Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B2AD9C04C3B311EF84DC758C762E951A.roa
File: B2AD9C04C3B311EF84DC758C762E951A.roa (raw, json)
Hash identifier: ooU/xh5UQPGkwYa9PCclbJYvvzzqZl3qcKg7uE5weiE=
Subject key identifier: 3A:7F:EF:85:F4:74:E1:AB:64:7A:D1:58:A8:1B:3F:59:79:81:4D:DA
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EE5D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B2AD9C04C3B311EF84DC758C762E951A.roa
Signing time: Thu 26 Dec 2024 18:03:24 +0000
ROA not before: Thu 26 Dec 2024 18:03:20 +0000
ROA not after: Sun 12 Dec 2027 18:03:20 +0000
asID: 17561
IP address blocks: 45.204.73.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61021 (0xee5d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 18:03:20 2024 GMT
Not After : Dec 12 18:03:20 2027 GMT
Subject: CN=676d9a6c-deb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:9c:19:ca:8d:5d:20:d2:ae:e7:97:09:83:0c:
cc:31:7e:57:8b:be:17:9e:b4:dd:df:2d:f4:05:e1:
f0:11:1b:c5:95:ed:38:a6:a3:ca:86:2b:95:cb:54:
bd:48:ee:ca:08:d9:94:b4:e2:31:a9:00:f6:85:10:
e1:94:3a:90:e6:0b:7d:e9:ea:d7:3a:10:77:99:55:
65:60:29:0f:aa:39:5c:45:ac:b8:7b:a0:95:3f:11:
d7:c7:87:0a:69:fb:cd:04:29:17:1e:69:a8:53:e1:
2b:5f:27:c6:14:6d:4a:d1:57:cc:be:8b:98:ce:c6:
02:ce:20:ee:a4:61:57:8b:0c:ef:26:7c:3e:79:54:
45:5e:45:b0:01:03:3b:0a:05:b9:ba:5e:a3:b4:15:
12:25:d4:02:db:78:b8:77:f9:c2:80:84:7d:ac:b9:
28:17:94:d7:39:1b:05:32:a1:62:d2:08:f3:ae:5c:
29:56:45:4d:cf:75:b2:f1:e5:93:76:21:a2:18:0c:
93:f2:0e:9e:52:51:89:01:39:6d:ea:7f:f2:da:5e:
ce:2a:24:4a:e1:26:ed:2a:fb:ac:93:f0:05:03:73:
e0:ac:17:ae:1c:b3:3d:bc:1f:a9:5e:5f:bc:ae:7f:
6e:91:b5:01:1d:6c:20:27:43:77:9f:a2:4b:45:02:
2d:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:7F:EF:85:F4:74:E1:AB:64:7A:D1:58:A8:1B:3F:59:79:81:4D:DA
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B2AD9C04C3B311EF84DC758C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.204.73.0/24
Signature Algorithm: sha256WithRSAEncryption
02:80:d0:b7:b3:46:bb:36:93:a7:a3:99:90:fe:1b:57:7a:37:
ce:23:7a:09:f3:0c:a2:31:6f:b9:33:98:45:a7:e7:1c:c7:74:
d8:40:13:10:0b:e5:46:4b:c4:5c:80:61:cd:60:d3:10:9d:83:
43:92:db:f3:6c:b0:2d:0a:27:84:4b:66:c8:f2:83:27:d0:0a:
a0:7c:76:e5:da:c7:69:41:ad:0d:7e:14:d4:b5:77:d1:d4:7c:
6e:71:36:da:d9:3d:07:d7:a6:e8:25:b1:36:a9:2d:7d:c1:20:
9d:fe:7c:96:85:30:df:0a:48:bd:39:3e:fa:df:98:12:9d:0c:
4b:3f:2b:af:55:95:fd:35:bc:05:04:88:b1:9d:49:8b:34:3c:
9b:dd:fb:2c:6b:e3:96:ca:28:97:12:32:5f:84:c2:62:6d:47:
1f:49:c8:82:e4:bf:cb:9a:2c:fa:37:c7:dc:07:86:08:c7:0e:
2b:03:2d:38:cf:2a:e2:eb:c1:d1:91:40:9f:20:1c:ee:ae:40:
f7:e1:91:06:79:3c:25:52:d1:48:d2:91:c4:3e:8b:37:d6:93:
89:e0:1e:27:c8:3d:c4:b5:66:ee:95:0a:5f:5b:06:7d:7f:24:
83:3d:0e:04:a1:65:53:77:ee:c5:62:6b:d6:af:0b:0d:05:cc:
0a:fe:00:dd
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO5dMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTgwMzIwWhcNMjcxMjEyMTgwMzIwWjAYMRYw
FAYDVQQDEw02NzZkOWE2Yy1kZWI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArpwZyo1dINKu55cJgwzMMX5Xi74XnrTd3y30BeHwERvFle04pqPKhiuV
y1S9SO7KCNmUtOIxqQD2hRDhlDqQ5gt96erXOhB3mVVlYCkPqjlcRay4e6CVPxHX
x4cKafvNBCkXHmmoU+ErXyfGFG1K0VfMvouYzsYCziDupGFXiwzvJnw+eVRFXkWw
AQM7CgW5ul6jtBUSJdQC23i4d/nCgIR9rLkoF5TXORsFMqFi0gjzrlwpVkVNz3Wy
8eWTdiGiGAyT8g6eUlGJATlt6n/y2l7OKiRK4SbtKvusk/AFA3PgrBeuHLM9vB+p
Xl+8rn9ukbUBHWwgJ0N3n6JLRQItvQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDp/
74X0dOGrZHrRWKgbP1l5gU3aMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CMkFEOUMwNEMzQjMxMUVGODREQzc1OEM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcxJMA0GCSqGSIb3DQEBCwUA
A4IBAQACgNC3s0a7NpOno5mQ/htXejfOI3oJ8wyiMW+5M5hFp+ccx3TYQBMQC+VG
S8RcgGHNYNMQnYNDktvzbLAtCieES2bI8oMn0AqgfHbl2sdpQa0NfhTUtXfR1Hxu
cTba2T0H16boJbE2qS19wSCd/nyWhTDfCki9OT7635gSnQxLPyuvVZX9NbwFBIix
nUmLNDyb3fssa+OWyiiXEjJfhMJibUcfSciC5L/Lmiz6N8fcB4YIxw4rAy04zyri
68HRkUCfIBzurkD34ZEGeTwlUtFI0pHEPos31pOJ4B4nyD3EtWbulQpfWwZ9fySD
PQ4EoWVTd+7FYmvWrwsNBcwK/gDd
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:37:23 2025 by rpki-client