Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CE02B32CC3A911EF999FAA4E762E951A.roa
File: CE02B32CC3A911EF999FAA4E762E951A.roa (raw, json)
Hash identifier: Zz8J0CWQS+RUNxaVVvIR1joFTDsd2knmHVrHCAbW3BQ=
Subject key identifier: 3A:ED:D3:2C:C0:E2:DB:E5:DD:A5:9B:82:0A:E4:61:E9:ED:60:96:AD
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EDF5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CE02B32CC3A911EF999FAA4E762E951A.roa
Signing time: Thu 26 Dec 2024 16:52:34 +0000
ROA not before: Thu 26 Dec 2024 16:52:31 +0000
ROA not after: Sun 12 Dec 2027 16:52:31 +0000
asID: 17561
IP address blocks: 45.200.229.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60917 (0xedf5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 16:52:31 2024 GMT
Not After : Dec 12 16:52:31 2027 GMT
Subject: CN=676d89d2-301f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:87:c5:db:64:3b:21:fb:c2:41:f9:f1:37:0b:
fb:41:6d:61:fb:c0:c6:c7:fa:a7:bf:d5:99:0d:e5:
3f:df:92:1b:c0:fc:4a:83:d3:07:55:c8:73:4d:d9:
81:e9:ab:c5:1d:d4:af:e0:1a:2c:2e:a2:b9:55:1c:
37:4a:48:bb:99:69:1f:89:7f:bc:29:8e:21:e5:c7:
be:ee:30:ef:fb:cb:14:d6:52:13:15:ef:de:43:d0:
85:bd:bb:aa:70:d4:05:38:4a:3c:53:f6:a2:91:1f:
a0:44:37:04:50:ac:ed:09:d7:16:49:25:9d:ac:ba:
61:15:d4:2a:5e:c1:93:d2:c0:3f:f1:4c:ab:3a:12:
cd:7e:52:8a:18:cf:67:e8:75:e4:22:9e:96:ad:fe:
fb:8d:0f:14:d5:5f:ce:3d:51:1a:5d:41:69:5d:41:
75:18:4f:4c:cc:7b:53:2d:4f:44:51:a6:f0:9a:9e:
28:c9:6e:9a:e6:6e:f9:34:c9:7a:c0:4f:91:ff:1f:
02:60:1c:73:2d:13:4d:0a:c7:fd:fd:49:44:51:35:
e3:89:76:ea:c3:98:a4:39:fa:be:77:46:6d:e7:e6:
ad:a0:1d:1d:fc:45:d3:3a:fe:9b:b0:03:23:1a:e1:
bf:b9:48:d8:ba:f1:21:74:59:49:67:44:d1:06:88:
3a:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:ED:D3:2C:C0:E2:DB:E5:DD:A5:9B:82:0A:E4:61:E9:ED:60:96:AD
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CE02B32CC3A911EF999FAA4E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.200.229.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:d5:72:2a:cd:01:d6:82:d7:72:f7:f5:73:47:54:e5:4d:bf:
03:59:3c:2b:34:55:8b:db:e9:db:c2:eb:31:3f:f6:57:68:ec:
fa:3a:c2:cb:75:5f:f0:64:f4:5b:a0:44:aa:d2:b6:07:83:91:
8c:0e:d0:cd:31:e0:8c:57:b8:28:14:cc:10:1e:3d:a9:bf:af:
5b:d1:a0:65:a3:02:74:a1:84:43:a4:f4:a1:61:13:88:d5:b6:
e1:68:4a:98:42:ef:c7:f6:c8:20:1c:34:12:84:3c:e3:4a:f1:
a5:0a:8c:56:e3:15:ea:cd:04:e1:10:eb:07:37:29:be:d7:74:
c2:4c:1d:29:7d:65:3e:30:be:c8:57:43:a9:10:51:43:99:18:
c1:3b:b0:d4:66:ad:1d:06:46:27:53:16:fa:3c:31:11:76:cc:
c4:81:ab:b2:f2:c7:41:bb:fb:f8:9f:cb:51:15:a3:44:54:60:
c4:75:8b:71:3f:41:9e:0e:16:e9:92:20:1d:7d:48:19:93:79:
7e:3c:b8:cc:9a:2b:f6:01:68:5c:15:28:e5:e2:11:e0:04:b0:
15:ef:b4:18:17:00:92:b8:b3:4b:58:4f:63:23:20:9d:5b:7d:
32:0c:e9:2e:30:b5:23:72:02:43:d8:6a:ff:a9:06:9c:31:ab:
bb:65:14:9c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO31MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTY1MjMxWhcNMjcxMjEyMTY1MjMxWjAYMRYw
FAYDVQQDEw02NzZkODlkMi0zMDFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwYfF22Q7IfvCQfnxNwv7QW1h+8DGx/qnv9WZDeU/35IbwPxKg9MHVchz
TdmB6avFHdSv4BosLqK5VRw3Ski7mWkfiX+8KY4h5ce+7jDv+8sU1lITFe/eQ9CF
vbuqcNQFOEo8U/aikR+gRDcEUKztCdcWSSWdrLphFdQqXsGT0sA/8UyrOhLNflKK
GM9n6HXkIp6Wrf77jQ8U1V/OPVEaXUFpXUF1GE9MzHtTLU9EUabwmp4oyW6a5m75
NMl6wE+R/x8CYBxzLRNNCsf9/UlEUTXjiXbqw5ikOfq+d0Zt5+atoB0d/EXTOv6b
sAMjGuG/uUjYuvEhdFlJZ0TRBog6uQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDrt
0yzA4tvl3aWbggrkYentYJatMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DRTAyQjMyQ0MzQTkxMUVGOTk5RkFBNEU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcjlMA0GCSqGSIb3DQEBCwUA
A4IBAQBu1XIqzQHWgtdy9/VzR1TlTb8DWTwrNFWL2+nbwusxP/ZXaOz6OsLLdV/w
ZPRboESq0rYHg5GMDtDNMeCMV7goFMwQHj2pv69b0aBlowJ0oYRDpPShYROI1bbh
aEqYQu/H9sggHDQShDzjSvGlCoxW4xXqzQThEOsHNym+13TCTB0pfWU+ML7IV0Op
EFFDmRjBO7DUZq0dBkYnUxb6PDERdszEgauy8sdBu/v4n8tRFaNEVGDEdYtxP0Ge
DhbpkiAdfUgZk3l+PLjMmiv2AWhcFSjl4hHgBLAV77QYFwCSuLNLWE9jIyCdW30y
DOkuMLUjcgJD2Gr/qQacMau7ZRSc
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:58:18 2025 by rpki-client