Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B200582AAB0611EFB7ECDB87762E951A.roa
File: B200582AAB0611EFB7ECDB87762E951A.roa (raw, json)
Hash identifier: AAo+TjWCoGi+QVM65ra4zQmipgb1L0kH3nH7QK6GWi4=
Subject key identifier: 66:7C:2D:BC:14:CB:29:44:D1:A1:5A:BF:76:17:2E:48:D6:73:BE:0C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: DA42
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B200582AAB0611EFB7ECDB87762E951A.roa
Signing time: Mon 25 Nov 2024 08:24:32 +0000
ROA not before: Mon 25 Nov 2024 08:24:28 +0000
ROA not after: Wed 28 May 2025 08:24:28 +0000
asID: 55720
IP address blocks: 45.207.32.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 55874 (0xda42)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Nov 25 08:24:28 2024 GMT
Not After : May 28 08:24:28 2025 GMT
Subject: CN=67443440-e6e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:fd:6f:cd:2c:94:fe:98:a2:2c:28:40:87:71:
e3:4b:1c:4a:8d:3a:3e:f2:ac:f8:7a:cb:92:67:4a:
89:fc:95:34:e5:bd:9a:14:83:99:a2:cd:eb:8a:0f:
86:8f:cb:5a:67:35:2c:09:ce:c9:df:42:20:72:21:
d2:27:27:f0:bb:9f:bc:06:65:4f:44:db:4f:bb:37:
a7:c9:1f:a5:96:3d:e0:96:1d:79:c6:e6:f6:dc:cf:
f3:79:24:c7:d0:64:64:18:28:77:84:c3:d9:63:b8:
27:f1:35:32:51:f1:34:aa:d6:ea:a8:55:b1:96:bd:
ce:65:48:9a:8a:cc:ce:9b:db:01:cb:8a:ef:24:82:
c0:29:29:ea:b1:e0:c8:c2:17:7f:65:e8:8d:4c:99:
97:b6:c4:78:a5:09:bb:c7:b7:b2:3c:42:73:7a:cc:
df:13:2e:74:9b:7b:31:81:11:c6:4a:a3:7c:9a:d4:
85:ed:f8:3e:c0:ec:70:60:1e:d3:9e:36:87:74:6b:
af:b3:89:2a:3a:19:24:1c:a7:59:96:c8:e2:5a:31:
de:8b:bc:dd:a3:23:fc:8b:49:eb:4d:8f:bd:75:ec:
fa:50:2f:b9:78:85:f1:69:b5:b0:4d:75:cc:db:0d:
de:fa:51:01:2f:72:6e:ef:a5:71:b9:e2:5c:7d:3c:
df:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:7C:2D:BC:14:CB:29:44:D1:A1:5A:BF:76:17:2E:48:D6:73:BE:0C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B200582AAB0611EFB7ECDB87762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.207.32.0/24
Signature Algorithm: sha256WithRSAEncryption
82:5e:af:31:06:9d:ab:3d:1c:2d:6b:8a:22:bb:ae:80:0d:59:
63:a4:2e:0a:ea:4c:a1:6f:44:50:d9:40:4c:50:33:35:2a:fd:
d3:54:a5:01:64:b6:b7:11:3b:61:0e:0a:7e:1b:cb:c6:cd:61:
5e:8f:64:e6:12:1d:ac:25:a2:a8:40:7a:b4:94:d8:23:5f:6a:
6a:f7:e7:0b:ce:4a:40:13:6b:74:3f:13:af:f6:45:cd:56:18:
da:c2:b1:2d:4a:45:14:c7:67:03:e8:b9:8a:17:57:ce:35:4f:
31:c8:8c:90:2d:40:86:48:f3:55:2a:13:12:01:00:3a:6c:2b:
ad:4f:ec:74:00:74:8b:43:fe:1f:94:47:80:bf:5d:f5:0c:1f:
47:64:f4:e5:33:12:8a:3f:f1:09:f9:f0:f9:1f:73:d7:b0:ef:
39:17:59:e3:63:cc:61:13:f8:a5:79:d3:05:3f:50:1d:d9:e3:
6c:ea:56:74:a1:de:42:4e:32:64:47:3e:0f:b0:d3:b0:a4:4e:
38:95:e2:48:fb:00:86:f6:3c:39:a0:25:5c:61:56:97:9e:9e:
f9:88:f7:8c:55:2a:90:ec:24:0a:de:a6:50:08:5a:72:2c:a2:
dc:e8:84:b4:d9:cf:85:ce:89:4e:0d:82:d4:e3:14:33:2a:d6:
21:37:a2:d1
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANpCMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTI1MDgyNDI4WhcNMjUwNTI4MDgyNDI4WjAYMRYw
FAYDVQQDEw02NzQ0MzQ0MC1lNmU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzP1vzSyU/piiLChAh3HjSxxKjTo+8qz4esuSZ0qJ/JU05b2aFIOZos3r
ig+Gj8taZzUsCc7J30IgciHSJyfwu5+8BmVPRNtPuzenyR+llj3glh15xub23M/z
eSTH0GRkGCh3hMPZY7gn8TUyUfE0qtbqqFWxlr3OZUiaiszOm9sBy4rvJILAKSnq
seDIwhd/ZeiNTJmXtsR4pQm7x7eyPEJzeszfEy50m3sxgRHGSqN8mtSF7fg+wOxw
YB7TnjaHdGuvs4kqOhkkHKdZlsjiWjHei7zdoyP8i0nrTY+9dez6UC+5eIXxabWw
TXXM2w3e+lEBL3Ju76VxueJcfTzfaQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGZ8
LbwUyylE0aFav3YXLkjWc74MMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CMjAwNTgyQUFCMDYxMUVGQjdFQ0RCODc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc8gMA0GCSqGSIb3DQEBCwUA
A4IBAQCCXq8xBp2rPRwta4oiu66ADVljpC4K6kyhb0RQ2UBMUDM1Kv3TVKUBZLa3
ETthDgp+G8vGzWFej2TmEh2sJaKoQHq0lNgjX2pq9+cLzkpAE2t0PxOv9kXNVhja
wrEtSkUUx2cD6LmKF1fONU8xyIyQLUCGSPNVKhMSAQA6bCutT+x0AHSLQ/4flEeA
v131DB9HZPTlMxKKP/EJ+fD5H3PXsO85F1njY8xhE/iledMFP1Ad2eNs6lZ0od5C
TjJkRz4PsNOwpE44leJI+wCG9jw5oCVcYVaXnp75iPeMVSqQ7CQK3qZQCFpyLKLc
6IS02c+FzolODYLU4xQzKtYhN6LR
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:52:41 2025 by rpki-client