Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/13701B2ABE8C11EF8F8C8171762E951A.roa
File: 13701B2ABE8C11EF8F8C8171762E951A.roa (raw, json)
Hash identifier: 6MwqfBUufxGO+xMYhKrXJZ68OBfiELeOIw2NLL12UDo=
Subject key identifier: A9:47:1E:5B:F4:32:07:9E:F4:5F:0B:01:81:0F:7F:EC:B6:52:F9:6F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E6D0
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/13701B2ABE8C11EF8F8C8171762E951A.roa
Signing time: Fri 20 Dec 2024 04:37:10 +0000
ROA not before: Fri 20 Dec 2024 04:37:07 +0000
ROA not after: Wed 10 Dec 2025 04:37:07 +0000
asID: 984
IP address blocks: 45.206.235.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59088 (0xe6d0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 20 04:37:07 2024 GMT
Not After : Dec 10 04:37:07 2025 GMT
Subject: CN=6764f476-3a51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:66:77:88:44:ae:d5:e0:f0:28:ef:6e:b5:ec:
7b:e2:bc:ac:a8:b6:5c:f5:46:79:c2:5f:ec:ec:cc:
13:ff:55:0c:5a:ca:fc:64:6d:d1:da:68:1c:f0:80:
60:47:8b:7a:bd:55:f9:bb:72:46:2e:a4:bc:28:18:
af:81:78:c9:17:e6:29:cd:f7:b4:d8:74:b8:74:2b:
2e:d4:c9:b1:77:f0:ef:7d:4c:38:f1:af:50:b1:d6:
10:dc:ae:08:08:32:65:e3:b7:8c:26:25:cd:61:67:
50:ac:43:78:51:95:d3:2d:c8:d6:13:31:10:e6:bf:
14:17:a2:91:da:46:f3:b9:97:4e:d0:78:4b:88:6e:
a3:92:8f:94:10:16:fe:3c:2f:5c:7d:ce:95:21:de:
24:30:7a:62:75:61:22:4e:59:70:92:6e:39:fc:2b:
21:38:1c:4b:71:62:fd:47:c9:93:c0:b7:fe:c9:67:
97:7e:98:d7:c7:44:1f:b7:83:8e:c3:7a:e3:73:ab:
11:8d:3b:c1:ec:2b:17:cd:98:81:05:7b:2a:c9:93:
2f:45:82:9c:92:e8:b2:3f:c9:ba:04:1b:a8:27:04:
c3:c7:60:af:bb:d9:52:34:02:01:81:90:60:a1:b7:
14:2e:66:d1:33:9f:40:78:54:49:33:4a:7f:1b:24:
1f:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:47:1E:5B:F4:32:07:9E:F4:5F:0B:01:81:0F:7F:EC:B6:52:F9:6F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/13701B2ABE8C11EF8F8C8171762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.206.235.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:c1:7e:a2:bd:53:09:b6:23:7c:13:a2:30:e7:48:a7:99:97:
22:59:e4:37:a3:ac:ef:39:98:e8:91:2e:f2:8f:b9:2c:11:09:
51:6a:6d:a4:91:3d:32:9b:37:b3:65:89:b4:75:f5:b0:8f:ea:
d7:5a:ef:be:ab:3b:2e:7b:64:b6:dd:e3:4d:a2:77:3f:04:d6:
da:8f:5d:d6:11:b6:47:0a:d3:0d:33:02:50:e4:95:d5:17:a9:
ca:67:47:a0:a4:a5:ef:b1:d3:35:22:f3:c3:4a:53:1e:29:bb:
23:8d:30:b3:f4:04:e0:aa:a0:11:f5:2e:d1:fa:a6:27:7f:6d:
ee:95:a5:37:c9:ce:87:ed:c3:50:08:25:61:8e:2f:52:83:f9:
d9:ee:44:c9:41:a0:09:5a:b0:ed:e0:f5:68:34:b6:55:b9:d7:
1b:d5:43:03:61:24:63:d1:ea:17:82:26:22:39:db:27:9a:bc:
3c:c6:fe:83:a7:6c:fc:a3:0b:75:68:ad:44:11:19:19:64:ab:
5f:03:f5:00:33:59:a8:55:30:9f:9f:e1:a8:a8:c9:b0:87:a9:
68:a4:70:cf:d0:fc:36:01:b8:34:d6:fa:04:8f:9b:b0:0f:d6:
22:11:c2:61:6f:2c:8c:14:0e:dd:ac:6c:c9:54:47:4f:a3:6b:
e4:5d:13:5d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAObQMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjIwMDQzNzA3WhcNMjUxMjEwMDQzNzA3WjAYMRYw
FAYDVQQDEw02NzY0ZjQ3Ni0zYTUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoGZ3iESu1eDwKO9utex74rysqLZc9UZ5wl/s7MwT/1UMWsr8ZG3R2mgc
8IBgR4t6vVX5u3JGLqS8KBivgXjJF+Ypzfe02HS4dCsu1Mmxd/DvfUw48a9QsdYQ
3K4ICDJl47eMJiXNYWdQrEN4UZXTLcjWEzEQ5r8UF6KR2kbzuZdO0HhLiG6jko+U
EBb+PC9cfc6VId4kMHpidWEiTllwkm45/CshOBxLcWL9R8mTwLf+yWeXfpjXx0Qf
t4OOw3rjc6sRjTvB7CsXzZiBBXsqyZMvRYKckuiyP8m6BBuoJwTDx2Cvu9lSNAIB
gZBgobcULmbRM59AeFRJM0p/GyQfPQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKlH
Hlv0Mgee9F8LAYEPf+y2UvlvMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xMzcwMUIyQUJFOEMxMUVGOEY4QzgxNzE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc7rMA0GCSqGSIb3DQEBCwUA
A4IBAQCuwX6ivVMJtiN8E6Iw50inmZciWeQ3o6zvOZjokS7yj7ksEQlRam2kkT0y
mzezZYm0dfWwj+rXWu++qzsue2S23eNNonc/BNbaj13WEbZHCtMNMwJQ5JXVF6nK
Z0egpKXvsdM1IvPDSlMeKbsjjTCz9ATgqqAR9S7R+qYnf23ulaU3yc6H7cNQCCVh
ji9Sg/nZ7kTJQaAJWrDt4PVoNLZVudcb1UMDYSRj0eoXgiYiOdsnmrw8xv6Dp2z8
owt1aK1EERkZZKtfA/UAM1moVTCfn+GoqMmwh6lopHDP0Pw2Abg01voEj5uwD9Yi
EcJhbyyMFA7drGzJVEdPo2vkXRNd
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:35:57 2025 by rpki-client