Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C55E85AEC3B611EF9488B09F762E951A.roa
File: C55E85AEC3B611EF9488B09F762E951A.roa (raw, json)
Hash identifier: bOeDEofp5NaVYMLiOIdT2gCrOoLCLBX6lCtdNBP1XuI=
Subject key identifier: B0:96:7A:98:4B:E2:2A:9C:8A:36:A4:43:33:4D:FF:27:D0:DA:20:E5
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EE7D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C55E85AEC3B611EF9488B09F762E951A.roa
Signing time: Thu 26 Dec 2024 18:25:23 +0000
ROA not before: Thu 26 Dec 2024 18:25:20 +0000
ROA not after: Fri 12 Dec 2025 18:25:20 +0000
asID: 984
IP address blocks: 45.207.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61053 (0xee7d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 18:25:20 2024 GMT
Not After : Dec 12 18:25:20 2025 GMT
Subject: CN=676d9f93-3dc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:6d:b0:12:b4:e1:e2:11:7c:b9:ca:be:5a:75:
cb:2e:6f:02:cb:3f:3a:58:c6:ad:1e:3c:19:e2:d7:
14:99:82:e8:2e:dc:79:80:88:44:f6:e0:b5:dd:df:
1c:15:0a:b1:8b:07:61:e0:94:41:a4:7c:a6:77:a1:
4c:d1:78:57:af:1f:54:e3:3e:00:8d:9b:6f:e8:e9:
01:d9:3b:8e:6a:2c:f7:a0:1c:0c:c7:a6:ed:0c:84:
6b:86:da:13:b7:8a:e0:a0:d7:50:e5:5c:c6:39:a0:
a7:4d:0f:d1:12:7a:14:cc:17:a7:f6:70:a4:ee:ed:
59:dd:91:0f:ba:ce:01:b5:67:8c:3d:e9:a9:3f:11:
81:f3:3e:c8:4d:4c:ae:02:60:b2:73:fe:1f:72:fb:
c8:e6:d5:51:60:10:ea:cc:75:16:6c:d4:52:56:d0:
d6:f6:f1:2a:ab:6c:14:80:5d:23:33:25:7e:ee:c0:
35:fe:f0:97:f9:72:b8:3c:79:4a:6e:d4:d8:73:5b:
fb:72:0c:c6:2e:35:6e:45:ac:83:d8:3a:95:7e:60:
9d:4f:50:2b:ca:8b:1a:4a:7c:71:ca:95:5b:8e:0b:
0c:fc:e0:fb:0d:cf:19:a7:ef:bb:e1:80:f6:84:94:
c3:ba:19:3e:a3:40:b8:dd:d8:18:66:49:65:91:38:
c6:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:96:7A:98:4B:E2:2A:9C:8A:36:A4:43:33:4D:FF:27:D0:DA:20:E5
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C55E85AEC3B611EF9488B09F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.207.60.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:cb:69:2e:7e:fa:fa:0e:ff:7b:21:f3:4e:35:cf:97:d7:1e:
ae:7e:53:fe:f4:35:44:48:80:d6:a1:2a:1b:32:e2:ea:4d:3b:
28:15:01:88:3d:25:ae:b0:85:57:4b:5a:d8:99:0e:67:92:d8:
53:36:d7:dc:f4:f9:f4:ed:c6:a0:50:3e:ef:4d:50:76:5f:70:
b8:4e:73:b1:4c:24:39:9a:f9:07:5b:77:f7:87:18:e5:5e:a4:
b6:2a:33:66:fb:bc:06:2d:d3:95:a1:61:2d:34:db:dc:7b:49:
02:97:92:39:6d:07:0d:ae:b8:df:9d:07:b0:0e:44:70:fe:b6:
69:ae:dd:fa:b9:63:11:87:fc:5d:bd:8b:b6:d3:21:80:7d:70:
25:c6:1c:29:7c:d8:4f:f7:20:9a:7d:b4:19:eb:2d:03:a1:a4:
87:b8:78:f4:aa:9b:16:44:1a:82:4f:9a:ad:6e:3d:2d:ed:7f:
34:81:69:1d:60:d0:37:64:e1:dc:94:e3:b0:5f:5e:ef:07:79:
91:b8:0b:a1:b4:e9:03:c4:db:7e:ea:77:4b:a3:31:50:5d:aa:
9d:ec:32:6c:ac:e3:58:b2:ab:d4:94:a3:7f:43:75:b5:13:79:
1c:ae:ac:6b:4d:01:91:16:03:bd:e0:1b:86:0d:38:1a:0d:2d:
f6:67:ee:4f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO59MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTgyNTIwWhcNMjUxMjEyMTgyNTIwWjAYMRYw
FAYDVQQDEw02NzZkOWY5My0zZGMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4W2wErTh4hF8ucq+WnXLLm8Cyz86WMatHjwZ4tcUmYLoLtx5gIhE9uC1
3d8cFQqxiwdh4JRBpHymd6FM0XhXrx9U4z4AjZtv6OkB2TuOaiz3oBwMx6btDIRr
htoTt4rgoNdQ5VzGOaCnTQ/REnoUzBen9nCk7u1Z3ZEPus4BtWeMPempPxGB8z7I
TUyuAmCyc/4fcvvI5tVRYBDqzHUWbNRSVtDW9vEqq2wUgF0jMyV+7sA1/vCX+XK4
PHlKbtTYc1v7cgzGLjVuRayD2DqVfmCdT1AryosaSnxxypVbjgsM/OD7Dc8Zp++7
4YD2hJTDuhk+o0C43dgYZkllkTjGzQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLCW
ephL4iqcijakQzNN/yfQ2iDlMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DNTVFODVBRUMzQjYxMUVGOTQ4OEIwOUY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc88MA0GCSqGSIb3DQEBCwUA
A4IBAQA8y2kufvr6Dv97IfNONc+X1x6uflP+9DVESIDWoSobMuLqTTsoFQGIPSWu
sIVXS1rYmQ5nkthTNtfc9Pn07cagUD7vTVB2X3C4TnOxTCQ5mvkHW3f3hxjlXqS2
KjNm+7wGLdOVoWEtNNvce0kCl5I5bQcNrrjfnQewDkRw/rZprt36uWMRh/xdvYu2
0yGAfXAlxhwpfNhP9yCafbQZ6y0DoaSHuHj0qpsWRBqCT5qtbj0t7X80gWkdYNA3
ZOHclOOwX17vB3mRuAuhtOkDxNt+6ndLozFQXaqd7DJsrONYsqvUlKN/Q3W1E3kc
rqxrTQGRFgO94BuGDTgaDS32Z+5P
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:45:02 2025 by rpki-client