Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/06EF2B3AC3E511EF880CF942762E951A.roa
File: 06EF2B3AC3E511EF880CF942762E951A.roa (raw, json)
Hash identifier: pEO3ZgAP503rb7v2Pzgt5DhSRyC/fuywcgeRqpMD+08=
Subject key identifier: 40:DC:38:C0:30:F6:D5:55:A9:F8:A6:B7:61:7F:D3:F1:81:10:C3:95
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EF1F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/06EF2B3AC3E511EF880CF942762E951A.roa
Signing time: Thu 26 Dec 2024 23:56:30 +0000
ROA not before: Thu 26 Dec 2024 23:56:27 +0000
ROA not after: Fri 12 Dec 2025 23:56:27 +0000
asID: 984
IP address blocks: 45.192.224.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61215 (0xef1f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 23:56:27 2024 GMT
Not After : Dec 12 23:56:27 2025 GMT
Subject: CN=676ded2e-fc4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:b6:de:9f:f7:65:65:09:df:85:5a:2f:91:52:
dd:e2:d7:29:b7:a7:f2:a5:44:1e:77:f8:68:34:8d:
e8:84:e3:04:8b:7b:b1:95:f9:0a:43:5d:e2:34:03:
a9:3f:74:29:b5:7f:33:b1:d6:26:ec:e0:c9:18:f8:
31:3c:a9:92:9d:a2:46:59:91:9a:10:3b:e9:84:b1:
f4:59:ad:36:97:44:8f:63:25:b1:ca:c4:0f:ad:41:
e0:f3:1f:6f:32:e1:7f:6d:45:27:b3:b0:ed:36:96:
e2:bb:d2:21:b3:45:f1:92:4e:f9:d0:3b:e6:0e:46:
e7:cf:36:d8:d3:ad:c9:79:b9:a4:ab:17:02:5e:eb:
7b:a6:91:2e:ee:af:83:99:70:16:92:88:b3:fb:71:
fd:f6:f8:0c:d6:5d:c4:35:2a:22:be:41:38:65:c4:
ad:77:5d:63:cb:56:b7:c0:4c:f1:23:1b:09:56:2f:
81:63:89:27:d0:d7:96:68:2b:db:b8:cf:5f:d6:2c:
8e:27:41:be:28:3f:b8:1b:77:49:80:da:d1:f7:3d:
81:a6:66:d0:57:79:8c:50:03:26:0d:a3:56:8e:0b:
1c:37:26:6b:0a:48:5f:68:d2:98:0e:0a:57:cf:29:
85:5d:ee:52:7b:00:8b:99:5d:95:a8:e9:b0:2d:a2:
5f:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:DC:38:C0:30:F6:D5:55:A9:F8:A6:B7:61:7F:D3:F1:81:10:C3:95
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/06EF2B3AC3E511EF880CF942762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.192.224.0/24
Signature Algorithm: sha256WithRSAEncryption
91:8d:56:76:de:80:00:40:72:9e:60:48:b0:4c:ff:23:2b:ed:
da:19:95:c1:4e:03:fe:dc:6b:39:54:6a:80:6d:bb:d6:4f:19:
79:5e:46:61:c4:c0:38:93:94:70:d3:48:78:6b:7b:33:a4:54:
e0:88:7d:ca:44:85:d0:ef:30:6e:fc:c5:5c:41:28:90:f8:52:
68:29:e8:33:80:b7:4c:a9:fa:2b:d8:29:c4:d0:16:71:2b:78:
67:ef:c2:d9:67:b7:40:98:d9:81:ec:4e:b9:d1:f5:4b:14:55:
7b:0d:09:6c:f2:97:55:26:44:80:35:df:31:2f:32:bc:a3:17:
80:c7:57:31:41:2f:86:e3:32:4c:45:9d:1c:ba:36:f8:a0:bb:
e5:b0:3c:22:12:d9:36:8b:f2:6b:6b:2a:fa:32:8b:bf:82:c8:
13:3f:18:34:37:a4:90:20:08:95:3e:34:94:94:37:82:c6:f8:
9b:79:f1:84:01:63:3e:e4:b6:fe:92:e8:bf:a3:44:2f:ce:bf:
1c:d1:bd:36:fd:34:61:51:5e:98:a8:58:04:f7:3a:ab:65:a9:
a3:20:36:c7:c2:79:bb:7e:e8:27:16:6b:8a:10:82:ae:42:cd:
d8:ef:9f:3d:20:94:5d:1f:23:a2:7c:4a:05:e9:b7:b1:f8:9b:
a6:2e:de:d4
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO8fMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MjM1NjI3WhcNMjUxMjEyMjM1NjI3WjAYMRYw
FAYDVQQDEw02NzZkZWQyZS1mYzRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAz7ben/dlZQnfhVovkVLd4tcpt6fypUQed/hoNI3ohOMEi3uxlfkKQ13i
NAOpP3QptX8zsdYm7ODJGPgxPKmSnaJGWZGaEDvphLH0Wa02l0SPYyWxysQPrUHg
8x9vMuF/bUUns7DtNpbiu9Ihs0Xxkk750DvmDkbnzzbY063JebmkqxcCXut7ppEu
7q+DmXAWkoiz+3H99vgM1l3ENSoivkE4ZcStd11jy1a3wEzxIxsJVi+BY4kn0NeW
aCvbuM9f1iyOJ0G+KD+4G3dJgNrR9z2BpmbQV3mMUAMmDaNWjgscNyZrCkhfaNKY
DgpXzymFXe5SewCLmV2VqOmwLaJfjQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEDc
OMAw9tVVqfimt2F/0/GBEMOVMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wNkVGMkIzQUMzRTUxMUVGODgwQ0Y5NDI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcDgMA0GCSqGSIb3DQEBCwUA
A4IBAQCRjVZ23oAAQHKeYEiwTP8jK+3aGZXBTgP+3Gs5VGqAbbvWTxl5XkZhxMA4
k5Rw00h4a3szpFTgiH3KRIXQ7zBu/MVcQSiQ+FJoKegzgLdMqfor2CnE0BZxK3hn
78LZZ7dAmNmB7E650fVLFFV7DQls8pdVJkSANd8xLzK8oxeAx1cxQS+G4zJMRZ0c
ujb4oLvlsDwiEtk2i/Jrayr6Mou/gsgTPxg0N6SQIAiVPjSUlDeCxvibefGEAWM+
5Lb+kui/o0Qvzr8c0b02/TRhUV6YqFgE9zqrZamjIDbHwnm7fugnFmuKEIKuQs3Y
7589IJRdHyOifEoF6bex+JumLt7U
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:45:53 2025 by rpki-client