Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A9E7A8EAC3C111EF8AFDFE64762E951A.roa
File: A9E7A8EAC3C111EF8AFDFE64762E951A.roa (raw, json)
Hash identifier: lRtRaRqzvW7coHzZkFyrY/Nj6fptN1zFmqgq+Vn2ol4=
Subject key identifier: BE:E6:98:AB:7E:EA:8C:F7:56:49:68:5C:46:21:AA:AC:43:61:2B:25
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EEED
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A9E7A8EAC3C111EF8AFDFE64762E951A.roa
Signing time: Thu 26 Dec 2024 19:43:22 +0000
ROA not before: Thu 26 Dec 2024 19:43:18 +0000
ROA not after: Sun 12 Dec 2027 19:43:18 +0000
asID: 17561
IP address blocks: 45.207.190.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61165 (0xeeed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 19:43:18 2024 GMT
Not After : Dec 12 19:43:18 2027 GMT
Subject: CN=676db1da-1c8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b2:ef:3c:ae:56:31:34:b3:a9:ba:93:a0:d9:
81:77:18:bc:3b:61:f9:83:09:ff:5f:67:86:10:2b:
8e:34:db:91:d9:0c:07:40:2a:16:e3:be:4e:96:99:
8a:d3:c7:2d:08:a6:c5:0c:01:fb:c3:ce:35:16:db:
de:11:11:bf:d4:aa:ea:0e:9e:b0:16:fa:e5:c4:b0:
0d:d7:b5:0d:55:fb:dd:e3:e1:78:27:91:cd:8a:e7:
e8:d3:7c:7b:3a:7b:ee:58:04:2a:2f:24:80:60:b1:
ae:a6:5f:c0:c4:88:6e:56:1c:32:40:cf:e6:e7:49:
e8:2c:d9:08:c4:34:ef:88:44:01:d1:62:35:8a:19:
a0:60:ea:d5:1d:cf:25:38:fe:44:b9:dc:57:a6:91:
b7:4f:14:24:5d:7d:4c:6c:a9:7b:bd:5f:8f:7e:37:
cf:b5:e4:d0:44:88:1d:71:2d:06:a9:bb:ad:ff:17:
d6:b8:d1:76:08:ab:c9:ee:54:ca:3c:79:f7:32:79:
36:84:d9:e9:f3:bc:07:24:ff:0e:0d:de:16:c4:23:
be:90:2f:56:30:ca:7a:e5:9e:79:b9:74:7e:64:0e:
7e:ed:77:8d:64:c3:8e:8a:08:c2:e9:c4:bf:13:62:
d4:28:cd:7e:c2:d7:7a:e9:52:a9:63:e5:a3:7c:fe:
2b:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:E6:98:AB:7E:EA:8C:F7:56:49:68:5C:46:21:AA:AC:43:61:2B:25
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A9E7A8EAC3C111EF8AFDFE64762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.207.190.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:af:0a:50:47:12:6b:13:92:0a:4c:42:9b:ae:5f:07:2b:51:
36:2e:8e:22:f9:8c:10:d1:16:f6:3e:81:25:3d:58:e0:34:2f:
93:33:54:5e:a6:8a:42:00:96:ee:28:ff:8e:2f:93:4e:23:d6:
4a:a9:84:e0:fa:25:ce:b9:3b:08:f8:4b:ad:ad:89:8a:6d:85:
1a:2d:af:e0:bb:fd:13:35:24:8a:0d:86:db:ef:7d:f3:15:c4:
0e:79:45:5b:92:a9:74:fa:0f:cc:3d:8e:e9:1f:6e:fa:d5:a3:
a0:af:47:8d:37:37:56:83:c2:9f:5d:61:e8:3e:73:e9:cc:cb:
27:81:45:62:0d:e4:5b:be:0b:59:06:8d:bc:4d:db:94:a4:d7:
18:a4:7a:c5:43:89:b9:ec:ec:c5:8a:c7:94:a5:61:48:22:69:
33:c7:44:65:cd:e2:5b:87:26:32:7d:55:d9:07:6d:6a:64:4b:
ad:21:d1:db:23:4f:e5:ff:e8:43:34:c9:26:54:ed:68:6f:f2:
89:62:69:21:ce:cf:29:a3:7b:05:03:81:6b:90:e7:b7:ff:26:
5f:64:37:e9:c0:0e:12:16:50:db:cf:67:17:ea:ec:f9:72:12:
05:5e:ae:ec:c1:03:5e:fe:58:2d:6e:68:e5:21:73:74:3d:a0:
86:3d:61:a7
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO7tMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTk0MzE4WhcNMjcxMjEyMTk0MzE4WjAYMRYw
FAYDVQQDEw02NzZkYjFkYS0xYzhhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqbLvPK5WMTSzqbqToNmBdxi8O2H5gwn/X2eGECuONNuR2QwHQCoW475O
lpmK08ctCKbFDAH7w841FtveERG/1KrqDp6wFvrlxLAN17UNVfvd4+F4J5HNiufo
03x7OnvuWAQqLySAYLGupl/AxIhuVhwyQM/m50noLNkIxDTviEQB0WI1ihmgYOrV
Hc8lOP5EudxXppG3TxQkXX1MbKl7vV+PfjfPteTQRIgdcS0Gqbut/xfWuNF2CKvJ
7lTKPHn3Mnk2hNnp87wHJP8ODd4WxCO+kC9WMMp65Z55uXR+ZA5+7XeNZMOOigjC
6cS/E2LUKM1+wtd66VKpY+WjfP4rYwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFL7m
mKt+6oz3VkloXEYhqqxDYSslMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BOUU3QThFQUMzQzExMUVGOEFGREZFNjQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc++MA0GCSqGSIb3DQEBCwUA
A4IBAQArrwpQRxJrE5IKTEKbrl8HK1E2Lo4i+YwQ0Rb2PoElPVjgNC+TM1RepopC
AJbuKP+OL5NOI9ZKqYTg+iXOuTsI+EutrYmKbYUaLa/gu/0TNSSKDYbb733zFcQO
eUVbkql0+g/MPY7pH2761aOgr0eNNzdWg8KfXWHoPnPpzMsngUViDeRbvgtZBo28
TduUpNcYpHrFQ4m57OzFiseUpWFIImkzx0RlzeJbhyYyfVXZB21qZEutIdHbI0/l
/+hDNMkmVO1ob/KJYmkhzs8po3sFA4FrkOe3/yZfZDfpwA4SFlDbz2cX6uz5chIF
Xq7swQNe/lgtbmjlIXN0PaCGPWGn
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:45:28 2025 by rpki-client