Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D73B5002CC1911EFAD933370762E951A.roa
File: D73B5002CC1911EFAD933370762E951A.roa (raw, json)
Hash identifier: VhwtcUnvDjGl0z4J2LY/pxDLuPdBFdcXtGJMgsy6CY4=
Subject key identifier: EE:EB:E7:0C:0C:27:6F:A8:29:63:B9:02:A5:B1:3C:2D:B3:F2:9D:6F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F88F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D73B5002CC1911EFAD933370762E951A.roa
Signing time: Mon 06 Jan 2025 10:34:43 +0000
ROA not before: Mon 06 Jan 2025 10:34:39 +0000
ROA not after: Mon 10 Feb 2025 10:34:39 +0000
asID: 51847
IP address blocks: 45.207.216.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63631 (0xf88f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 6 10:34:39 2025 GMT
Not After : Feb 10 10:34:39 2025 GMT
Subject: CN=677bb1c3-626e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:c1:18:68:c3:93:08:59:8c:49:0e:b9:66:b6:
be:d1:25:c9:0f:87:21:1e:bb:92:f3:b0:d4:2a:5e:
21:ba:ec:d2:af:48:04:40:c7:2b:b7:c4:a5:f3:4f:
5c:34:c1:22:5e:55:94:9f:3a:2c:50:50:2e:c9:14:
fa:03:25:2f:e6:d7:46:79:ac:ab:4e:db:1e:6c:7d:
16:7b:0f:b7:0c:7c:fe:32:16:15:62:32:a8:fd:f7:
eb:2e:df:5f:3e:3e:51:36:71:41:90:3d:9b:a4:f2:
88:31:e5:70:62:66:60:94:99:49:15:60:70:3f:69:
b0:25:4f:54:7f:bd:9f:55:5e:57:a1:39:84:c0:f6:
f0:76:1f:64:b6:2c:c0:cb:45:b6:7d:69:e2:a9:5f:
09:a3:0c:52:b5:e2:bb:84:8a:ef:ee:4e:1c:1a:a6:
a8:04:92:e3:0c:3d:ef:be:40:3d:42:17:04:17:48:
49:8b:62:44:2e:e9:b4:ff:4b:6f:65:e8:fb:fa:6f:
11:03:32:10:13:4c:f1:a8:64:59:30:37:a9:a7:33:
76:f4:4f:c6:87:3a:7b:b0:c1:33:66:10:79:4b:55:
3e:66:ec:a6:ed:bd:c8:36:2d:a1:71:3d:57:7c:42:
32:39:fb:f3:b9:2a:e8:1c:53:68:c7:af:6a:e1:f5:
12:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:EB:E7:0C:0C:27:6F:A8:29:63:B9:02:A5:B1:3C:2D:B3:F2:9D:6F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D73B5002CC1911EFAD933370762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.207.216.0/23
Signature Algorithm: sha256WithRSAEncryption
95:a3:b7:39:01:2e:2f:70:e1:e7:34:59:60:71:85:ed:b5:b8:
fd:93:9c:0c:db:f3:4e:aa:a0:b5:d7:33:03:44:52:84:ff:20:
e2:de:51:6f:7f:8a:56:b5:e1:56:de:ba:ce:96:d3:d1:17:ef:
df:dc:fd:a5:bb:c2:3e:cb:f5:93:0d:f7:f7:88:d2:0c:4c:1d:
e8:0f:cf:84:57:83:f1:af:ef:4f:59:dd:9c:ea:0d:4e:95:c7:
3e:5b:db:72:e7:f2:28:44:74:ca:9d:33:e2:93:1b:e0:35:47:
65:78:ea:c0:08:79:99:0d:ef:de:aa:dd:1f:f7:31:14:2c:60:
09:b4:a9:a8:68:e7:dc:b2:15:65:5e:a1:cf:98:1f:3a:cd:9e:
a0:91:f9:45:cf:4d:61:32:4e:50:9f:e8:6e:1e:29:a3:b0:08:
af:f7:10:24:d4:a8:72:15:e2:98:bc:e2:1d:f9:02:49:50:a0:
90:6a:89:99:18:dc:ef:ce:f5:92:93:35:fc:1f:42:8c:82:e9:
08:9b:70:59:a4:e9:3e:2c:c6:6f:8c:fe:d0:57:b9:10:35:08:
67:6a:af:19:3b:52:9c:a5:e9:28:ec:7a:d7:68:ec:23:7e:79:
02:32:ab:b7:a8:99:9b:74:02:02:2d:d2:a0:e3:e2:16:19:d4:
a5:1a:a7:73
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPiPMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA2MTAzNDM5WhcNMjUwMjEwMTAzNDM5WjAYMRYw
FAYDVQQDEw02NzdiYjFjMy02MjZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA08EYaMOTCFmMSQ65Zra+0SXJD4chHruS87DUKl4huuzSr0gEQMcrt8Sl
809cNMEiXlWUnzosUFAuyRT6AyUv5tdGeayrTtsebH0Wew+3DHz+MhYVYjKo/ffr
Lt9fPj5RNnFBkD2bpPKIMeVwYmZglJlJFWBwP2mwJU9Uf72fVV5XoTmEwPbwdh9k
tizAy0W2fWniqV8JowxSteK7hIrv7k4cGqaoBJLjDD3vvkA9QhcEF0hJi2JELum0
/0tvZej7+m8RAzIQE0zxqGRZMDeppzN29E/Ghzp7sMEzZhB5S1U+Zuym7b3INi2h
cT1XfEIyOfvzuSroHFNox69q4fUSSwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFO7r
5wwMJ2+oKWO5AqWxPC2z8p1vMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9ENzNCNTAwMkNDMTkxMUVGQUQ5MzMzNzA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLc/YMA0GCSqGSIb3DQEBCwUA
A4IBAQCVo7c5AS4vcOHnNFlgcYXttbj9k5wM2/NOqqC11zMDRFKE/yDi3lFvf4pW
teFW3rrOltPRF+/f3P2lu8I+y/WTDff3iNIMTB3oD8+EV4Pxr+9PWd2c6g1Olcc+
W9ty5/IoRHTKnTPikxvgNUdleOrACHmZDe/eqt0f9zEULGAJtKmoaOfcshVlXqHP
mB86zZ6gkflFz01hMk5Qn+huHimjsAiv9xAk1KhyFeKYvOId+QJJUKCQaomZGNzv
zvWSkzX8H0KMgukIm3BZpOk+LMZvjP7QV7kQNQhnaq8ZO1Kcpeko7HrXaOwjfnkC
Mqu3qJmbdAICLdKg4+IWGdSlGqdz
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:38:39 2025 by rpki-client