Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CE909136C3A611EFB03361BB762E951A.roa
File: CE909136C3A611EFB03361BB762E951A.roa (raw, json)
Hash identifier: piiZ2A0menGAVkbe1jJ0kzMETQK03yKVHfiD2EsBe3E=
Subject key identifier: 6E:FA:2B:E0:DE:BE:27:6A:97:E4:05:9A:D4:E6:1D:46:CB:9E:70:8C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EDD5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CE909136C3A611EFB03361BB762E951A.roa
Signing time: Thu 26 Dec 2024 16:31:07 +0000
ROA not before: Thu 26 Dec 2024 16:31:03 +0000
ROA not after: Sun 12 Dec 2027 16:31:03 +0000
asID: 17561
IP address blocks: 45.200.213.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60885 (0xedd5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 16:31:03 2024 GMT
Not After : Dec 12 16:31:03 2027 GMT
Subject: CN=676d84cb-c8e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:9c:84:fa:48:8a:cf:36:b7:f6:c0:ed:e8:52:
00:ef:ab:83:21:3c:81:b0:f2:b2:69:14:29:57:f8:
14:7c:c5:3d:94:66:7f:80:16:55:3c:8c:3a:c8:1d:
00:1c:33:eb:05:4c:dd:63:b0:60:9f:ad:2b:21:f7:
10:bb:90:8d:47:c4:6b:1e:91:58:d3:1c:56:1c:9a:
dd:30:7e:d4:f7:aa:1e:46:cb:96:af:c4:15:f3:4d:
9e:f3:09:46:dd:48:c7:ae:a3:db:14:f5:3e:00:6d:
8f:08:45:ea:d8:96:3c:06:f7:74:d9:fa:1e:09:61:
20:8f:50:9b:40:e5:0f:82:42:26:52:b1:96:f7:cc:
99:ce:dc:a9:05:d4:b0:8a:9f:fb:f4:d0:63:9b:c4:
2d:7c:61:f8:43:4a:55:20:84:f8:64:a0:07:f4:f2:
62:89:80:c5:b7:81:3c:80:1f:88:01:7c:0d:48:ed:
15:e8:e5:77:36:00:eb:9c:f1:4f:b6:10:93:67:e5:
81:a3:46:3e:29:51:32:e1:e3:e4:66:f7:1d:91:26:
10:06:ce:c8:c6:73:c6:78:ab:aa:1b:28:af:35:10:
be:85:17:ad:76:ff:d7:cb:59:c9:d6:30:4d:7f:da:
c3:0a:09:cc:7f:62:a1:50:45:fd:aa:37:53:e3:55:
5b:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:FA:2B:E0:DE:BE:27:6A:97:E4:05:9A:D4:E6:1D:46:CB:9E:70:8C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CE909136C3A611EFB03361BB762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.200.213.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:04:c7:b8:d6:86:28:3a:40:28:17:f2:26:40:39:8c:20:7f:
df:71:f9:ed:ee:6f:f4:fd:ab:e9:d3:d3:03:4b:94:59:9a:5f:
54:78:9f:11:fd:3f:1d:4d:f2:b1:7a:42:6e:2d:52:86:80:52:
d2:64:88:1f:3c:44:bf:17:1f:8f:0c:0d:c2:76:64:e9:06:e0:
1b:45:7e:a6:f0:86:8e:05:c0:12:2c:b2:a9:f5:5f:91:6e:6a:
e8:53:f6:8b:76:c1:cc:21:eb:fe:7d:94:ba:28:a0:e5:60:b7:
5d:6d:ab:cf:f5:1a:7a:d5:04:ce:5d:a1:fc:89:ec:c8:12:b3:
25:4c:7b:84:f6:8b:06:84:86:ad:0c:9c:a1:c7:b6:16:61:2a:
19:5e:e5:85:40:65:21:47:3b:7f:51:5f:fb:86:3a:dc:76:fe:
95:d7:54:c1:82:73:b0:5b:04:22:7f:da:93:57:f5:2f:9c:fd:
a6:6c:f7:04:e4:b1:18:5a:8f:a2:0a:a6:d2:6d:db:08:dc:5d:
22:9a:0b:49:ac:fe:5f:67:79:9a:7f:b0:c5:6f:c1:b4:fa:bd:
18:de:1e:3d:47:e0:fd:70:fd:c1:8c:bd:aa:f8:05:9d:11:79:
c9:d5:04:a8:be:74:30:83:f1:30:02:b1:bb:1d:00:ca:55:88:
86:02:46:85
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO3VMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTYzMTAzWhcNMjcxMjEyMTYzMTAzWjAYMRYw
FAYDVQQDEw02NzZkODRjYi1jOGUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAw5yE+kiKzza39sDt6FIA76uDITyBsPKyaRQpV/gUfMU9lGZ/gBZVPIw6
yB0AHDPrBUzdY7Bgn60rIfcQu5CNR8RrHpFY0xxWHJrdMH7U96oeRsuWr8QV802e
8wlG3UjHrqPbFPU+AG2PCEXq2JY8Bvd02foeCWEgj1CbQOUPgkImUrGW98yZztyp
BdSwip/79NBjm8QtfGH4Q0pVIIT4ZKAH9PJiiYDFt4E8gB+IAXwNSO0V6OV3NgDr
nPFPthCTZ+WBo0Y+KVEy4ePkZvcdkSYQBs7IxnPGeKuqGyivNRC+hRetdv/Xy1nJ
1jBNf9rDCgnMf2KhUEX9qjdT41VbuwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFG76
K+Devidql+QFmtTmHUbLnnCMMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DRTkwOTEzNkMzQTYxMUVGQjAzMzYxQkI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcjVMA0GCSqGSIb3DQEBCwUA
A4IBAQAdBMe41oYoOkAoF/ImQDmMIH/fcfnt7m/0/avp09MDS5RZml9UeJ8R/T8d
TfKxekJuLVKGgFLSZIgfPES/Fx+PDA3CdmTpBuAbRX6m8IaOBcASLLKp9V+Rbmro
U/aLdsHMIev+fZS6KKDlYLddbavP9Rp61QTOXaH8iezIErMlTHuE9osGhIatDJyh
x7YWYSoZXuWFQGUhRzt/UV/7hjrcdv6V11TBgnOwWwQif9qTV/UvnP2mbPcE5LEY
Wo+iCqbSbdsI3F0imgtJrP5fZ3maf7DFb8G0+r0Y3h49R+D9cP3BjL2q+AWdEXnJ
1QSovnQwg/EwArG7HQDKVYiGAkaF
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:52:21 2025 by rpki-client