Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D2A92B70C3B511EFAB204C99762E951A.roa
File: D2A92B70C3B511EFAB204C99762E951A.roa (raw, json)
Hash identifier: ayIly4njqR5Wy1D4RfqLHz7a6iH4Es4D1CYWUSRpTLg=
Subject key identifier: A5:5A:2C:12:D4:32:F3:53:32:35:1C:6F:07:2A:FA:F9:5B:5F:F7:05
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EE73
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D2A92B70C3B511EFAB204C99762E951A.roa
Signing time: Thu 26 Dec 2024 18:18:36 +0000
ROA not before: Thu 26 Dec 2024 18:18:33 +0000
ROA not after: Fri 12 Dec 2025 18:18:33 +0000
asID: 984
IP address blocks: 45.207.22.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61043 (0xee73)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 18:18:33 2024 GMT
Not After : Dec 12 18:18:33 2025 GMT
Subject: CN=676d9dfc-57b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:2b:93:9e:17:df:39:50:84:4d:67:48:2e:72:
02:61:da:7d:3a:80:ce:ee:1e:02:3d:c0:0f:3a:99:
13:f9:a4:74:8e:44:b4:f6:f7:85:55:da:f0:e5:c9:
c7:25:a7:1c:5d:1e:b1:1c:89:6b:26:27:65:0c:20:
e1:87:ea:e5:93:ad:b7:d6:be:c0:4e:f5:74:7c:f6:
61:28:b6:3a:b7:11:ed:bd:75:58:5a:f1:28:57:4d:
58:72:eb:2b:08:9a:fa:10:27:c6:c9:48:6b:eb:0d:
59:33:67:6f:80:13:3c:f8:9b:83:a8:4c:83:9f:c5:
90:33:dd:1a:e2:e0:08:88:6c:b7:8b:4e:6c:b1:a9:
cd:93:51:d2:2e:0c:51:80:54:b5:23:2e:4d:bb:95:
c2:9c:97:f0:31:c9:67:e5:2d:71:c2:4d:92:a7:80:
66:b8:b3:92:1d:90:93:d8:40:76:a6:92:97:fd:30:
97:63:54:a6:48:b6:6b:e2:4e:fc:9f:15:ee:97:ee:
86:75:59:52:a4:b2:5e:32:ef:ad:0e:d6:5f:35:2e:
31:37:e6:e2:a4:44:24:86:71:e1:5e:9d:0d:39:0d:
03:9c:84:72:04:56:51:0a:19:56:9b:3d:6b:c9:5f:
13:f1:58:0d:a7:ea:5c:cb:99:39:fd:79:11:39:ee:
32:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:5A:2C:12:D4:32:F3:53:32:35:1C:6F:07:2A:FA:F9:5B:5F:F7:05
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D2A92B70C3B511EFAB204C99762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.207.22.0/24
Signature Algorithm: sha256WithRSAEncryption
59:ce:95:33:b8:58:ea:18:3e:b6:2e:09:ba:e3:85:e9:b5:53:
a1:44:06:d8:44:f3:c1:a5:39:d8:dc:de:09:b9:2d:6d:63:3d:
85:a8:f3:63:a1:8a:54:d7:98:1e:c1:e7:81:eb:a0:6a:16:be:
0e:63:4d:1b:67:b8:8f:84:d5:df:f2:34:4c:5b:ca:cc:2b:68:
6f:37:bc:be:0c:e6:82:8e:8d:21:6f:c8:af:eb:9e:7a:0a:06:
46:c8:a1:6d:28:4f:a7:05:a1:7d:1a:8c:7b:63:57:0d:6e:6c:
5f:51:3e:81:1f:69:c4:7d:49:6a:14:5f:10:12:21:b4:b0:7a:
2c:f4:11:18:0b:b4:6c:85:64:ed:01:b2:55:c2:59:e1:48:2c:
20:ac:43:cc:b3:31:ee:9d:11:f5:c3:b8:4f:73:ed:31:39:0d:
28:41:98:f4:fa:ec:d5:9f:eb:a2:d8:8e:5d:88:7b:4b:a9:01:
4d:49:d3:63:e5:49:4d:58:e3:4c:15:c5:3e:75:40:66:67:d1:
95:4f:a6:dc:44:d0:82:39:c6:9c:54:68:54:53:5c:d4:49:a9:
02:79:06:47:25:03:61:b5:83:06:18:db:07:c9:0c:71:3c:f3:
1b:b4:71:3c:99:3b:29:34:45:98:48:96:c6:a2:4b:54:cf:40:
a4:70:6a:6c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO5zMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTgxODMzWhcNMjUxMjEyMTgxODMzWjAYMRYw
FAYDVQQDEw02NzZkOWRmYy01N2IwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1yuTnhffOVCETWdILnICYdp9OoDO7h4CPcAPOpkT+aR0jkS09veFVdrw
5cnHJaccXR6xHIlrJidlDCDhh+rlk6231r7ATvV0fPZhKLY6txHtvXVYWvEoV01Y
cusrCJr6ECfGyUhr6w1ZM2dvgBM8+JuDqEyDn8WQM90a4uAIiGy3i05ssanNk1HS
LgxRgFS1Iy5Nu5XCnJfwMcln5S1xwk2Sp4BmuLOSHZCT2EB2ppKX/TCXY1SmSLZr
4k78nxXul+6GdVlSpLJeMu+tDtZfNS4xN+bipEQkhnHhXp0NOQ0DnIRyBFZRChlW
mz1ryV8T8VgNp+pcy5k5/XkROe4yYwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKVa
LBLUMvNTMjUcbwcq+vlbX/cFMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EMkE5MkI3MEMzQjUxMUVGQUIyMDRDOTk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc8WMA0GCSqGSIb3DQEBCwUA
A4IBAQBZzpUzuFjqGD62Lgm644XptVOhRAbYRPPBpTnY3N4JuS1tYz2FqPNjoYpU
15geweeB66BqFr4OY00bZ7iPhNXf8jRMW8rMK2hvN7y+DOaCjo0hb8iv6556CgZG
yKFtKE+nBaF9Gox7Y1cNbmxfUT6BH2nEfUlqFF8QEiG0sHos9BEYC7RshWTtAbJV
wlnhSCwgrEPMszHunRH1w7hPc+0xOQ0oQZj0+uzVn+ui2I5diHtLqQFNSdNj5UlN
WONMFcU+dUBmZ9GVT6bcRNCCOcacVGhUU1zUSakCeQZHJQNhtYMGGNsHyQxxPPMb
tHE8mTspNEWYSJbGoktUz0CkcGps
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:47:02 2025 by rpki-client