Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FAEBBB0AC3AD11EF85776468762E951A.roa
File: FAEBBB0AC3AD11EF85776468762E951A.roa (raw, json)
Hash identifier: uLxqApMTORoGwPYXfvThXeAUN8/f+sLFHYtiG8Whx3E=
Subject key identifier: D1:32:05:36:68:70:C2:56:86:00:89:24:E8:18:9B:49:BD:17:1E:65
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EE21
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FAEBBB0AC3AD11EF85776468762E951A.roa
Signing time: Thu 26 Dec 2024 17:22:28 +0000
ROA not before: Thu 26 Dec 2024 17:22:24 +0000
ROA not after: Sun 12 Dec 2027 17:22:24 +0000
asID: 17561
IP address blocks: 45.200.251.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60961 (0xee21)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 17:22:24 2024 GMT
Not After : Dec 12 17:22:24 2027 GMT
Subject: CN=676d90d4-7b38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:5a:cf:c0:50:51:5c:52:2b:9a:bc:0b:37:54:
bd:ca:86:74:c0:3a:fb:6c:22:08:4f:ff:e5:84:d4:
9d:f4:be:53:ff:8b:2c:e2:6f:c9:18:0a:a5:74:f3:
f1:62:e5:7c:64:8c:a9:ec:c9:25:67:e0:8b:3c:fc:
e2:0a:dc:22:7f:86:eb:4a:64:cb:03:7f:78:6a:00:
67:42:72:18:d2:bf:d2:cd:78:8e:25:1f:07:7e:30:
95:eb:ec:a2:f3:4f:9e:c4:0c:72:fb:2b:0e:69:86:
9a:55:b5:21:ca:bb:47:7c:97:42:3e:c7:0b:1e:a6:
21:dc:89:df:0c:06:de:a2:4b:a0:8c:6e:be:92:74:
ed:5f:f9:58:ed:a2:5a:87:3a:32:97:a0:6c:05:c3:
2f:e4:e7:7c:91:87:aa:d3:2d:7d:72:ef:44:a3:75:
bd:3c:d8:18:dc:1a:a0:b3:93:ae:ef:b7:35:c5:e2:
b9:41:f3:6e:3a:98:55:9e:9b:d0:51:f4:55:1a:a5:
ad:0b:e5:20:c3:ca:5f:0a:59:15:c3:ce:72:95:ab:
f7:98:c1:f6:cf:28:a9:f1:ae:31:38:c5:b5:90:3e:
f1:a4:ed:6c:8c:83:e2:53:10:e8:ea:23:e0:9e:ca:
19:6d:1e:32:fb:9d:35:81:6d:66:db:eb:3f:88:87:
0a:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:32:05:36:68:70:C2:56:86:00:89:24:E8:18:9B:49:BD:17:1E:65
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FAEBBB0AC3AD11EF85776468762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.200.251.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:00:67:98:06:d0:7e:36:e9:3b:7c:5d:34:f2:35:21:09:8b:
a9:87:21:2d:ea:dc:8c:5a:89:81:5f:30:46:25:31:30:91:bc:
31:a3:c8:4a:2f:96:cf:8b:f9:d2:f1:5e:36:dc:29:68:c1:43:
50:1d:bf:09:8d:b2:34:0d:bd:1d:ad:38:8a:dc:4e:18:c9:12:
64:85:2f:39:16:5a:35:f1:cd:ef:05:97:48:60:41:da:1d:f5:
ca:8c:7c:b1:af:5b:70:3a:34:c5:1e:0c:e2:db:67:6a:52:65:
10:07:46:28:e8:3a:c9:d9:5d:14:6e:57:58:60:50:7c:28:9a:
5f:a3:f5:53:39:37:37:f0:97:3b:5e:82:6b:33:8a:b4:6a:ad:
2f:ae:29:a1:82:36:cb:ca:ee:10:7f:ee:b9:80:63:d9:53:4e:
fb:85:82:50:a3:56:cb:5f:e1:bf:d3:fb:e3:9d:9d:c8:3e:f5:
d2:94:a5:8a:f8:ff:64:3e:d1:39:5c:0c:49:ca:92:28:09:43:
5c:ae:17:b1:d8:5a:42:07:d1:b7:8e:97:96:07:c7:9d:ac:85:
5c:85:a3:80:2d:90:4a:84:10:b7:95:bf:ac:d9:20:82:a6:4e:
7a:ee:fb:cb:4c:86:a9:d1:43:9f:87:94:92:56:65:ae:c4:d9:
ef:ce:f0:9e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO4hMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTcyMjI0WhcNMjcxMjEyMTcyMjI0WjAYMRYw
FAYDVQQDEw02NzZkOTBkNC03YjM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArFrPwFBRXFIrmrwLN1S9yoZ0wDr7bCIIT//lhNSd9L5T/4ss4m/JGAql
dPPxYuV8ZIyp7MklZ+CLPPziCtwif4brSmTLA394agBnQnIY0r/SzXiOJR8HfjCV
6+yi80+exAxy+ysOaYaaVbUhyrtHfJdCPscLHqYh3InfDAbeokugjG6+knTtX/lY
7aJahzoyl6BsBcMv5Od8kYeq0y19cu9Eo3W9PNgY3Bqgs5Ou77c1xeK5QfNuOphV
npvQUfRVGqWtC+Ugw8pfClkVw85ylav3mMH2zyip8a4xOMW1kD7xpO1sjIPiUxDo
6iPgnsoZbR4y+501gW1m2+s/iIcK2wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNEy
BTZocMJWhgCJJOgYm0m9Fx5lMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GQUVCQkIwQUMzQUQxMUVGODU3NzY0Njg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcj7MA0GCSqGSIb3DQEBCwUA
A4IBAQBqAGeYBtB+Nuk7fF008jUhCYuphyEt6tyMWomBXzBGJTEwkbwxo8hKL5bP
i/nS8V423ClowUNQHb8JjbI0Db0drTiK3E4YyRJkhS85Flo18c3vBZdIYEHaHfXK
jHyxr1twOjTFHgzi22dqUmUQB0Yo6DrJ2V0UbldYYFB8KJpfo/VTOTc38Jc7XoJr
M4q0aq0vrimhgjbLyu4Qf+65gGPZU077hYJQo1bLX+G/0/vjnZ3IPvXSlKWK+P9k
PtE5XAxJypIoCUNcrhex2FpCB9G3jpeWB8edrIVchaOALZBKhBC3lb+s2SCCpk56
7vvLTIap0UOfh5SSVmWuxNnvzvCe
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:45:00 2025 by rpki-client