Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C2832E10D0B911EF9A38C956762E951A.roa
File: C2832E10D0B911EF9A38C956762E951A.roa (raw, json)
Hash identifier: i3zywCwY+O05LfHAH+jVSd8gruBRlQQNqO+a6nie5XY=
Subject key identifier: 89:C3:3E:6D:87:E2:B4:30:37:8C:66:29:0E:38:90:F2:E0:58:14:F9
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01061F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C2832E10D0B911EF9A38C956762E951A.roa
Signing time: Sun 12 Jan 2025 07:49:32 +0000
ROA not before: Sun 12 Jan 2025 07:49:29 +0000
ROA not after: Mon 17 Feb 2025 07:49:29 +0000
asID: 6079
IP address blocks: 45.202.68.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67103 (0x1061f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 12 07:49:29 2025 GMT
Not After : Feb 17 07:49:29 2025 GMT
Subject: CN=6783740c-2caa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:00:44:47:75:2f:fb:5e:07:19:cc:19:92:52:
c6:ca:96:90:ce:82:37:e3:67:f1:b4:67:85:b8:0c:
98:bf:be:86:66:cc:20:12:23:2f:93:a2:08:56:5b:
9d:8c:7e:53:a8:bd:47:a7:32:1c:33:cf:a1:50:cb:
40:c8:a1:f8:12:9d:dd:b0:48:77:16:66:61:d4:de:
29:e2:10:26:e2:7a:61:25:2f:03:53:0e:13:de:60:
33:41:5a:df:8e:31:23:bf:94:02:d8:66:1b:22:0a:
88:42:7a:fc:4d:5a:a3:9d:a8:c6:b1:67:53:66:c7:
60:c2:4d:9e:94:99:5a:02:bd:45:70:3a:c4:df:0f:
6e:e7:de:48:e1:dc:5c:54:8e:9e:58:82:d5:90:35:
7b:41:ad:53:0f:ae:e7:87:47:7f:59:87:1d:02:a6:
25:a6:63:26:ba:e3:94:34:a9:02:a3:27:4e:e7:10:
bc:49:6b:41:32:68:8a:9f:ac:09:b1:96:9e:60:27:
3c:f7:80:ee:b5:1b:c9:2c:8e:d4:da:3b:7d:6f:28:
40:ce:d4:17:ad:4f:97:ae:82:4b:de:b3:78:e4:7a:
11:54:2c:fe:42:89:1d:ba:00:a7:50:4e:6f:5e:7c:
b3:16:b1:0d:85:3d:ec:ac:61:48:ee:f5:44:fb:47:
44:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:C3:3E:6D:87:E2:B4:30:37:8C:66:29:0E:38:90:F2:E0:58:14:F9
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C2832E10D0B911EF9A38C956762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.202.68.0/24
Signature Algorithm: sha256WithRSAEncryption
03:f5:b8:0e:4a:c2:30:b2:86:79:3f:cf:d6:09:ab:0f:e7:02:
0f:bf:26:c8:b4:69:25:c7:21:05:32:b4:3d:3f:b9:48:34:2d:
c8:6c:9a:eb:ea:ea:23:5a:4c:d2:29:68:fb:c7:2f:41:14:89:
5e:32:25:67:20:c9:05:a6:e9:b2:16:25:8a:16:d8:73:f5:12:
b6:16:0f:d9:d4:6e:ae:72:81:c7:79:0a:91:c7:c1:1e:b4:e4:
16:c9:3d:9d:ef:52:17:f7:5e:8b:26:5a:e4:a9:d0:f7:53:c2:
dd:e1:43:52:e1:34:bd:09:ed:ad:a0:aa:95:32:bf:63:f0:67:
5d:1a:38:ec:39:58:1d:f5:5e:53:7e:35:0b:ef:4f:36:7e:59:
9e:7d:c8:a6:ca:15:a1:53:67:d2:99:5d:13:41:ec:50:f7:91:
00:0c:ce:e6:ba:67:8d:18:e9:59:d8:a8:fa:05:d2:db:74:d8:
0e:f1:11:6b:fd:29:73:85:b3:a8:f7:72:17:1d:1c:b7:d4:4b:
a7:50:c9:33:42:b0:e0:67:47:44:4a:e7:be:7a:71:b4:81:bb:
19:f2:ff:9e:84:b9:ce:b3:99:e9:66:e7:24:05:8c:7f:ce:0c:
fa:90:1c:d6:3e:23:88:a0:87:85:ce:65:9f:05:6c:e5:64:d8:
ca:0f:a1:c3
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQYfMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTEyMDc0OTI5WhcNMjUwMjE3MDc0OTI5WjAYMRYw
FAYDVQQDEw02NzgzNzQwYy0yY2FhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzABER3Uv+14HGcwZklLGypaQzoI342fxtGeFuAyYv76GZswgEiMvk6II
VludjH5TqL1HpzIcM8+hUMtAyKH4Ep3dsEh3FmZh1N4p4hAm4nphJS8DUw4T3mAz
QVrfjjEjv5QC2GYbIgqIQnr8TVqjnajGsWdTZsdgwk2elJlaAr1FcDrE3w9u595I
4dxcVI6eWILVkDV7Qa1TD67nh0d/WYcdAqYlpmMmuuOUNKkCoydO5xC8SWtBMmiK
n6wJsZaeYCc894DutRvJLI7U2jt9byhAztQXrU+XroJL3rN45HoRVCz+QokdugCn
UE5vXnyzFrENhT3srGFI7vVE+0dECQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFInD
Pm2H4rQwN4xmKQ44kPLgWBT5MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DMjgzMkUxMEQwQjkxMUVGOUEzOEM5NTY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcpEMA0GCSqGSIb3DQEBCwUA
A4IBAQAD9bgOSsIwsoZ5P8/WCasP5wIPvybItGklxyEFMrQ9P7lINC3IbJrr6uoj
WkzSKWj7xy9BFIleMiVnIMkFpumyFiWKFthz9RK2Fg/Z1G6ucoHHeQqRx8EetOQW
yT2d71IX916LJlrkqdD3U8Ld4UNS4TS9Ce2toKqVMr9j8GddGjjsOVgd9V5TfjUL
7082flmefcimyhWhU2fSmV0TQexQ95EADM7mumeNGOlZ2Kj6BdLbdNgO8RFr/Slz
hbOo93IXHRy31EunUMkzQrDgZ0dESue+enG0gbsZ8v+ehLnOs5npZuckBYx/zgz6
kBzWPiOIoIeFzmWfBWzlZNjKD6HD
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:38:40 2025 by rpki-client