Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/ECF0A01EC3A411EFAE21CBAE762E951A.roa
File: ECF0A01EC3A411EFAE21CBAE762E951A.roa (raw, json)
Hash identifier: Rt8GvzMmLJxKx3z4P/UsnA6RsKj1FsuGDo3IEtCUl58=
Subject key identifier: 88:F7:CB:23:37:77:07:5A:4F:E7:1E:7C:77:C7:AD:64:33:DD:BF:8F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EDC1
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/ECF0A01EC3A411EFAE21CBAE762E951A.roa
Signing time: Thu 26 Dec 2024 16:17:39 +0000
ROA not before: Thu 26 Dec 2024 16:17:35 +0000
ROA not after: Fri 12 Dec 2025 16:17:35 +0000
asID: 984
IP address blocks: 45.200.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60865 (0xedc1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 16:17:35 2024 GMT
Not After : Dec 12 16:17:35 2025 GMT
Subject: CN=676d81a3-f1f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:49:16:70:f8:23:d9:e8:9e:a8:78:94:78:65:
a2:a7:b9:08:fa:c7:cb:6c:c1:da:9c:1f:1b:d6:0a:
ba:eb:7b:81:96:ed:d2:c6:66:d6:8b:16:63:05:9a:
d6:58:9f:99:82:52:d1:20:02:ef:ec:09:87:8c:54:
74:e7:85:0a:68:60:35:fb:4c:00:de:10:72:6e:6f:
df:3e:bb:90:3c:27:3c:01:41:b3:2c:00:c8:61:90:
0b:0b:7f:31:3e:b2:c1:20:da:c6:4b:d6:a4:94:af:
c5:29:41:4e:86:36:78:e8:b0:f0:4b:ad:7d:63:c1:
64:1f:b3:d0:10:f0:b7:2e:49:59:c6:ab:2d:cf:b6:
55:5f:bb:a9:06:bc:bd:42:45:9c:0e:20:3e:97:06:
13:bb:95:1f:cf:0d:24:1a:dc:9e:dc:e7:ae:e9:74:
5c:62:ed:20:01:b3:f3:d6:71:e5:5a:71:20:14:1e:
4c:54:20:89:78:d2:23:47:6f:b9:ba:b9:d7:eb:3a:
a3:1b:e3:0e:28:87:6a:09:d8:48:22:a0:9e:2d:2f:
55:c8:0d:9b:ea:e0:af:e7:6f:78:cf:cd:dd:03:70:
54:a6:33:f9:6f:ed:e4:1a:c3:e5:23:fd:cf:70:fa:
f6:7c:1a:f6:92:b7:b3:ad:65:ea:fe:75:7e:e7:58:
e3:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:F7:CB:23:37:77:07:5A:4F:E7:1E:7C:77:C7:AD:64:33:DD:BF:8F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/ECF0A01EC3A411EFAE21CBAE762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.200.203.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:1d:2d:46:c6:2a:09:6c:ae:a9:f7:56:4c:62:cc:cf:80:07:
8a:cc:a4:9c:3e:e2:c2:d7:0c:fc:e8:45:33:67:33:ba:85:cc:
9d:2e:0d:7c:29:79:1c:cb:a4:4e:51:1d:ad:4b:80:cf:8d:53:
20:3a:5d:ea:f8:cf:a5:34:d5:f7:a5:5e:85:b2:33:e7:15:15:
16:6f:d5:f7:ea:f5:ee:5c:dc:26:e9:71:3d:4e:db:47:a8:bb:
eb:b9:94:bb:45:e3:82:ae:d6:01:8f:9f:c5:73:80:76:1f:48:
0f:0c:10:ea:97:fd:4a:92:79:9c:47:75:04:75:72:d7:77:45:
b7:1e:2a:e8:c5:3d:84:18:19:89:6e:31:b8:57:66:e8:83:93:
aa:60:8f:af:b2:b6:b6:6c:dd:f8:e3:59:fb:16:a7:67:1e:4b:
aa:39:dc:3d:8f:4a:76:08:89:06:0c:9a:c4:b5:ed:06:5c:c9:
5a:6d:f7:5b:d3:fd:d8:28:44:c8:3b:4d:74:6f:02:b9:ff:65:
1f:95:f7:0e:2e:b6:77:4f:61:dc:3d:a4:ab:ef:f0:c8:de:5a:
37:dc:99:6d:fc:95:c7:cb:74:92:4b:64:f3:8a:dd:1e:09:78:
ca:5d:bd:a4:cb:18:b6:12:26:02:4e:d5:ef:ec:57:98:45:f0:
29:63:8a:9b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO3BMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTYxNzM1WhcNMjUxMjEyMTYxNzM1WjAYMRYw
FAYDVQQDEw02NzZkODFhMy1mMWYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAu0kWcPgj2eieqHiUeGWip7kI+sfLbMHanB8b1gq663uBlu3SxmbWixZj
BZrWWJ+ZglLRIALv7AmHjFR054UKaGA1+0wA3hBybm/fPruQPCc8AUGzLADIYZAL
C38xPrLBINrGS9aklK/FKUFOhjZ46LDwS619Y8FkH7PQEPC3LklZxqstz7ZVX7up
Bry9QkWcDiA+lwYTu5Ufzw0kGtye3Oeu6XRcYu0gAbPz1nHlWnEgFB5MVCCJeNIj
R2+5urnX6zqjG+MOKIdqCdhIIqCeLS9VyA2b6uCv5294z83dA3BUpjP5b+3kGsPl
I/3PcPr2fBr2krezrWXq/nV+51jjhQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIj3
yyM3dwdaT+cefHfHrWQz3b+PMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FQ0YwQTAxRUMzQTQxMUVGQUUyMUNCQUU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcjLMA0GCSqGSIb3DQEBCwUA
A4IBAQAaHS1GxioJbK6p91ZMYszPgAeKzKScPuLC1wz86EUzZzO6hcydLg18KXkc
y6ROUR2tS4DPjVMgOl3q+M+lNNX3pV6FsjPnFRUWb9X36vXuXNwm6XE9TttHqLvr
uZS7ReOCrtYBj5/Fc4B2H0gPDBDql/1KknmcR3UEdXLXd0W3HiroxT2EGBmJbjG4
V2bog5OqYI+vsra2bN3441n7FqdnHkuqOdw9j0p2CIkGDJrEte0GXMlabfdb0/3Y
KETIO010bwK5/2UflfcOLrZ3T2HcPaSr7/DI3lo33Jlt/JXHy3SSS2Tzit0eCXjK
Xb2kyxi2EiYCTtXv7FeYRfApY4qb
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:41:37 2025 by rpki-client