Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E1D43AEAC3AB11EF963B915B762E951A.roa
File: E1D43AEAC3AB11EF963B915B762E951A.roa (raw, json)
Hash identifier: WdL6WmX0YLHJm3QYxEJtflIU627sSjsv99DMPHxe9QM=
Subject key identifier: 26:09:95:97:BA:90:3D:10:AB:5B:A1:A2:EB:34:04:43:D1:9F:E1:D4
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EE0B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E1D43AEAC3AB11EF963B915B762E951A.roa
Signing time: Thu 26 Dec 2024 17:07:27 +0000
ROA not before: Thu 26 Dec 2024 17:07:23 +0000
ROA not after: Sun 12 Dec 2027 17:07:23 +0000
asID: 17561
IP address blocks: 45.200.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60939 (0xee0b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 17:07:23 2024 GMT
Not After : Dec 12 17:07:23 2027 GMT
Subject: CN=676d8d4f-64d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ec:b8:4e:6f:61:2f:bf:99:a2:c5:9a:72:e5:
69:39:94:41:7e:cd:ea:d4:b2:7e:7c:7b:e8:db:18:
b2:d3:1d:74:40:f7:7a:2e:53:00:a7:a9:f8:e9:7d:
b0:d9:1f:08:ff:c7:36:93:72:04:22:45:0b:b2:07:
96:b7:8e:4a:92:0e:da:bf:15:e9:ce:66:60:98:4d:
16:8d:ec:d9:16:40:17:0d:21:41:9c:88:ad:4b:f4:
15:f5:f8:b2:c6:08:da:4a:23:05:71:71:ce:f4:c5:
95:57:50:81:a2:7f:b5:2e:7b:49:6b:5a:56:00:8f:
da:5f:2c:4b:c5:24:76:6c:ed:9e:bc:c4:78:8d:6a:
ed:14:03:8f:f2:d4:14:cc:a0:59:21:3e:a1:2c:48:
51:13:d2:12:ad:2f:49:76:7c:ac:a0:94:ad:92:ca:
6c:a9:7e:93:02:22:eb:ee:99:bc:04:46:d1:ee:9e:
51:dc:e5:d8:90:d1:a9:91:a9:97:8d:b8:3c:c3:15:
4a:c0:9a:d7:28:8f:49:2c:a5:66:d3:e3:3b:df:d0:
7a:46:6e:a7:2c:f5:71:14:16:01:09:d8:64:7b:ff:
54:9b:5a:66:b0:c1:e9:bd:9b:b2:2e:ae:38:15:d4:
88:5c:d3:5b:0d:cd:41:52:5d:46:c5:9a:b9:64:a3:
0e:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:09:95:97:BA:90:3D:10:AB:5B:A1:A2:EB:34:04:43:D1:9F:E1:D4
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E1D43AEAC3AB11EF963B915B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.200.240.0/24
Signature Algorithm: sha256WithRSAEncryption
01:0d:28:0f:0d:f3:91:15:c6:59:b0:89:2f:fd:2c:37:f5:72:
c3:ce:ff:2e:0b:31:68:e7:f2:68:29:bb:21:29:64:b0:98:f5:
93:4f:d0:fc:2e:d6:0c:da:e0:31:20:25:84:bf:da:2a:d7:2d:
03:90:4e:2a:36:83:e2:fa:a3:6c:24:90:95:9a:45:e2:69:75:
ae:f0:57:0c:46:d8:60:4b:9e:e0:b2:29:4c:56:34:60:d7:9e:
a5:cb:26:14:ed:16:44:d6:0d:b5:5f:54:28:43:aa:b0:2d:15:
cb:4c:ab:8a:e4:0c:f7:85:60:9a:b7:09:a3:cc:90:b5:5f:ca:
21:87:b3:2a:4d:9f:8f:87:d0:49:a9:38:15:a2:0e:1a:11:af:
58:83:b4:8e:03:5e:38:14:20:7b:9b:9e:e3:96:d2:67:6f:17:
85:40:2e:2f:12:b1:7b:f0:d8:64:2b:d7:9e:32:42:d2:52:28:
04:72:8e:32:41:c7:a9:51:b9:80:85:a9:dd:06:e9:df:54:7d:
92:a5:85:14:3e:72:b0:38:62:c1:23:f9:ee:63:16:ea:55:eb:
1e:2d:ef:f5:3e:ef:09:21:c0:48:9e:2f:8b:f0:0a:7c:b1:29:
db:1c:d7:a9:96:21:99:bf:e8:45:65:f5:28:bd:c4:78:6a:d3:
ca:ec:5f:76
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO4LMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTcwNzIzWhcNMjcxMjEyMTcwNzIzWjAYMRYw
FAYDVQQDEw02NzZkOGQ0Zi02NGQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxOy4Tm9hL7+ZosWacuVpOZRBfs3q1LJ+fHvo2xiy0x10QPd6LlMAp6n4
6X2w2R8I/8c2k3IEIkULsgeWt45Kkg7avxXpzmZgmE0WjezZFkAXDSFBnIitS/QV
9fiyxgjaSiMFcXHO9MWVV1CBon+1LntJa1pWAI/aXyxLxSR2bO2evMR4jWrtFAOP
8tQUzKBZIT6hLEhRE9ISrS9JdnysoJStkspsqX6TAiLr7pm8BEbR7p5R3OXYkNGp
kamXjbg8wxVKwJrXKI9JLKVm0+M739B6Rm6nLPVxFBYBCdhke/9Um1pmsMHpvZuy
Lq44FdSIXNNbDc1BUl1GxZq5ZKMOIQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCYJ
lZe6kD0Qq1uhous0BEPRn+HUMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FMUQ0M0FFQUMzQUIxMUVGOTYzQjkxNUI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcjwMA0GCSqGSIb3DQEBCwUA
A4IBAQABDSgPDfORFcZZsIkv/Sw39XLDzv8uCzFo5/JoKbshKWSwmPWTT9D8LtYM
2uAxICWEv9oq1y0DkE4qNoPi+qNsJJCVmkXiaXWu8FcMRthgS57gsilMVjRg156l
yyYU7RZE1g21X1QoQ6qwLRXLTKuK5Az3hWCatwmjzJC1X8ohh7MqTZ+Ph9BJqTgV
og4aEa9Yg7SOA144FCB7m57jltJnbxeFQC4vErF78NhkK9eeMkLSUigEco4yQcep
UbmAhandBunfVH2SpYUUPnKwOGLBI/nuYxbqVeseLe/1Pu8JIcBIni+L8Ap8sSnb
HNepliGZv+hFZfUovcR4atPK7F92
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:53:59 2025 by rpki-client