Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0F11AC90BE8E11EFA38C337E762E951A.roa
File: 0F11AC90BE8E11EFA38C337E762E951A.roa (raw, json)
Hash identifier: Dtv09863am0aryqWuZPpUulQUViR2DZ01QiIg5ic7Xc=
Subject key identifier: 11:27:61:14:FA:F3:2C:71:CB:E4:80:F1:B6:95:51:00:88:9D:A8:63
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E6E8
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0F11AC90BE8E11EFA38C337E762E951A.roa
Signing time: Fri 20 Dec 2024 04:51:22 +0000
ROA not before: Fri 20 Dec 2024 04:51:18 +0000
ROA not after: Wed 10 Dec 2025 04:51:18 +0000
asID: 984
IP address blocks: 45.206.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59112 (0xe6e8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 20 04:51:18 2024 GMT
Not After : Dec 10 04:51:18 2025 GMT
Subject: CN=6764f7ca-ea93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:71:79:4e:13:db:ca:36:c8:eb:db:af:8c:5c:
cf:bf:b6:28:65:79:db:6b:f5:43:ab:39:2e:a4:8a:
0c:58:74:6d:c8:4e:af:71:cb:a1:c5:c1:b3:4e:b1:
a5:ea:99:c8:12:62:cb:82:9a:7b:12:e0:ab:10:77:
e9:90:08:67:ba:ec:ea:42:c2:db:1d:6e:82:c7:17:
80:e9:5d:c6:01:2b:58:cf:2f:d7:e8:93:45:d6:41:
f3:26:55:6c:de:7f:09:bf:77:c8:a8:76:c3:f1:2c:
c5:b8:3c:19:48:6c:35:8c:47:46:cd:c1:67:d9:86:
3a:76:9a:ce:9a:52:15:69:d1:a0:60:7b:1a:36:78:
a4:92:34:36:16:2b:69:47:97:d1:ab:b0:f2:64:c8:
ed:7d:6e:08:1d:25:b9:e9:04:85:69:bc:21:2b:41:
59:4f:fd:74:38:d8:cc:2e:92:1d:7d:84:85:1b:89:
ee:00:cb:aa:5b:f1:2b:ed:cb:b2:47:29:05:11:58:
f2:93:fe:0f:84:86:df:dc:35:ec:aa:96:29:08:75:
ad:a7:2a:0f:03:e4:b6:e9:c4:7f:dc:d5:07:28:1f:
16:53:ea:e4:bc:30:63:77:cc:fb:92:c1:a1:1d:0e:
ab:63:8c:f3:94:9a:e3:aa:65:47:67:db:c2:e4:9f:
7d:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:27:61:14:FA:F3:2C:71:CB:E4:80:F1:B6:95:51:00:88:9D:A8:63
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0F11AC90BE8E11EFA38C337E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.206.247.0/24
Signature Algorithm: sha256WithRSAEncryption
66:0a:1f:87:11:c9:8a:b7:24:32:94:5c:9f:8e:17:2f:c4:a4:
90:16:50:11:2e:35:97:6e:20:bd:b7:da:1b:30:d8:a3:27:25:
c4:a3:0f:fa:2b:2c:01:6a:f1:a6:12:4f:53:1c:48:fa:18:4c:
54:10:fd:80:a8:e9:2f:36:89:ec:8b:e8:b0:6a:5e:d5:52:56:
7d:5f:4d:a7:20:b9:20:28:3c:d8:3e:8d:c7:81:13:51:3b:68:
e9:ef:1a:e8:3b:1c:74:94:6c:c0:2d:23:6b:0e:be:ae:12:70:
74:db:9f:41:4a:2e:c1:71:ef:da:ce:79:af:02:08:92:9c:c3:
f6:60:19:8f:08:83:eb:38:dc:22:aa:ca:1e:77:09:27:f6:7d:
98:71:67:83:a7:4e:36:26:61:1d:5a:61:5e:1c:9b:bf:6c:c6:
dc:17:91:b7:0b:4b:55:14:2a:bd:8b:d9:6d:b3:2f:b6:cb:4e:
83:2f:2c:dc:82:d1:be:a3:b2:42:c7:83:02:6a:9e:83:d1:7a:
be:db:74:f0:3e:b5:28:af:cb:16:55:6c:88:51:64:e9:da:8c:
a6:0c:c4:cb:61:d7:b8:8f:b1:5c:0e:24:b6:d5:8c:ab:75:28:
01:9f:ed:59:9a:76:5d:2c:ff:d7:b7:5d:9c:bb:20:f2:1d:44:
a9:25:77:68
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOboMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjIwMDQ1MTE4WhcNMjUxMjEwMDQ1MTE4WjAYMRYw
FAYDVQQDEw02NzY0ZjdjYS1lYTkzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnnF5ThPbyjbI69uvjFzPv7YoZXnba/VDqzkupIoMWHRtyE6vccuhxcGz
TrGl6pnIEmLLgpp7EuCrEHfpkAhnuuzqQsLbHW6CxxeA6V3GAStYzy/X6JNF1kHz
JlVs3n8Jv3fIqHbD8SzFuDwZSGw1jEdGzcFn2YY6dprOmlIVadGgYHsaNnikkjQ2
FitpR5fRq7DyZMjtfW4IHSW56QSFabwhK0FZT/10ONjMLpIdfYSFG4nuAMuqW/Er
7cuyRykFEVjyk/4PhIbf3DXsqpYpCHWtpyoPA+S26cR/3NUHKB8WU+rkvDBjd8z7
ksGhHQ6rY4zzlJrjqmVHZ9vC5J99NQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBEn
YRT68yxxy+SA8baVUQCInahjMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wRjExQUM5MEJFOEUxMUVGQTM4QzMzN0U3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc73MA0GCSqGSIb3DQEBCwUA
A4IBAQBmCh+HEcmKtyQylFyfjhcvxKSQFlARLjWXbiC9t9obMNijJyXEow/6KywB
avGmEk9THEj6GExUEP2AqOkvNonsi+iwal7VUlZ9X02nILkgKDzYPo3HgRNRO2jp
7xroOxx0lGzALSNrDr6uEnB0259BSi7Bce/aznmvAgiSnMP2YBmPCIPrONwiqsoe
dwkn9n2YcWeDp042JmEdWmFeHJu/bMbcF5G3C0tVFCq9i9ltsy+2y06DLyzcgtG+
o7JCx4MCap6D0Xq+23TwPrUor8sWVWyIUWTp2oymDMTLYde4j7FcDiS21YyrdSgB
n+1ZmnZdLP/Xt12cuyDyHUSpJXdo
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:49:10 2025 by rpki-client