Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1CDF6448BE7A11EFA811A679762E951A.roa
File: 1CDF6448BE7A11EFA811A679762E951A.roa (raw, json)
Hash identifier: Hb7HAH+8dagcs/1ZHNYAD1f000eNofBqJsFmnLIWkzo=
Subject key identifier: 94:25:B9:11:BF:69:B8:23:12:B2:31:AC:11:02:4D:79:CA:B0:8E:AD
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E658
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1CDF6448BE7A11EFA811A679762E951A.roa
Signing time: Fri 20 Dec 2024 02:28:35 +0000
ROA not before: Fri 20 Dec 2024 02:28:31 +0000
ROA not after: Wed 10 Dec 2025 02:28:31 +0000
asID: 984
IP address blocks: 45.206.173.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58968 (0xe658)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 20 02:28:31 2024 GMT
Not After : Dec 10 02:28:31 2025 GMT
Subject: CN=6764d653-de2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:18:24:8d:cd:1b:44:d2:4f:4a:ef:1b:c2:78:
8b:5c:69:9a:d5:5d:a8:c4:9f:ea:b7:07:8c:e7:d8:
67:23:4d:ee:55:4e:1b:86:60:df:55:26:e9:43:10:
13:0b:ad:3e:f3:9e:b9:61:4a:3b:49:48:e1:dc:2d:
e4:51:e5:99:e4:45:2a:37:3d:2a:f2:e5:06:f2:ec:
23:5c:37:56:c6:81:26:2f:e1:32:84:22:7f:c0:b6:
bc:2d:0d:c8:0f:2b:5a:a6:47:44:54:57:6d:df:b6:
8a:c8:b5:17:0b:ed:19:c9:55:be:b9:29:5a:91:47:
d1:e2:84:c7:73:e9:74:6c:e9:2a:fc:c8:4d:de:49:
78:16:31:ad:20:aa:0e:6c:ee:9e:aa:b1:a7:f8:c1:
68:ae:84:58:cc:95:2f:c4:5d:92:9e:45:32:07:96:
68:c3:7a:b0:0b:9e:3f:bf:fa:9f:f1:65:c9:01:0b:
d3:fb:26:ad:6a:9d:f7:ed:25:79:86:dd:b0:d8:ff:
9b:eb:13:19:6a:f9:64:f9:03:52:bf:85:74:87:8b:
49:d0:53:7b:35:35:1d:43:53:08:70:c7:50:11:5b:
ba:40:9d:41:de:e9:43:df:40:d6:92:c4:74:b7:b6:
7a:2d:e5:33:8b:54:b7:af:d1:67:e1:00:16:d9:06:
f7:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:25:B9:11:BF:69:B8:23:12:B2:31:AC:11:02:4D:79:CA:B0:8E:AD
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1CDF6448BE7A11EFA811A679762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.206.173.0/24
Signature Algorithm: sha256WithRSAEncryption
09:f0:0c:83:81:3e:48:0f:b3:25:ac:0a:c0:d8:19:22:f9:03:
b5:4a:fa:08:ee:1f:15:05:86:e7:91:25:d8:8a:bb:bb:71:c9:
5f:bf:13:cd:44:e9:27:d8:7e:51:ea:57:3a:0e:64:de:4a:25:
41:b5:ac:ba:60:4c:0e:73:26:93:07:5d:6d:c6:74:a2:b8:04:
84:4e:81:34:d0:20:7d:0d:50:15:a1:52:64:49:18:0a:33:62:
e5:d5:67:62:e3:f8:5a:6b:cb:4c:c5:38:49:e0:28:f2:0c:ed:
5b:a1:03:83:96:6e:bd:d1:3b:34:13:53:87:f2:d0:0b:32:72:
87:70:33:a8:40:63:ce:8d:b6:16:ee:ce:f7:80:b1:36:58:0a:
ac:d6:c5:a3:ec:9d:6f:eb:3f:52:5c:9c:ab:29:a2:a7:be:8c:
2d:26:de:54:1d:ce:48:18:cf:aa:db:44:ef:ae:6a:d2:0c:7c:
a5:7d:38:eb:73:5e:1f:77:c7:b0:59:37:6b:da:4f:49:76:dc:
1a:79:d0:12:c0:0e:d5:99:ce:b9:25:02:4a:89:28:f0:cd:f6:
a7:0c:1c:1d:36:2e:e6:97:73:6d:57:9f:08:d6:17:f0:d0:5d:
bc:71:ea:28:c0:b8:d5:48:45:71:cb:70:46:34:1a:09:a6:35:
2b:b4:86:d0
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOZYMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjIwMDIyODMxWhcNMjUxMjEwMDIyODMxWjAYMRYw
FAYDVQQDEw02NzY0ZDY1My1kZTJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3Bgkjc0bRNJPSu8bwniLXGma1V2oxJ/qtweM59hnI03uVU4bhmDfVSbp
QxATC60+8565YUo7SUjh3C3kUeWZ5EUqNz0q8uUG8uwjXDdWxoEmL+EyhCJ/wLa8
LQ3IDytapkdEVFdt37aKyLUXC+0ZyVW+uSlakUfR4oTHc+l0bOkq/MhN3kl4FjGt
IKoObO6eqrGn+MForoRYzJUvxF2SnkUyB5Zow3qwC54/v/qf8WXJAQvT+yatap33
7SV5ht2w2P+b6xMZavlk+QNSv4V0h4tJ0FN7NTUdQ1MIcMdQEVu6QJ1B3ulD30DW
ksR0t7Z6LeUzi1S3r9Fn4QAW2Qb3qwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJQl
uRG/abgjErIxrBECTXnKsI6tMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xQ0RGNjQ0OEJFN0ExMUVGQTgxMUE2Nzk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc6tMA0GCSqGSIb3DQEBCwUA
A4IBAQAJ8AyDgT5ID7MlrArA2Bki+QO1SvoI7h8VBYbnkSXYiru7cclfvxPNROkn
2H5R6lc6DmTeSiVBtay6YEwOcyaTB11txnSiuASEToE00CB9DVAVoVJkSRgKM2Ll
1Wdi4/haa8tMxThJ4CjyDO1boQODlm690Ts0E1OH8tALMnKHcDOoQGPOjbYW7s73
gLE2WAqs1sWj7J1v6z9SXJyrKaKnvowtJt5UHc5IGM+q20TvrmrSDHylfTjrc14f
d8ewWTdr2k9JdtwaedASwA7Vmc65JQJKiSjwzfanDBwdNi7ml3NtV58I1hfw0F28
ceoowLjVSEVxy3BGNBoJpjUrtIbQ
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:43:11 2025 by rpki-client