Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/12F3C58ABE8611EF9210DC4C762E951A.roa
File: 12F3C58ABE8611EF9210DC4C762E951A.roa (raw, json)
Hash identifier: J9yMOGX37u/vMzs163bDVgjpPECisdTft1PXw6Gp2i4=
Subject key identifier: B0:06:49:30:14:76:44:C9:0D:B9:E2:C6:A6:94:BE:FC:F7:6A:61:4E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E688
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/12F3C58ABE8611EF9210DC4C762E951A.roa
Signing time: Fri 20 Dec 2024 03:54:12 +0000
ROA not before: Fri 20 Dec 2024 03:54:09 +0000
ROA not after: Wed 10 Dec 2025 03:54:09 +0000
asID: 984
IP address blocks: 45.206.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59016 (0xe688)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 20 03:54:09 2024 GMT
Not After : Dec 10 03:54:09 2025 GMT
Subject: CN=6764ea64-82b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:18:bb:49:4d:9d:99:6a:53:0e:82:86:70:31:
08:7e:bb:7c:93:c8:0e:8a:96:04:3a:00:66:89:3c:
b4:fb:54:cc:32:76:89:05:f3:60:1b:1d:79:b9:58:
55:e4:06:15:eb:c5:01:99:38:3d:a8:1e:5f:29:46:
3a:c3:2a:7f:09:f9:4b:08:ce:e3:05:d2:05:0e:e6:
b5:fe:5c:33:47:94:d5:ab:fa:33:be:da:06:d9:08:
df:c8:a8:17:13:9b:28:88:17:59:af:d7:1c:d5:1c:
54:3f:14:89:36:fb:76:8e:c1:98:97:a3:c3:74:45:
23:e2:10:60:a3:43:0a:6b:77:74:ce:41:f3:5f:e9:
04:f1:e3:f5:b3:0c:3c:0e:c3:5c:5b:98:c7:35:6f:
27:af:1d:62:bc:75:62:fa:b7:ec:05:24:c1:42:d0:
01:4a:fd:f4:97:1c:a4:03:3d:3a:7a:76:9e:5e:d2:
03:aa:d4:9e:57:d5:46:a7:6c:2b:ad:69:12:f4:4e:
42:6d:b9:d0:b2:62:58:15:45:d7:da:79:50:45:e4:
92:11:c2:bc:01:44:13:8c:55:31:67:b8:69:c8:62:
60:e1:72:43:a4:ba:89:66:fe:63:16:b1:9b:a7:4c:
d3:88:42:cf:e1:e3:e0:bb:8e:04:dd:b2:46:6c:22:
b8:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:06:49:30:14:76:44:C9:0D:B9:E2:C6:A6:94:BE:FC:F7:6A:61:4E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/12F3C58ABE8611EF9210DC4C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.206.199.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:23:73:4a:0d:c7:37:27:13:10:53:e5:47:27:65:9c:25:fe:
a9:a7:77:56:10:b7:8a:93:5a:6d:26:69:50:ef:1d:4a:da:f6:
03:39:07:21:b9:69:ce:9a:51:4c:a4:bb:29:1f:b8:4a:86:da:
12:2b:17:5f:45:49:8f:b5:a9:ff:05:c2:78:44:d2:2a:51:02:
7a:e5:c9:04:6a:7f:b3:65:e3:a8:4f:42:64:55:25:b6:fb:a4:
99:dc:4d:81:d4:de:c3:d5:92:1c:c5:cf:67:2a:90:01:b3:f1:
a9:cb:42:15:e8:cb:15:0f:ef:8b:31:1f:a6:0d:98:22:85:78:
0b:cb:c0:e0:a0:52:27:aa:4e:f9:71:8c:b9:b1:14:e7:b1:c6:
62:74:35:9d:8f:aa:e9:76:06:ea:8e:e1:dc:43:e1:30:3e:d3:
36:52:de:0d:fb:98:6c:9c:61:d6:48:8e:89:c4:76:da:52:e0:
40:4d:34:8b:15:e8:12:0e:7b:7b:5d:44:98:5d:56:cf:a0:fc:
4a:61:17:7e:ca:3c:2f:c5:7d:83:52:4c:42:22:69:a6:6f:8a:
2f:a7:5e:de:a5:b1:84:4a:db:a3:d9:ce:32:4b:8b:fb:31:58:
97:94:22:71:0f:08:0c:47:3b:c4:b1:76:2e:f2:3d:38:55:af:
97:4d:70:30
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOaIMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjIwMDM1NDA5WhcNMjUxMjEwMDM1NDA5WjAYMRYw
FAYDVQQDEw02NzY0ZWE2NC04MmI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzhi7SU2dmWpTDoKGcDEIfrt8k8gOipYEOgBmiTy0+1TMMnaJBfNgGx15
uVhV5AYV68UBmTg9qB5fKUY6wyp/CflLCM7jBdIFDua1/lwzR5TVq/ozvtoG2Qjf
yKgXE5soiBdZr9cc1RxUPxSJNvt2jsGYl6PDdEUj4hBgo0MKa3d0zkHzX+kE8eP1
sww8DsNcW5jHNW8nrx1ivHVi+rfsBSTBQtABSv30lxykAz06enaeXtIDqtSeV9VG
p2wrrWkS9E5CbbnQsmJYFUXX2nlQReSSEcK8AUQTjFUxZ7hpyGJg4XJDpLqJZv5j
FrGbp0zTiELP4ePgu44E3bJGbCK4WQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLAG
STAUdkTJDbnixqaUvvz3amFOMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xMkYzQzU4QUJFODYxMUVGOTIxMERDNEM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc7HMA0GCSqGSIb3DQEBCwUA
A4IBAQB/I3NKDcc3JxMQU+VHJ2WcJf6pp3dWELeKk1ptJmlQ7x1K2vYDOQchuWnO
mlFMpLspH7hKhtoSKxdfRUmPtan/BcJ4RNIqUQJ65ckEan+zZeOoT0JkVSW2+6SZ
3E2B1N7D1ZIcxc9nKpABs/Gpy0IV6MsVD++LMR+mDZgihXgLy8DgoFInqk75cYy5
sRTnscZidDWdj6rpdgbqjuHcQ+EwPtM2Ut4N+5hsnGHWSI6JxHbaUuBATTSLFegS
Dnt7XUSYXVbPoPxKYRd+yjwvxX2DUkxCImmmb4ovp17epbGEStuj2c4yS4v7MViX
lCJxDwgMRzvEsXYu8j04Va+XTXAw
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:51:50 2025 by rpki-client