Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0C490C22BE8B11EFBF05A46C762E951A.roa
File: 0C490C22BE8B11EFBF05A46C762E951A.roa (raw, json)
Hash identifier: 6eD6kz57ZfxtMxrG78uZJby5w3GSTM237YPJzDShP/k=
Subject key identifier: EF:D6:E3:29:16:A3:4E:49:2E:65:BC:60:81:49:59:10:CE:83:73:11
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E6C4
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0C490C22BE8B11EFBF05A46C762E951A.roa
Signing time: Fri 20 Dec 2024 04:29:49 +0000
ROA not before: Fri 20 Dec 2024 04:29:45 +0000
ROA not after: Wed 10 Dec 2025 04:29:45 +0000
asID: 984
IP address blocks: 45.206.229.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59076 (0xe6c4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 20 04:29:45 2024 GMT
Not After : Dec 10 04:29:45 2025 GMT
Subject: CN=6764f2bd-6efe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:1a:4c:08:74:a7:9a:28:0c:9a:b8:ab:65:2c:
85:41:17:96:d2:fa:de:b9:c8:d9:a8:be:21:82:bd:
ce:1d:8b:aa:de:89:7a:61:91:89:a3:3e:2b:a3:69:
b5:07:cb:aa:e9:37:03:de:ce:b1:a0:4a:da:b6:3c:
3a:8f:1d:c7:33:59:bd:1c:98:d6:37:26:0c:b6:89:
af:b2:a2:ba:cf:31:63:69:14:86:e9:eb:ce:f4:a9:
75:82:de:ff:4e:6e:65:42:13:47:59:4d:76:80:4c:
6f:bf:8e:52:8d:72:ab:c4:90:19:07:05:67:08:d8:
82:80:e4:b3:f6:08:50:5a:83:3e:7c:7e:3e:d1:d1:
1f:4a:06:80:6b:c0:7a:f9:09:fc:f4:6a:af:e1:78:
a2:40:17:a4:ef:14:c8:2c:5e:f3:ac:10:a4:b1:e6:
8c:bc:5e:69:3b:3e:76:01:a6:fd:e4:70:1f:b5:0c:
a7:68:88:34:fd:8e:57:6d:48:b6:23:ee:39:2b:20:
b4:02:62:2d:e3:97:78:ea:d9:ae:d2:b4:28:59:6d:
40:0a:a0:58:25:d9:4d:b3:d2:82:d8:18:91:5e:10:
d8:97:85:ca:10:ae:58:de:ee:9c:82:27:29:a2:fa:
f3:7f:19:f0:26:5f:4e:ed:24:49:09:d7:6e:9f:22:
05:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:D6:E3:29:16:A3:4E:49:2E:65:BC:60:81:49:59:10:CE:83:73:11
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0C490C22BE8B11EFBF05A46C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.206.229.0/24
Signature Algorithm: sha256WithRSAEncryption
75:9b:a0:cf:32:34:66:b0:ab:33:e1:0b:dd:1c:c3:fb:cf:1b:
9a:82:ad:3d:f5:8f:0d:24:84:4e:ed:e3:e5:69:73:78:0d:be:
61:82:ac:80:9c:6a:06:82:b8:87:9a:f5:66:a1:7a:d1:27:59:
e0:45:c8:66:ca:0e:de:56:e8:1a:fc:1b:77:0a:a7:68:47:df:
b1:15:37:19:62:42:af:85:ae:27:e8:28:7a:6c:84:0b:f9:89:
ae:e3:56:7f:60:bf:62:7b:79:a6:b5:34:66:4d:a5:21:5a:68:
cb:b7:2e:1b:fd:8d:ae:d9:63:98:04:bd:93:9a:b1:3f:78:e1:
d4:7d:69:a1:36:c0:57:8e:73:28:28:1b:3d:3d:a8:02:78:e8:
08:1f:49:f9:69:c7:11:1a:4d:26:87:da:68:b3:b1:c5:f4:c5:
a1:e7:0c:4c:55:97:0e:35:0f:13:f7:67:e7:d5:77:6d:c1:22:
5b:b6:4c:67:42:2b:25:18:8d:09:5a:e3:32:5d:55:cb:95:80:
c6:08:9a:78:fe:56:45:b1:3f:60:8f:dd:96:27:76:aa:0c:13:
bb:de:67:25:a2:c8:da:98:f7:65:8b:d3:6e:f7:50:63:59:d1:
33:34:4b:f3:ba:86:78:50:a4:36:97:86:57:38:bf:76:db:83:
37:b9:16:4f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAObEMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjIwMDQyOTQ1WhcNMjUxMjEwMDQyOTQ1WjAYMRYw
FAYDVQQDEw02NzY0ZjJiZC02ZWZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuxpMCHSnmigMmrirZSyFQReW0vreucjZqL4hgr3OHYuq3ol6YZGJoz4r
o2m1B8uq6TcD3s6xoEratjw6jx3HM1m9HJjWNyYMtomvsqK6zzFjaRSG6evO9Kl1
gt7/Tm5lQhNHWU12gExvv45SjXKrxJAZBwVnCNiCgOSz9ghQWoM+fH4+0dEfSgaA
a8B6+Qn89Gqv4XiiQBek7xTILF7zrBCkseaMvF5pOz52Aab95HAftQynaIg0/Y5X
bUi2I+45KyC0AmIt45d46tmu0rQoWW1ACqBYJdlNs9KC2BiRXhDYl4XKEK5Y3u6c
gicpovrzfxnwJl9O7SRJCddunyIFPwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFO/W
4ykWo05JLmW8YIFJWRDOg3MRMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wQzQ5MEMyMkJFOEIxMUVGQkYwNUE0NkM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc7lMA0GCSqGSIb3DQEBCwUA
A4IBAQB1m6DPMjRmsKsz4QvdHMP7zxuagq099Y8NJIRO7ePlaXN4Db5hgqyAnGoG
griHmvVmoXrRJ1ngRchmyg7eVuga/Bt3CqdoR9+xFTcZYkKvha4n6Ch6bIQL+Ymu
41Z/YL9ie3mmtTRmTaUhWmjLty4b/Y2u2WOYBL2TmrE/eOHUfWmhNsBXjnMoKBs9
PagCeOgIH0n5accRGk0mh9pos7HF9MWh5wxMVZcONQ8T92fn1XdtwSJbtkxnQisl
GI0JWuMyXVXLlYDGCJp4/lZFsT9gj92WJ3aqDBO73mclosjamPdli9Nu91BjWdEz
NEvzuoZ4UKQ2l4ZXOL9224M3uRZP
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:51:30 2025 by rpki-client