Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9B0BE214C3AD11EF8255C267762E951A.roa
File: 9B0BE214C3AD11EF8255C267762E951A.roa (raw, json)
Hash identifier: yv7kJVge6BgaWkCZYsMC53aT2JHXoVXngKFwSVhgjIM=
Subject key identifier: 1F:A6:B8:3F:4D:85:30:A6:C8:C8:85:B0:05:ED:0D:61:58:CB:55:F2
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EE1D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9B0BE214C3AD11EF8255C267762E951A.roa
Signing time: Thu 26 Dec 2024 17:19:47 +0000
ROA not before: Thu 26 Dec 2024 17:19:43 +0000
ROA not after: Sun 12 Dec 2027 17:19:43 +0000
asID: 17561
IP address blocks: 45.200.249.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60957 (0xee1d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 17:19:43 2024 GMT
Not After : Dec 12 17:19:43 2027 GMT
Subject: CN=676d9033-7710
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:eb:9a:b6:e4:79:f4:ab:3f:d5:86:68:20:73:
63:ff:c9:fa:96:b2:cb:4a:88:a4:f4:bc:8c:07:68:
ff:95:81:b1:c2:28:6d:ea:ec:45:c4:74:1b:fe:6d:
4d:06:25:b1:f2:c4:35:c3:a2:58:96:2b:5e:6d:21:
ac:05:bf:ab:ad:4b:14:9a:2c:e2:54:f4:be:d1:da:
0b:3e:b3:25:12:14:ac:e1:4d:c6:11:0d:35:e3:e1:
32:c2:aa:c5:6c:45:3d:df:18:15:ec:d1:8c:0f:ea:
1e:4d:35:13:df:b7:10:ac:ce:98:50:73:15:14:fe:
7c:b7:c2:d4:89:62:9d:91:73:3a:73:ac:12:d7:33:
55:8d:a5:25:c9:35:42:42:93:e6:f5:fa:4a:01:fe:
3c:d7:cd:aa:f8:81:10:ad:e5:6b:47:cd:d2:72:7f:
ac:37:ea:03:bb:7c:bb:bd:b2:77:85:5a:0d:54:9b:
fa:ae:33:ab:3c:86:52:05:ad:a4:16:22:36:2d:d7:
6c:9b:75:dd:48:ca:46:3e:8c:10:ca:fd:49:90:30:
2a:98:b8:b0:80:5c:ed:e1:c4:04:28:53:dd:62:b6:
88:25:7c:1c:1a:6c:3e:33:c8:4d:64:ab:72:73:40:
db:d8:fd:91:9c:fa:0e:5a:ad:f8:87:d9:73:f3:4d:
f6:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:A6:B8:3F:4D:85:30:A6:C8:C8:85:B0:05:ED:0D:61:58:CB:55:F2
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9B0BE214C3AD11EF8255C267762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.200.249.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:21:d9:93:81:77:67:19:73:86:57:0a:2d:5a:32:43:29:08:
8c:fe:5f:92:5c:e4:f7:b1:39:be:eb:d9:e2:3a:45:cd:eb:6f:
9d:95:55:7c:e8:d3:96:ca:09:5f:86:3f:08:2b:68:25:ba:b5:
4e:7d:22:ea:3f:4e:c2:7c:d0:8c:b9:63:cf:d7:fe:8d:91:c7:
fb:ff:bf:16:ec:6e:62:56:e6:0e:37:f4:34:58:37:57:d2:0c:
da:88:e5:2a:e2:6e:26:b9:ea:eb:87:09:f8:bc:d6:2c:42:af:
80:d9:6b:c9:30:27:a1:e0:64:fa:b0:6e:f7:41:df:f4:21:88:
39:31:81:57:96:69:10:2a:20:e5:00:53:af:2a:1f:d5:6c:f2:
78:1c:3a:1c:ff:dd:38:57:3c:2d:5c:64:2a:cd:df:85:d2:4b:
b7:2a:8a:6d:cb:6c:47:5f:eb:e4:91:4d:2b:45:0f:d6:c5:52:
17:2f:e8:bd:eb:f3:d6:ec:0f:6c:28:c9:f9:3e:f2:5f:e2:3b:
5f:a2:0d:8a:00:c2:ea:fc:c9:8f:b6:9e:c1:15:2d:2c:f1:3d:
22:4e:b5:1b:55:6d:3e:6f:2f:68:e1:1b:d9:70:5b:d8:80:d0:
75:77:49:d4:52:6d:c5:0e:07:99:c1:ff:26:8b:91:a7:af:6b:
b8:1e:92:0d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO4dMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTcxOTQzWhcNMjcxMjEyMTcxOTQzWjAYMRYw
FAYDVQQDEw02NzZkOTAzMy03NzEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoOuatuR59Ks/1YZoIHNj/8n6lrLLSoik9LyMB2j/lYGxwiht6uxFxHQb
/m1NBiWx8sQ1w6JYlitebSGsBb+rrUsUmiziVPS+0doLPrMlEhSs4U3GEQ014+Ey
wqrFbEU93xgV7NGMD+oeTTUT37cQrM6YUHMVFP58t8LUiWKdkXM6c6wS1zNVjaUl
yTVCQpPm9fpKAf48182q+IEQreVrR83Scn+sN+oDu3y7vbJ3hVoNVJv6rjOrPIZS
Ba2kFiI2Lddsm3XdSMpGPowQyv1JkDAqmLiwgFzt4cQEKFPdYraIJXwcGmw+M8hN
ZKtyc0Db2P2RnPoOWq34h9lz8032swIDAQABo4ICojCCAp4wHQYDVR0OBBYEFB+m
uD9NhTCmyMiFsAXtDWFYy1XyMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85QjBCRTIxNEMzQUQxMUVGODI1NUMyNjc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcj5MA0GCSqGSIb3DQEBCwUA
A4IBAQB/IdmTgXdnGXOGVwotWjJDKQiM/l+SXOT3sTm+69niOkXN62+dlVV86NOW
yglfhj8IK2glurVOfSLqP07CfNCMuWPP1/6Nkcf7/78W7G5iVuYON/Q0WDdX0gza
iOUq4m4muerrhwn4vNYsQq+A2WvJMCeh4GT6sG73Qd/0IYg5MYFXlmkQKiDlAFOv
Kh/VbPJ4HDoc/904VzwtXGQqzd+F0ku3Kopty2xHX+vkkU0rRQ/WxVIXL+i96/PW
7A9sKMn5PvJf4jtfog2KAMLq/MmPtp7BFS0s8T0iTrUbVW0+by9o4RvZcFvYgNB1
d0nUUm3FDgeZwf8mi5Gnr2u4HpIN
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:51:56 2025 by rpki-client