Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D82D5452C3BC11EFA707F046762E951A.roa
File: D82D5452C3BC11EFA707F046762E951A.roa (raw, json)
Hash identifier: z78h75BNVogIlcmK7MyGdVLDAvplCgqrULqL0646ldQ=
Subject key identifier: F2:93:B9:92:53:D7:0C:AC:C6:53:89:E3:C5:27:88:F9:E4:11:59:47
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EEBB
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D82D5452C3BC11EFA707F046762E951A.roa
Signing time: Thu 26 Dec 2024 19:08:52 +0000
ROA not before: Thu 26 Dec 2024 19:08:48 +0000
ROA not after: Sun 12 Dec 2027 19:08:48 +0000
asID: 17561
IP address blocks: 45.207.158.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61115 (0xeebb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 19:08:48 2024 GMT
Not After : Dec 12 19:08:48 2027 GMT
Subject: CN=676da9c4-4bd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:70:6e:75:d9:46:ef:97:65:aa:58:28:fc:3c:
f7:69:3f:67:fb:e7:9c:8e:b0:dd:49:fe:e0:4c:71:
38:d5:4e:c7:1f:07:2a:f9:3a:51:49:89:47:e7:e3:
e2:93:ff:9a:d4:d9:1d:8e:73:36:9c:56:db:61:07:
9f:67:c1:c8:06:bd:80:40:ed:2b:1b:e2:96:1d:fe:
c1:b3:fb:09:c9:7b:0b:69:17:c9:cd:45:37:23:0d:
7d:c0:6d:2d:74:7a:9f:c5:29:c0:56:95:b5:4c:e3:
25:e7:54:a5:59:fc:1e:b7:3e:70:d6:6a:e1:ab:d9:
b3:15:0c:f3:d5:c4:94:07:d2:85:a9:dc:7f:33:41:
54:5a:5b:24:29:c3:4a:ea:c7:33:61:f6:3c:12:37:
35:4a:4a:32:40:47:41:d3:2f:6a:bd:d1:09:3b:09:
be:cf:87:a9:a0:c8:03:02:c0:53:a9:c6:5c:75:bb:
80:94:01:2b:c5:01:4d:9d:6e:f1:36:47:0f:09:1f:
d6:7f:4c:99:cb:da:7e:64:4d:06:16:ab:66:47:b2:
a4:48:7b:18:38:13:8b:f8:b3:5f:f0:06:0b:0c:c2:
47:34:e8:81:73:eb:63:f3:cc:af:34:83:27:99:ea:
08:3f:39:45:27:b6:92:38:bd:4c:c5:68:86:a7:e8:
08:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:93:B9:92:53:D7:0C:AC:C6:53:89:E3:C5:27:88:F9:E4:11:59:47
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D82D5452C3BC11EFA707F046762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.207.158.0/24
Signature Algorithm: sha256WithRSAEncryption
24:6d:89:1e:64:94:29:63:4d:50:13:26:ca:3b:98:0c:14:17:
6e:68:b6:08:28:1b:00:76:58:36:60:21:4d:d1:f6:7c:d4:a8:
97:f3:0e:7d:cb:06:f8:31:f9:4f:ab:42:87:23:64:ae:79:81:
7d:ae:0c:bf:e7:c6:6a:06:2b:00:00:c5:5f:15:bc:cb:fd:98:
3b:a0:f9:33:80:c3:89:c7:72:0c:f3:69:1a:1c:8b:eb:1a:bd:
0a:b2:3d:88:0a:5f:ac:c6:86:e4:e0:e6:91:71:72:96:21:8c:
69:56:81:48:96:8a:27:cc:06:80:84:52:67:d8:86:8a:9c:10:
ee:a0:0e:1c:fa:f4:5c:45:85:a7:c7:7a:05:14:fe:ce:03:a6:
18:1d:64:e0:86:79:c6:7a:fb:91:f7:a6:67:c9:5b:05:18:c7:
db:78:a8:50:34:60:e8:da:af:9e:6a:bb:be:fc:f8:ec:ea:a7:
72:57:fa:22:fa:ab:53:fb:ed:f7:1f:2c:1b:f3:04:d0:0c:da:
c8:2a:3f:e9:ee:a7:c3:1d:52:9f:60:fa:50:7a:27:e6:71:6d:
6c:b6:49:29:db:68:46:0e:4b:6a:78:4d:cb:93:60:3d:fd:27:
3e:f5:3a:3e:eb:82:61:b9:54:aa:c0:85:cb:ea:d5:1a:2c:29:
b9:ee:02:0e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO67MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTkwODQ4WhcNMjcxMjEyMTkwODQ4WjAYMRYw
FAYDVQQDEw02NzZkYTljNC00YmQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyXBuddlG75dlqlgo/Dz3aT9n++ecjrDdSf7gTHE41U7HHwcq+TpRSYlH
5+Pik/+a1NkdjnM2nFbbYQefZ8HIBr2AQO0rG+KWHf7Bs/sJyXsLaRfJzUU3Iw19
wG0tdHqfxSnAVpW1TOMl51SlWfwetz5w1mrhq9mzFQzz1cSUB9KFqdx/M0FUWlsk
KcNK6sczYfY8Ejc1SkoyQEdB0y9qvdEJOwm+z4epoMgDAsBTqcZcdbuAlAErxQFN
nW7xNkcPCR/Wf0yZy9p+ZE0GFqtmR7KkSHsYOBOL+LNf8AYLDMJHNOiBc+tj88yv
NIMnmeoIPzlFJ7aSOL1MxWiGp+gIoQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPKT
uZJT1wysxlOJ48UniPnkEVlHMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EODJENTQ1MkMzQkMxMUVGQTcwN0YwNDY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc+eMA0GCSqGSIb3DQEBCwUA
A4IBAQAkbYkeZJQpY01QEybKO5gMFBduaLYIKBsAdlg2YCFN0fZ81KiX8w59ywb4
MflPq0KHI2SueYF9rgy/58ZqBisAAMVfFbzL/Zg7oPkzgMOJx3IM82kaHIvrGr0K
sj2ICl+sxobk4OaRcXKWIYxpVoFIloonzAaAhFJn2IaKnBDuoA4c+vRcRYWnx3oF
FP7OA6YYHWTghnnGevuR96ZnyVsFGMfbeKhQNGDo2q+earu+/Pjs6qdyV/oi+qtT
++33Hywb8wTQDNrIKj/p7qfDHVKfYPpQeifmcW1stkkp22hGDktqeE3Lk2A9/Sc+
9To+64JhuVSqwIXL6tUaLCm57gIO
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:46:26 2025 by rpki-client