Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0D58F4BEBE8711EF97DE6653762E951A.roa
File: 0D58F4BEBE8711EF97DE6653762E951A.roa (raw, json)
Hash identifier: EtyopDEnclcoNszN+s3k/uio14Vh0PcSWI+xzjcpZxI=
Subject key identifier: 1B:48:B1:EC:91:7D:D7:B4:72:D1:37:BB:76:58:97:03:1D:EA:ED:5D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E694
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0D58F4BEBE8711EF97DE6653762E951A.roa
Signing time: Fri 20 Dec 2024 04:01:13 +0000
ROA not before: Fri 20 Dec 2024 04:01:09 +0000
ROA not after: Wed 10 Dec 2025 04:01:09 +0000
asID: 984
IP address blocks: 45.206.205.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59028 (0xe694)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 20 04:01:09 2024 GMT
Not After : Dec 10 04:01:09 2025 GMT
Subject: CN=6764ec08-ae87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:4b:45:05:6c:0f:27:98:89:bb:c7:48:76:d9:
bd:0b:31:31:35:ac:90:09:2a:27:fd:06:5b:0e:85:
e2:12:70:b8:6e:22:2a:03:19:76:18:d2:03:11:3c:
a2:4e:1f:2b:02:40:7f:f3:84:98:78:18:bd:80:40:
aa:6e:df:51:54:5d:28:d0:83:18:b2:c6:74:40:39:
f2:31:31:9a:33:be:c0:b2:e2:a7:9c:b8:ff:46:6f:
f2:6a:69:e5:1b:57:b0:22:5b:4c:82:65:bf:67:21:
15:10:93:ae:b4:44:c2:a0:7f:99:f3:2d:45:c7:8b:
eb:33:fe:96:4e:bc:cd:21:d5:96:bb:d2:68:6b:1c:
7a:a3:38:3c:e3:30:75:09:ff:2b:e9:eb:26:80:bf:
c7:ff:bc:9b:2e:1b:4a:ef:a4:2c:aa:f5:69:f1:f0:
e5:af:f6:d4:c6:a9:4e:73:0f:1d:59:10:28:f4:92:
20:56:d2:55:2a:1a:ec:cb:16:77:ef:17:6a:d6:73:
14:08:68:3e:4a:4f:4f:63:6b:eb:67:f3:11:d7:ce:
5f:53:02:1f:e5:07:9e:c3:51:3a:ae:88:ff:80:5b:
7e:f3:8e:32:49:fb:f3:e7:37:dc:83:fc:40:36:0d:
44:5d:08:b2:9f:2e:63:6a:d5:ef:74:36:bc:01:d5:
1c:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:48:B1:EC:91:7D:D7:B4:72:D1:37:BB:76:58:97:03:1D:EA:ED:5D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0D58F4BEBE8711EF97DE6653762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.206.205.0/24
Signature Algorithm: sha256WithRSAEncryption
22:e3:ba:83:22:d3:f3:f5:17:46:db:4b:35:3b:55:13:8d:28:
b2:ff:e4:f9:41:6d:f0:4b:cc:ab:4d:c5:81:13:74:51:8f:1b:
6a:83:62:93:8c:fd:53:c0:24:38:d8:37:cc:7d:28:1b:1b:fc:
69:bc:b7:ea:19:02:52:d1:07:e2:af:73:3b:66:67:52:08:c7:
14:bf:b9:22:f2:90:d6:12:db:fd:fa:1b:8e:eb:51:44:65:03:
fd:7e:64:4e:1e:98:4c:49:2b:ec:2d:78:1b:ae:05:26:d2:4f:
a9:f2:51:21:48:0d:d4:2a:e0:77:53:0e:81:13:15:9d:df:8f:
f6:57:97:12:a8:2c:81:d4:26:15:ce:4c:e6:66:85:b2:65:2d:
c9:04:43:39:01:39:07:1e:5d:72:58:f5:42:a2:e6:74:0b:73:
26:fb:b5:95:7e:0e:67:20:d4:0c:60:9c:5d:da:26:5f:21:e7:
2e:fc:6c:ff:80:0f:af:05:cf:d0:82:b4:3b:e7:95:af:ef:04:
8f:60:bd:51:77:26:87:c3:b9:f4:00:96:45:d2:d3:d3:3d:5a:
70:61:45:41:b3:42:ae:f3:4f:72:11:7b:ea:38:50:a2:50:79:
75:3d:dd:51:6c:f4:c6:80:85:4c:e1:1f:53:a5:39:54:78:0e:
5e:23:dd:53
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOaUMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjIwMDQwMTA5WhcNMjUxMjEwMDQwMTA5WjAYMRYw
FAYDVQQDEw02NzY0ZWMwOC1hZTg3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApUtFBWwPJ5iJu8dIdtm9CzExNayQCSon/QZbDoXiEnC4biIqAxl2GNID
ETyiTh8rAkB/84SYeBi9gECqbt9RVF0o0IMYssZ0QDnyMTGaM77AsuKnnLj/Rm/y
amnlG1ewIltMgmW/ZyEVEJOutETCoH+Z8y1Fx4vrM/6WTrzNIdWWu9Joaxx6ozg8
4zB1Cf8r6esmgL/H/7ybLhtK76QsqvVp8fDlr/bUxqlOcw8dWRAo9JIgVtJVKhrs
yxZ37xdq1nMUCGg+Sk9PY2vrZ/MR185fUwIf5Qeew1E6roj/gFt+844ySfvz5zfc
g/xANg1EXQiyny5jatXvdDa8AdUcnwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBtI
seyRfde0ctE3u3ZYlwMd6u1dMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wRDU4RjRCRUJFODcxMUVGOTdERTY2NTM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc7NMA0GCSqGSIb3DQEBCwUA
A4IBAQAi47qDItPz9RdG20s1O1UTjSiy/+T5QW3wS8yrTcWBE3RRjxtqg2KTjP1T
wCQ42DfMfSgbG/xpvLfqGQJS0Qfir3M7ZmdSCMcUv7ki8pDWEtv9+huO61FEZQP9
fmROHphMSSvsLXgbrgUm0k+p8lEhSA3UKuB3Uw6BExWd34/2V5cSqCyB1CYVzkzm
ZoWyZS3JBEM5ATkHHl1yWPVCouZ0C3Mm+7WVfg5nINQMYJxd2iZfIecu/Gz/gA+v
Bc/QgrQ755Wv7wSPYL1RdyaHw7n0AJZF0tPTPVpwYUVBs0Ku809yEXvqOFCiUHl1
Pd1RbPTGgIVM4R9TpTlUeA5eI91T
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:58:51 2025 by rpki-client