Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D64A3AC0C3AC11EFA4B8B961762E951A.roa
File: D64A3AC0C3AC11EFA4B8B961762E951A.roa (raw, json)
Hash identifier: 1dkYbvEPOkw95YJRjM/72MiFK4DcweOkCdfEwUNTrWQ=
Subject key identifier: 1C:48:E2:71:7A:5E:75:13:02:18:81:C0:9C:76:B0:00:4D:8A:E0:34
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EE15
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D64A3AC0C3AC11EFA4B8B961762E951A.roa
Signing time: Thu 26 Dec 2024 17:14:17 +0000
ROA not before: Thu 26 Dec 2024 17:14:13 +0000
ROA not after: Sun 12 Dec 2027 17:14:13 +0000
asID: 17561
IP address blocks: 45.200.245.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60949 (0xee15)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 17:14:13 2024 GMT
Not After : Dec 12 17:14:13 2027 GMT
Subject: CN=676d8ee9-0870
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:61:06:27:30:2e:ae:a9:02:9f:79:e3:13:5c:
44:42:5f:87:dc:c3:b8:5e:ac:1e:e5:09:fb:1a:61:
0b:cf:11:d9:02:72:29:ea:3d:66:32:b1:f8:5b:c6:
6a:b4:a9:52:ce:63:bd:ff:03:06:34:d2:be:c1:ff:
7a:8e:e9:4d:71:09:7c:bc:61:1c:ec:76:5b:6f:81:
bc:43:dc:22:f4:f0:0c:5f:c6:5e:8b:0a:32:9c:de:
da:40:ca:94:94:e6:69:79:4e:52:ec:21:4b:59:c5:
83:b2:7c:41:fa:78:8e:c8:18:7b:88:e5:5e:0d:b7:
e0:e5:4e:56:81:03:21:de:34:ff:a4:02:42:0e:e8:
be:91:f6:81:53:41:d1:b9:3e:26:f1:8c:9c:e5:0f:
99:50:2d:e9:9e:76:72:52:af:4c:3e:bb:60:ef:e9:
b8:fc:fb:dc:04:cc:b5:05:fa:64:ea:34:04:0b:21:
a2:8f:7f:85:39:9a:33:f5:0a:b1:f6:5d:06:a0:bd:
8b:42:d8:c7:26:90:a9:48:52:0c:d4:b1:75:24:17:
04:c0:ec:0e:4b:7a:5c:0e:fc:b8:c3:7f:fc:c8:fb:
a4:2a:58:61:7c:10:d2:d9:50:34:85:a1:4f:7a:18:
fd:7d:16:92:c1:1f:6f:f9:5f:38:dc:6f:b0:d5:47:
8c:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:48:E2:71:7A:5E:75:13:02:18:81:C0:9C:76:B0:00:4D:8A:E0:34
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D64A3AC0C3AC11EFA4B8B961762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.200.245.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:aa:f2:6f:77:14:97:ca:70:e9:f7:5c:ad:59:58:c9:14:93:
e3:60:c6:18:40:58:07:67:2d:c0:51:6a:ee:8d:dd:ba:12:af:
4f:3b:06:7d:a2:99:e5:17:f8:f8:ad:d7:04:f7:74:cb:ff:ec:
f0:b3:f0:2a:5b:d5:83:4a:88:9f:2e:2b:99:bc:5a:51:c7:a1:
cb:50:8f:2b:d2:f9:9d:32:1e:c4:56:6a:36:b0:af:6f:c7:1d:
01:34:c8:07:3f:13:6b:68:34:2c:30:d3:f2:33:98:c8:48:d9:
43:24:e8:94:f3:c9:0c:2c:92:88:e3:61:31:c2:5b:60:9e:15:
d4:09:d3:d6:46:29:e6:0f:b6:8c:4e:5b:d5:61:9c:13:9e:e2:
93:71:6a:14:13:91:fe:6f:0d:94:9c:06:7a:98:3d:10:c8:0e:
f0:51:b8:4a:c7:c4:50:19:49:df:54:27:e3:9e:7f:f3:18:6c:
51:2a:31:39:39:ff:21:0f:56:36:70:9c:47:c8:b7:e5:26:bc:
61:a4:91:de:d0:c8:eb:b0:b6:d4:a9:62:54:d6:6a:c7:e3:f9:
5b:2e:ff:d2:51:36:52:eb:d4:6a:e2:7d:b3:fa:e1:2b:e7:81:
80:c4:5a:0d:10:2d:9f:6b:cb:b3:84:46:67:d9:35:85:2e:13:
5d:87:57:de
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO4VMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTcxNDEzWhcNMjcxMjEyMTcxNDEzWjAYMRYw
FAYDVQQDEw02NzZkOGVlOS0wODcwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzGEGJzAurqkCn3njE1xEQl+H3MO4Xqwe5Qn7GmELzxHZAnIp6j1mMrH4
W8ZqtKlSzmO9/wMGNNK+wf96julNcQl8vGEc7HZbb4G8Q9wi9PAMX8ZeiwoynN7a
QMqUlOZpeU5S7CFLWcWDsnxB+niOyBh7iOVeDbfg5U5WgQMh3jT/pAJCDui+kfaB
U0HRuT4m8Yyc5Q+ZUC3pnnZyUq9MPrtg7+m4/PvcBMy1Bfpk6jQECyGij3+FOZoz
9Qqx9l0GoL2LQtjHJpCpSFIM1LF1JBcEwOwOS3pcDvy4w3/8yPukKlhhfBDS2VA0
haFPehj9fRaSwR9v+V843G+w1UeMQQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBxI
4nF6XnUTAhiBwJx2sABNiuA0MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9ENjRBM0FDMEMzQUMxMUVGQTRCOEI5NjE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcj1MA0GCSqGSIb3DQEBCwUA
A4IBAQCyqvJvdxSXynDp91ytWVjJFJPjYMYYQFgHZy3AUWrujd26Eq9POwZ9opnl
F/j4rdcE93TL/+zws/AqW9WDSoifLiuZvFpRx6HLUI8r0vmdMh7EVmo2sK9vxx0B
NMgHPxNraDQsMNPyM5jISNlDJOiU88kMLJKI42ExwltgnhXUCdPWRinmD7aMTlvV
YZwTnuKTcWoUE5H+bw2UnAZ6mD0QyA7wUbhKx8RQGUnfVCfjnn/zGGxRKjE5Of8h
D1Y2cJxHyLflJrxhpJHe0MjrsLbUqWJU1mrH4/lbLv/SUTZS69Rq4n2z+uEr54GA
xFoNEC2fa8uzhEZn2TWFLhNdh1fe
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:51:50 2025 by rpki-client