Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/94C9DE3EC3B611EF9222A09D762E951A.roa
File: 94C9DE3EC3B611EF9222A09D762E951A.roa (raw, json)
Hash identifier: Vcvb7J8KSDc7upcmoJdXqf8sScx2IWx55sMZY+IA5TY=
Subject key identifier: 10:91:5A:57:72:88:45:49:1A:D5:0A:9D:D9:FE:9F:E4:CC:8E:90:0F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EE7B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/94C9DE3EC3B611EF9222A09D762E951A.roa
Signing time: Thu 26 Dec 2024 18:24:02 +0000
ROA not before: Thu 26 Dec 2024 18:23:58 +0000
ROA not after: Sun 12 Dec 2027 18:23:58 +0000
asID: 17561
IP address blocks: 45.207.57.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61051 (0xee7b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 18:23:58 2024 GMT
Not After : Dec 12 18:23:58 2027 GMT
Subject: CN=676d9f42-1ba3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:38:2b:fa:e3:b2:0c:7e:83:cf:38:e5:ce:c6:
c1:fe:bb:9d:ea:5e:81:d1:f3:47:ea:05:23:38:b9:
f8:c0:17:29:21:41:3a:c7:35:1a:2d:ca:1e:0b:88:
ba:b4:1f:7a:a8:9f:37:a9:e5:59:01:0c:61:33:49:
ef:16:f7:5c:67:c4:1f:35:1e:f0:6f:6b:81:00:ba:
ab:5b:a3:80:34:54:ce:bb:71:a8:92:53:02:1c:bc:
7a:aa:83:61:f9:18:77:2d:e0:49:7b:f5:d3:7f:f5:
29:2b:38:80:4e:c4:7a:74:08:67:92:63:e1:4f:a3:
5c:06:12:3f:d5:30:78:ac:38:ed:58:31:f4:27:dd:
5d:51:5c:ce:24:ec:30:39:bc:2d:20:aa:ee:e3:13:
ab:78:9d:32:d3:3b:fe:56:9f:b4:d3:da:54:d2:aa:
ee:01:e1:ed:e1:dd:ef:a3:5c:6d:ad:7c:39:47:50:
de:c5:c1:e0:38:40:b1:fa:ec:eb:49:bc:34:d7:f0:
55:dc:5b:77:1f:47:40:12:93:e1:a0:30:0d:77:96:
69:ed:6f:aa:e6:e9:11:89:b6:cc:fe:bd:55:66:db:
13:67:db:23:ae:a1:eb:8c:46:77:6f:0d:07:f2:71:
fa:bd:71:cd:fa:e0:a5:1b:e8:3c:4e:23:f1:f4:ad:
6f:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:91:5A:57:72:88:45:49:1A:D5:0A:9D:D9:FE:9F:E4:CC:8E:90:0F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/94C9DE3EC3B611EF9222A09D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.207.57.0/24
Signature Algorithm: sha256WithRSAEncryption
71:80:e7:9b:a6:d2:64:86:a8:f5:ff:37:e5:4a:35:c9:b1:43:
6f:44:28:c8:b3:18:4c:45:9f:c3:64:77:7b:73:35:75:b2:cf:
5e:52:c4:74:56:a0:80:30:78:d0:37:3e:32:1e:3f:16:2f:89:
36:99:b3:a5:db:44:ca:2c:14:a4:97:82:a6:d6:7a:ca:19:a2:
ce:c3:87:29:74:a9:0b:8b:de:28:a8:fd:26:31:e4:35:2a:21:
00:0a:24:9d:51:fe:33:1b:21:6f:98:c8:4a:2e:57:f8:27:40:
0d:00:18:9c:d2:a0:5c:bc:c2:4c:64:9e:2e:9f:6c:58:07:18:
3f:29:36:a9:4f:2f:71:49:b8:db:fb:14:21:57:5a:1d:2a:37:
a3:6e:47:d1:a1:0c:f8:ec:dd:4a:7e:d9:b6:c4:df:47:74:00:
1e:b5:d6:0b:98:a2:5a:74:af:bf:2c:62:fc:d0:3e:c8:0c:0a:
61:44:a0:d8:74:2d:e0:2b:bc:03:b0:32:b7:89:40:88:13:f1:
ec:6b:4f:c8:c5:1b:ee:53:6d:c0:e2:fa:ae:22:34:60:f0:41:
06:d7:4f:ab:73:f0:bd:fd:b2:7f:55:15:50:2b:c6:a0:5e:6f:
75:96:38:90:a3:fd:b6:19:1e:fa:59:e1:8b:98:0c:72:a5:c5:
18:80:ac:b5
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO57MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTgyMzU4WhcNMjcxMjEyMTgyMzU4WjAYMRYw
FAYDVQQDEw02NzZkOWY0Mi0xYmEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7Dgr+uOyDH6DzzjlzsbB/rud6l6B0fNH6gUjOLn4wBcpIUE6xzUaLcoe
C4i6tB96qJ83qeVZAQxhM0nvFvdcZ8QfNR7wb2uBALqrW6OANFTOu3GoklMCHLx6
qoNh+Rh3LeBJe/XTf/UpKziATsR6dAhnkmPhT6NcBhI/1TB4rDjtWDH0J91dUVzO
JOwwObwtIKru4xOreJ0y0zv+Vp+009pU0qruAeHt4d3vo1xtrXw5R1DexcHgOECx
+uzrSbw01/BV3Ft3H0dAEpPhoDANd5Zp7W+q5ukRibbM/r1VZtsTZ9sjrqHrjEZ3
bw0H8nH6vXHN+uClG+g8TiPx9K1vRQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBCR
WldyiEVJGtUKndn+n+TMjpAPMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85NEM5REUzRUMzQjYxMUVGOTIyMkEwOUQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc85MA0GCSqGSIb3DQEBCwUA
A4IBAQBxgOebptJkhqj1/zflSjXJsUNvRCjIsxhMRZ/DZHd7czV1ss9eUsR0VqCA
MHjQNz4yHj8WL4k2mbOl20TKLBSkl4Km1nrKGaLOw4cpdKkLi94oqP0mMeQ1KiEA
CiSdUf4zGyFvmMhKLlf4J0ANABic0qBcvMJMZJ4un2xYBxg/KTapTy9xSbjb+xQh
V1odKjejbkfRoQz47N1Kftm2xN9HdAAetdYLmKJadK+/LGL80D7IDAphRKDYdC3g
K7wDsDK3iUCIE/Hsa0/IxRvuU23A4vquIjRg8EEG10+rc/C9/bJ/VRVQK8agXm91
ljiQo/22GR76WeGLmAxypcUYgKy1
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:48:23 2025 by rpki-client