yCyY
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:47:13 2025 by rpki-client