Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C2982EEEC39B11EF9656F175762E951A.roa
File: C2982EEEC39B11EF9656F175762E951A.roa (raw, json)
Hash identifier: +k+ku0RGw1g00x/Jrdb1GLtRQmIEHxbYd8bDpusfSEQ=
Subject key identifier: F3:2E:B1:76:81:39:DA:9E:B4:C2:EA:A8:B1:D2:55:3D:7E:35:07:67
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: ED5F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C2982EEEC39B11EF9656F175762E951A.roa
Signing time: Thu 26 Dec 2024 15:12:02 +0000
ROA not before: Thu 26 Dec 2024 15:11:59 +0000
ROA not after: Fri 12 Dec 2025 15:11:59 +0000
asID: 984
IP address blocks: 45.199.128.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60767 (0xed5f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 15:11:59 2024 GMT
Not After : Dec 12 15:11:59 2025 GMT
Subject: CN=676d7242-a131
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ab:d6:9f:73:c5:41:cc:6b:54:6b:62:24:ab:
2f:0a:13:0b:e4:af:f8:2a:cd:c8:8a:5b:9a:4e:b1:
01:33:cd:bc:72:2a:5a:2a:7b:2b:83:fb:1f:9e:ec:
f9:30:56:1a:60:cb:28:3d:b8:e6:64:3c:7e:84:7b:
74:d0:0c:2f:66:de:3a:83:a0:19:90:02:38:8b:4f:
d3:fe:79:88:39:c3:56:96:6d:45:c7:0a:e5:94:7c:
f0:b7:c4:7c:7c:98:eb:a4:4a:47:b4:f2:9f:9d:4f:
67:d5:6b:dc:08:21:55:36:80:e9:20:12:d9:a1:d4:
17:72:76:a3:7e:06:c5:cb:99:2f:3b:50:29:cd:f8:
d1:ad:5b:65:2f:38:d9:c4:16:c5:47:0e:bd:5d:e7:
b2:71:a8:da:37:83:3c:3d:d4:99:c0:9d:19:4f:65:
cc:55:3c:93:48:b7:4d:44:fd:b2:fd:42:2a:8d:61:
34:81:b6:1c:fd:27:dd:59:f2:ed:e4:8b:38:03:b7:
1c:83:d5:2b:ca:20:24:d3:b7:dd:fe:9a:ef:ff:fa:
5b:f0:76:43:0c:8f:5f:78:47:5a:91:da:98:9a:3a:
72:12:80:36:ae:5b:99:fd:e9:67:32:dd:e5:6b:da:
c6:c8:29:86:5f:9c:0e:e0:c8:02:8e:ea:df:2b:65:
d1:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:2E:B1:76:81:39:DA:9E:B4:C2:EA:A8:B1:D2:55:3D:7E:35:07:67
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C2982EEEC39B11EF9656F175762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.199.128.0/24
Signature Algorithm: sha256WithRSAEncryption
18:7d:de:dd:98:ac:c1:b0:6b:86:ad:7d:f6:ce:35:5d:8c:fc:
de:a9:7e:94:87:3a:69:9a:18:7a:1e:2d:bd:b7:e7:0c:dd:2f:
97:07:fc:2a:95:c2:34:30:ee:4e:4c:28:5e:1b:a5:fc:d1:31:
a5:bc:ac:55:4e:08:d3:64:7e:ac:55:f4:a6:1c:a6:62:d9:4c:
86:87:a2:e7:95:b8:ca:61:5a:57:b4:f2:e8:71:55:a1:34:94:
a4:44:93:66:ed:b0:57:63:8f:27:85:74:8e:04:c9:12:cf:4e:
de:0e:c7:3a:a8:0b:51:15:9b:a0:3c:61:5d:da:f6:0e:31:b8:
94:bb:51:f6:8d:d2:4c:c0:64:37:c5:0c:41:d9:40:ba:be:b9:
51:b5:68:16:22:10:51:48:13:73:ee:a3:ee:44:87:3d:95:b6:
a8:93:30:80:5c:15:b5:17:a1:94:76:72:87:45:b1:a8:cb:12:
27:37:76:f5:ce:21:5d:e2:01:c1:5e:06:74:ec:b6:7b:50:f6:
9b:8b:a9:c9:31:31:c3:96:53:12:09:72:be:19:32:58:0d:45:
f2:b7:b6:37:91:71:21:ab:1f:40:4e:2d:c9:e2:44:24:cf:18:
e7:88:d0:0c:f5:b1:35:b1:e7:a6:d9:88:8a:60:a5:bf:ef:42:
49:e2:9d:d1
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO1fMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTUxMTU5WhcNMjUxMjEyMTUxMTU5WjAYMRYw
FAYDVQQDEw02NzZkNzI0Mi1hMTMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsqvWn3PFQcxrVGtiJKsvChML5K/4Ks3IiluaTrEBM828cipaKnsrg/sf
nuz5MFYaYMsoPbjmZDx+hHt00AwvZt46g6AZkAI4i0/T/nmIOcNWlm1FxwrllHzw
t8R8fJjrpEpHtPKfnU9n1WvcCCFVNoDpIBLZodQXcnajfgbFy5kvO1ApzfjRrVtl
LzjZxBbFRw69XeeycajaN4M8PdSZwJ0ZT2XMVTyTSLdNRP2y/UIqjWE0gbYc/Sfd
WfLt5Is4A7ccg9UryiAk07fd/prv//pb8HZDDI9feEdakdqYmjpyEoA2rluZ/eln
Mt3la9rGyCmGX5wO4MgCjurfK2XR1QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPMu
sXaBOdqetMLqqLHSVT1+NQdnMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DMjk4MkVFRUMzOUIxMUVGOTY1NkYxNzU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALceAMA0GCSqGSIb3DQEBCwUA
A4IBAQAYfd7dmKzBsGuGrX32zjVdjPzeqX6Uhzppmhh6Hi29t+cM3S+XB/wqlcI0
MO5OTCheG6X80TGlvKxVTgjTZH6sVfSmHKZi2UyGh6LnlbjKYVpXtPLocVWhNJSk
RJNm7bBXY48nhXSOBMkSz07eDsc6qAtRFZugPGFd2vYOMbiUu1H2jdJMwGQ3xQxB
2UC6vrlRtWgWIhBRSBNz7qPuRIc9lbaokzCAXBW1F6GUdnKHRbGoyxInN3b1ziFd
4gHBXgZ07LZ7UPabi6nJMTHDllMSCXK+GTJYDUXyt7Y3kXEhqx9ATi3J4kQkzxjn
iNAM9bE1seem2YiKYKW/70JJ4p3R
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:38:57 2025 by rpki-client