Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CB2D9F32C3A311EF90BE0EA7762E951A.roa
File: CB2D9F32C3A311EF90BE0EA7762E951A.roa (raw, json)
Hash identifier: L07JMxLkfINYyUE+taX3yMixJ6IYK26pvdt8ftPYAdQ=
Subject key identifier: 53:F6:5A:6F:1F:91:E0:BF:30:69:0F:EA:AC:29:1C:D7:A0:D6:09:B8
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EDB5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CB2D9F32C3A311EF90BE0EA7762E951A.roa
Signing time: Thu 26 Dec 2024 16:09:33 +0000
ROA not before: Thu 26 Dec 2024 16:09:29 +0000
ROA not after: Sun 12 Dec 2027 16:09:29 +0000
asID: 17561
IP address blocks: 45.200.197.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60853 (0xedb5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 16:09:29 2024 GMT
Not After : Dec 12 16:09:29 2027 GMT
Subject: CN=676d7fbd-33d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:7f:44:78:af:99:a8:d8:b8:41:d1:96:ed:54:
12:f2:28:87:77:8d:61:83:c1:d7:fc:1c:dc:71:fe:
6d:7c:42:e0:cd:e9:e8:db:d3:05:ef:90:22:a6:4e:
9a:c6:d6:74:82:19:a1:a0:77:4a:a8:99:37:2c:a9:
b3:5b:4d:fb:84:1e:73:fb:45:2d:08:1c:c9:eb:91:
d8:ad:b8:39:dd:42:fb:58:d5:bc:d5:be:db:9c:7d:
26:84:48:f5:28:27:c1:f6:e5:79:a6:37:bd:49:0b:
9d:b7:b7:8b:f9:79:bb:a8:f4:8e:6c:7f:10:7b:0c:
f5:1b:39:83:6e:d7:19:76:31:3d:ca:aa:f1:10:15:
55:85:93:b8:1b:77:b9:09:2e:8e:01:85:37:ca:fa:
3e:4b:0d:e4:30:1f:6b:45:21:60:87:b3:23:f5:21:
d4:69:53:ce:82:d5:aa:44:12:f3:c5:7d:bb:df:59:
67:63:2c:b7:75:c0:55:88:0e:21:7c:12:91:e6:54:
4b:2c:62:6f:73:3e:db:ba:fe:ae:40:62:40:5f:dd:
f0:af:fd:07:04:31:2b:0b:58:e9:cc:9f:f2:35:3f:
bf:79:44:69:56:9e:82:ce:d5:6f:4e:dd:e5:4e:50:
fa:5a:44:84:38:51:41:ca:15:3a:5e:38:e2:7f:ef:
b3:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:F6:5A:6F:1F:91:E0:BF:30:69:0F:EA:AC:29:1C:D7:A0:D6:09:B8
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CB2D9F32C3A311EF90BE0EA7762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.200.197.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:e7:07:e3:48:a5:f8:3c:78:ce:26:93:ca:3f:09:25:f0:96:
43:94:a4:ef:cb:2e:84:68:5a:15:50:c0:bf:dc:f7:bb:64:52:
86:45:24:87:4f:d4:47:b4:87:26:43:8a:49:04:60:23:7d:a0:
04:4f:ea:42:ca:3a:60:d0:da:b0:be:f9:2d:d4:8b:e6:09:0a:
b2:87:d0:c4:4a:6a:78:f0:6f:e8:ee:70:ef:c4:fa:fe:b0:30:
a6:52:7b:35:21:85:08:f4:79:e5:57:21:d6:91:a6:15:dc:16:
b7:7a:2f:21:ef:11:92:42:99:07:f9:d8:62:7d:86:33:80:6b:
5a:61:35:06:a4:3d:fe:06:7b:0c:65:59:ca:ed:c8:6f:1a:7f:
55:ff:60:26:fb:d3:ac:f3:e5:88:da:12:b8:2b:6f:82:86:93:
fe:bb:39:64:e0:d0:c2:b9:a4:9d:2f:31:c0:cf:32:32:4a:93:
4f:04:a9:b5:93:25:5b:40:19:61:91:f1:db:9c:82:bd:56:60:
ed:f9:45:85:bf:32:8c:86:cc:7d:16:c0:87:b0:54:13:ac:af:
15:d1:f0:8c:48:ca:75:be:93:b3:79:56:fe:55:b6:e9:d1:1e:
55:f0:55:93:74:58:9f:1e:2c:6f:da:f6:c4:c3:4f:38:f7:c5:
78:5c:c2:8f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO21MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTYwOTI5WhcNMjcxMjEyMTYwOTI5WjAYMRYw
FAYDVQQDEw02NzZkN2ZiZC0zM2Q2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4n9EeK+ZqNi4QdGW7VQS8iiHd41hg8HX/Bzccf5tfELgzeno29MF75Ai
pk6axtZ0ghmhoHdKqJk3LKmzW037hB5z+0UtCBzJ65HYrbg53UL7WNW81b7bnH0m
hEj1KCfB9uV5pje9SQudt7eL+Xm7qPSObH8Qewz1GzmDbtcZdjE9yqrxEBVVhZO4
G3e5CS6OAYU3yvo+Sw3kMB9rRSFgh7Mj9SHUaVPOgtWqRBLzxX2731lnYyy3dcBV
iA4hfBKR5lRLLGJvcz7buv6uQGJAX93wr/0HBDErC1jpzJ/yNT+/eURpVp6CztVv
Tt3lTlD6WkSEOFFByhU6Xjjif++zfQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFP2
Wm8fkeC/MGkP6qwpHNeg1gm4MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DQjJEOUYzMkMzQTMxMUVGOTBCRTBFQTc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcjFMA0GCSqGSIb3DQEBCwUA
A4IBAQCp5wfjSKX4PHjOJpPKPwkl8JZDlKTvyy6EaFoVUMC/3Pe7ZFKGRSSHT9RH
tIcmQ4pJBGAjfaAET+pCyjpg0Nqwvvkt1IvmCQqyh9DESmp48G/o7nDvxPr+sDCm
Uns1IYUI9HnlVyHWkaYV3Ba3ei8h7xGSQpkH+dhifYYzgGtaYTUGpD3+BnsMZVnK
7chvGn9V/2Am+9Os8+WI2hK4K2+ChpP+uzlk4NDCuaSdLzHAzzIySpNPBKm1kyVb
QBlhkfHbnIK9VmDt+UWFvzKMhsx9FsCHsFQTrK8V0fCMSMp1vpOzeVb+Vbbp0R5V
8FWTdFifHixv2vbEw08498V4XMKP
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:56:01 2025 by rpki-client