Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B9A48C0CC3B811EF9FEE8BAB762E951A.roa
File: B9A48C0CC3B811EF9FEE8BAB762E951A.roa (raw, json)
Hash identifier: nRIRU3t/cU0HOJgmlP97ues08mAuVw2SrJkkUtmalBc=
Subject key identifier: 51:B9:DF:8C:0A:99:DF:4F:A6:C4:D2:FF:E9:C6:B2:B1:89:E9:6C:04
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EE91
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B9A48C0CC3B811EF9FEE8BAB762E951A.roa
Signing time: Thu 26 Dec 2024 18:39:23 +0000
ROA not before: Thu 26 Dec 2024 18:39:19 +0000
ROA not after: Sun 12 Dec 2027 18:39:19 +0000
asID: 17561
IP address blocks: 45.207.137.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61073 (0xee91)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 18:39:19 2024 GMT
Not After : Dec 12 18:39:19 2027 GMT
Subject: CN=676da2db-d92f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:52:21:6a:0d:2e:c6:fd:77:45:77:07:90:ce:
bb:4c:91:e5:da:e7:53:fe:94:78:de:ef:36:af:48:
ec:62:bc:f7:11:a2:47:71:ba:f0:bf:3a:57:29:ac:
ca:41:ce:90:a8:75:49:d2:f2:ce:b4:45:05:77:63:
1a:68:fd:a6:9a:97:4c:05:c1:ac:4a:d9:0d:b6:94:
e2:9a:15:ad:d1:1a:d2:12:e1:7a:89:70:61:d1:9d:
20:7b:a0:91:64:49:36:6e:66:93:5b:fc:ff:9e:29:
9b:91:8e:58:8a:86:3c:d5:e9:78:c3:30:03:39:7a:
63:24:7f:3a:2e:b2:92:03:7c:23:92:b2:45:c9:98:
b3:4a:85:50:8a:df:18:ef:fc:86:75:fe:45:93:81:
d0:62:41:cd:c6:54:91:c1:7b:68:d6:20:19:3b:c9:
e4:1a:09:9a:ad:c9:60:36:a2:b3:ab:b1:9b:83:6d:
23:81:95:25:fc:7d:25:63:70:d0:bc:7c:d5:c1:6a:
15:f4:d5:61:09:2d:ca:44:50:57:45:f0:3d:cd:f5:
35:7a:78:7a:22:6c:d2:3f:87:54:81:b1:61:ec:bc:
c8:80:ac:84:1a:76:6a:7c:54:fb:ce:6f:6c:6b:88:
39:56:c3:49:87:1a:4b:58:9b:9f:34:1e:02:dc:1e:
f6:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:B9:DF:8C:0A:99:DF:4F:A6:C4:D2:FF:E9:C6:B2:B1:89:E9:6C:04
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B9A48C0CC3B811EF9FEE8BAB762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.207.137.0/24
Signature Algorithm: sha256WithRSAEncryption
36:91:90:5e:51:71:d4:8c:fe:73:ae:ef:14:bb:96:8c:60:bd:
bb:f4:d9:d9:9e:b5:bd:ce:b3:a6:f9:e9:aa:cd:f5:c5:99:da:
e2:9e:ca:ea:81:9d:f4:f7:ce:d4:e0:d5:02:54:15:d6:39:4a:
7d:3c:74:f6:69:d4:65:ca:ac:7a:98:94:d5:92:22:3f:d5:cf:
8d:d5:2f:4e:4a:0e:ea:a4:55:ff:52:ab:76:bc:42:b3:b7:b2:
6a:c5:d0:a0:5c:3f:76:94:72:64:fb:70:b8:44:c9:57:1a:d1:
e3:50:d7:3a:57:c2:ca:a0:30:b4:2e:0c:31:25:72:b4:a1:fa:
20:fe:e8:fc:ba:03:25:28:2d:1c:fd:ef:18:fb:ef:c4:82:5a:
c4:90:85:06:6d:1f:67:eb:84:1e:9f:ab:a7:5b:68:00:3e:f7:
54:2b:48:09:53:54:17:6b:7e:41:e6:0e:ff:1a:a1:8d:60:63:
aa:b1:f5:6a:16:5f:c5:00:36:4c:d0:18:c3:64:2d:84:1c:c8:
85:38:4f:61:3c:3a:1a:23:70:da:8e:af:0a:b7:9c:60:3d:01:
e5:95:b7:0c:33:03:f5:a5:2e:67:d7:a4:57:8a:dd:9d:f3:ac:
01:1c:e8:2f:12:d2:7f:2b:b6:3c:44:5c:94:3b:1d:9f:ce:5b:
a6:44:bf:06
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO6RMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTgzOTE5WhcNMjcxMjEyMTgzOTE5WjAYMRYw
FAYDVQQDEw02NzZkYTJkYi1kOTJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAx1Ihag0uxv13RXcHkM67TJHl2udT/pR43u82r0jsYrz3EaJHcbrwvzpX
KazKQc6QqHVJ0vLOtEUFd2MaaP2mmpdMBcGsStkNtpTimhWt0RrSEuF6iXBh0Z0g
e6CRZEk2bmaTW/z/nimbkY5YioY81el4wzADOXpjJH86LrKSA3wjkrJFyZizSoVQ
it8Y7/yGdf5Fk4HQYkHNxlSRwXto1iAZO8nkGgmarclgNqKzq7Gbg20jgZUl/H0l
Y3DQvHzVwWoV9NVhCS3KRFBXRfA9zfU1enh6ImzSP4dUgbFh7LzIgKyEGnZqfFT7
zm9sa4g5VsNJhxpLWJufNB4C3B72PwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFG5
34wKmd9PpsTS/+nGsrGJ6WwEMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9COUE0OEMwQ0MzQjgxMUVGOUZFRThCQUI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc+JMA0GCSqGSIb3DQEBCwUA
A4IBAQA2kZBeUXHUjP5zru8Uu5aMYL279NnZnrW9zrOm+emqzfXFmdrinsrqgZ30
987U4NUCVBXWOUp9PHT2adRlyqx6mJTVkiI/1c+N1S9OSg7qpFX/Uqt2vEKzt7Jq
xdCgXD92lHJk+3C4RMlXGtHjUNc6V8LKoDC0LgwxJXK0ofog/uj8ugMlKC0c/e8Y
++/EglrEkIUGbR9n64Qen6unW2gAPvdUK0gJU1QXa35B5g7/GqGNYGOqsfVqFl/F
ADZM0BjDZC2EHMiFOE9hPDoaI3Dajq8Kt5xgPQHllbcMMwP1pS5n16RXit2d86wB
HOgvEtJ/K7Y8RFyUOx2fzlumRL8G
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:49:47 2025 by rpki-client