Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AA52D558C3A211EF8C69B0A0762E951A.roa
File: AA52D558C3A211EF8C69B0A0762E951A.roa (raw, json)
Hash identifier: bnjXkHWaHcpBZ4HQvN2ZguhCyLYfp85GYV2TpGPwdwk=
Subject key identifier: 09:78:41:EE:14:3F:D2:0C:B3:4B:D9:1C:17:B3:7D:E0:F3:5C:4A:68
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EDA9
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AA52D558C3A211EF8C69B0A0762E951A.roa
Signing time: Thu 26 Dec 2024 16:01:28 +0000
ROA not before: Thu 26 Dec 2024 16:01:24 +0000
ROA not after: Sun 12 Dec 2027 16:01:24 +0000
asID: 17561
IP address blocks: 45.200.150.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60841 (0xeda9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 16:01:24 2024 GMT
Not After : Dec 12 16:01:24 2027 GMT
Subject: CN=676d7dd8-33c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:50:02:08:22:51:8a:7d:bf:ed:d6:ff:fb:13:
aa:09:d1:53:dd:dc:af:6d:7f:f0:89:31:3b:5f:21:
8c:ed:1d:f6:64:f7:b2:82:39:9a:87:2e:77:a8:1f:
1b:10:59:30:72:0c:3d:16:d1:ac:51:b2:ab:d6:15:
8b:c3:31:9c:ca:9a:4e:ce:fb:c0:c7:50:d3:97:3e:
fe:33:08:cf:21:4e:ed:b9:4f:b7:01:3b:7e:ae:b7:
b7:ac:fe:f9:67:f6:72:d2:f9:e2:e6:c6:c8:10:50:
1a:b3:7e:3d:83:7b:b1:37:3e:d7:45:fb:fd:a5:d8:
e8:fe:90:99:ee:c0:b2:19:53:0a:f0:6f:dd:43:58:
58:ea:d3:80:d7:69:3a:23:23:d9:71:a9:02:a3:c1:
f8:e5:cf:40:c6:b3:3e:16:97:c5:76:88:00:9e:32:
ee:4c:dc:e0:44:2e:08:4a:49:f4:90:fa:f5:87:33:
b0:7a:28:c8:48:b1:9f:3c:e8:70:28:20:3b:ee:cb:
36:cb:c5:30:89:7d:4e:4b:2f:20:05:88:b7:a3:82:
86:fa:92:bc:b5:70:73:19:db:e4:bb:59:c6:55:22:
2a:e5:5c:cf:7a:bf:38:ad:97:73:3d:1c:d5:fe:2a:
99:c0:74:fa:f6:8f:c0:d3:3c:ec:4d:e3:15:0a:e4:
af:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:78:41:EE:14:3F:D2:0C:B3:4B:D9:1C:17:B3:7D:E0:F3:5C:4A:68
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AA52D558C3A211EF8C69B0A0762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.200.150.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:a8:3e:ec:ca:84:0a:7c:d6:d9:bf:92:64:98:19:3b:a2:e6:
1e:05:2c:c2:4d:e9:dd:59:8a:11:12:9f:b4:7d:3c:3d:aa:4e:
01:24:6b:24:72:dc:4e:5a:33:c4:13:55:07:47:dc:65:e2:a4:
63:99:16:4e:1e:e2:6d:23:2d:c3:b9:57:5f:30:c6:0e:6f:0c:
92:ad:83:1e:96:8c:84:b9:ac:a6:9e:ae:a8:f4:a7:d3:13:a0:
a5:09:0e:e9:69:ed:bb:bf:a6:05:c3:83:b1:44:53:3a:5d:bd:
bb:fa:79:b9:12:d6:b7:c5:e1:ce:23:95:aa:21:e3:7f:8c:48:
11:98:f6:a3:a0:ae:40:82:8a:1a:13:c1:3d:78:07:83:5e:81:
83:74:d0:01:af:d3:44:19:f8:ee:7d:86:c5:fc:ae:af:52:23:
c8:93:4f:4f:11:56:5c:9f:19:04:58:d2:5d:aa:4b:9f:8d:5d:
87:6c:2d:92:12:d1:45:4b:63:06:a7:ea:8f:18:d0:41:0b:4f:
0f:1d:68:2b:0d:00:43:de:70:98:aa:8c:fc:5e:2c:ba:18:e6:
b6:6a:a5:8d:c3:44:27:5e:59:31:19:c4:ef:9c:c6:40:ae:dd:
2d:f6:ea:2d:94:a7:9b:9b:92:94:b4:84:46:d4:f4:22:e1:ab:
b7:7b:1b:30
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO2pMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTYwMTI0WhcNMjcxMjEyMTYwMTI0WjAYMRYw
FAYDVQQDEw02NzZkN2RkOC0zM2M0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnlACCCJRin2/7db/+xOqCdFT3dyvbX/wiTE7XyGM7R32ZPeygjmahy53
qB8bEFkwcgw9FtGsUbKr1hWLwzGcyppOzvvAx1DTlz7+MwjPIU7tuU+3ATt+rre3
rP75Z/Zy0vni5sbIEFAas349g3uxNz7XRfv9pdjo/pCZ7sCyGVMK8G/dQ1hY6tOA
12k6IyPZcakCo8H45c9AxrM+FpfFdogAnjLuTNzgRC4ISkn0kPr1hzOweijISLGf
POhwKCA77ss2y8UwiX1OSy8gBYi3o4KG+pK8tXBzGdvku1nGVSIq5VzPer84rZdz
PRzV/iqZwHT69o/A0zzsTeMVCuSvkwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAl4
Qe4UP9IMs0vZHBezfeDzXEpoMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BQTUyRDU1OEMzQTIxMUVGOEM2OUIwQTA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALciWMA0GCSqGSIb3DQEBCwUA
A4IBAQBqqD7syoQKfNbZv5JkmBk7ouYeBSzCTendWYoREp+0fTw9qk4BJGskctxO
WjPEE1UHR9xl4qRjmRZOHuJtIy3DuVdfMMYObwySrYMeloyEuaymnq6o9KfTE6Cl
CQ7pae27v6YFw4OxRFM6Xb27+nm5Eta3xeHOI5WqIeN/jEgRmPajoK5AgooaE8E9
eAeDXoGDdNABr9NEGfjufYbF/K6vUiPIk09PEVZcnxkEWNJdqkufjV2HbC2SEtFF
S2MGp+qPGNBBC08PHWgrDQBD3nCYqoz8Xiy6GOa2aqWNw0QnXlkxGcTvnMZArt0t
9uotlKebm5KUtIRG1PQi4au3exsw
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:01:25 2025 by rpki-client