Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C517F5A0BDBA11EFB9BE724F762E951A.roa
File: C517F5A0BDBA11EFB9BE724F762E951A.roa (raw, json)
Hash identifier: Z8HK0STwpZ4DE4JamFaptSxoRFXbVlUOUW316X8sIaU=
Subject key identifier: 48:8E:5D:BD:22:0F:80:38:FE:10:6A:12:77:6F:04:4E:F6:54:A1:24
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E52D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C517F5A0BDBA11EFB9BE724F762E951A.roa
Signing time: Thu 19 Dec 2024 03:38:54 +0000
ROA not before: Thu 19 Dec 2024 03:38:50 +0000
ROA not after: Wed 10 Dec 2025 03:38:50 +0000
asID: 984
IP address blocks: 45.204.252.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58669 (0xe52d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 19 03:38:50 2024 GMT
Not After : Dec 10 03:38:50 2025 GMT
Subject: CN=6763954e-91cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:9e:69:b0:dc:47:62:f4:90:ac:ae:6b:0f:ba:
13:c2:fd:b4:bb:e5:2d:30:75:fd:9a:44:db:0d:70:
26:6f:bc:f9:66:27:26:d1:b5:af:5b:49:81:9d:f5:
ff:a0:9d:0b:c3:81:6c:d9:79:b6:35:96:e1:81:d9:
6f:65:17:24:ef:8b:f0:24:c9:7b:ee:56:5b:66:6a:
4c:c5:d1:fd:6a:f3:99:20:df:b9:6c:d8:10:4d:d5:
41:69:e0:e1:9f:5d:ad:05:62:88:e6:4a:4d:b3:d3:
40:6c:00:9b:41:0c:bf:39:65:5d:25:26:e9:b4:91:
b7:12:cf:2f:15:34:f1:06:0a:fe:19:7f:ea:91:24:
1f:75:17:88:31:b6:76:9d:da:a6:92:f4:59:bf:f9:
bd:59:6c:ce:2a:b5:e6:2e:4c:7b:91:62:f2:9a:9d:
dc:7f:4a:b6:0c:2e:b2:17:c1:3b:c2:0c:5c:9c:41:
c5:20:98:ea:a0:80:78:ce:e8:62:45:0b:40:e5:98:
97:85:f6:2f:65:77:84:85:d1:33:16:b9:43:a6:57:
22:40:86:5c:5b:e7:9a:8f:5c:28:03:7c:94:57:1e:
53:2a:b0:40:bf:5f:69:14:7f:75:40:7a:5b:85:9f:
ea:2d:a9:b3:f6:36:fc:05:7d:2a:68:f6:ea:af:28:
98:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:8E:5D:BD:22:0F:80:38:FE:10:6A:12:77:6F:04:4E:F6:54:A1:24
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C517F5A0BDBA11EFB9BE724F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.204.252.0/24
Signature Algorithm: sha256WithRSAEncryption
02:5b:23:c2:8a:2d:4f:9f:47:b9:91:92:50:0a:4e:12:49:f2:
b9:8f:1e:51:5b:f8:7c:9e:b9:73:a3:d0:d0:50:1a:12:6d:43:
c3:7a:e8:60:25:eb:9a:e2:1b:65:e4:c2:5c:d3:6b:cc:5b:6b:
0a:14:4b:c7:40:6f:86:1a:6e:c4:43:ab:04:67:de:79:e5:e6:
c8:00:60:e3:3f:75:91:9b:0a:ca:da:f8:f1:3b:b2:53:06:00:
26:fd:02:62:f4:2c:57:df:14:48:6a:1d:db:f1:c8:6c:20:67:
ef:a1:37:e4:54:97:ba:88:27:bc:13:40:84:d2:49:8f:0c:58:
ff:bf:88:1e:44:c7:ce:21:5f:bd:fd:2d:6b:fc:22:de:66:1f:
67:60:62:9e:3d:9a:eb:3e:eb:a1:a5:09:28:e7:62:2f:bc:a8:
95:89:d9:61:3c:36:48:01:f8:45:4e:af:b8:99:e4:21:74:3a:
61:3a:22:50:14:0f:f9:ea:7e:85:1b:56:10:d6:c9:4e:fc:60:
ca:ee:fd:46:1d:86:9d:38:08:2f:ad:ec:b6:19:b9:f2:10:39:
6d:bd:e9:27:fe:c8:e0:e0:88:c3:bd:86:e9:62:5d:35:d0:ad:
87:94:10:36:f7:9b:36:25:32:de:4a:0b:12:59:e2:25:ff:0e:
a6:95:e1:5e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOUtMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjE5MDMzODUwWhcNMjUxMjEwMDMzODUwWjAYMRYw
FAYDVQQDEw02NzYzOTU0ZS05MWNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1Z5psNxHYvSQrK5rD7oTwv20u+UtMHX9mkTbDXAmb7z5Zicm0bWvW0mB
nfX/oJ0Lw4Fs2Xm2NZbhgdlvZRck74vwJMl77lZbZmpMxdH9avOZIN+5bNgQTdVB
aeDhn12tBWKI5kpNs9NAbACbQQy/OWVdJSbptJG3Es8vFTTxBgr+GX/qkSQfdReI
MbZ2ndqmkvRZv/m9WWzOKrXmLkx7kWLymp3cf0q2DC6yF8E7wgxcnEHFIJjqoIB4
zuhiRQtA5ZiXhfYvZXeEhdEzFrlDplciQIZcW+eaj1woA3yUVx5TKrBAv19pFH91
QHpbhZ/qLamz9jb8BX0qaPbqryiYHwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEiO
Xb0iD4A4/hBqEndvBE72VKEkMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DNTE3RjVBMEJEQkExMUVGQjlCRTcyNEY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcz8MA0GCSqGSIb3DQEBCwUA
A4IBAQACWyPCii1Pn0e5kZJQCk4SSfK5jx5RW/h8nrlzo9DQUBoSbUPDeuhgJeua
4htl5MJc02vMW2sKFEvHQG+GGm7EQ6sEZ9555ebIAGDjP3WRmwrK2vjxO7JTBgAm
/QJi9CxX3xRIah3b8chsIGfvoTfkVJe6iCe8E0CE0kmPDFj/v4geRMfOIV+9/S1r
/CLeZh9nYGKePZrrPuuhpQko52IvvKiVidlhPDZIAfhFTq+4meQhdDphOiJQFA/5
6n6FG1YQ1slO/GDK7v1GHYadOAgvrey2GbnyEDltvekn/sjg4IjDvYbpYl010K2H
lBA295s2JTLeSgsSWeIl/w6mleFe
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:39:07 2025 by rpki-client