Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1F635818BDC211EF8E38717C762E951A.roa
File: 1F635818BDC211EF8E38717C762E951A.roa (raw, json)
Hash identifier: r4itUlC0w7veV+IrjiNq+Jv2gy/C7HMXa7CZmRCUPaY=
Subject key identifier: A1:34:E7:6A:02:35:6C:9F:D1:D6:E4:83:18:E1:11:83:8B:E0:3E:CA
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E57B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1F635818BDC211EF8E38717C762E951A.roa
Signing time: Thu 19 Dec 2024 04:31:32 +0000
ROA not before: Thu 19 Dec 2024 04:31:28 +0000
ROA not after: Wed 10 Dec 2025 04:31:28 +0000
asID: 984
IP address blocks: 45.206.96.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58747 (0xe57b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 19 04:31:28 2024 GMT
Not After : Dec 10 04:31:28 2025 GMT
Subject: CN=6763a1a4-ba58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:12:81:4f:62:89:23:ae:99:a5:00:45:e0:77:
a4:c6:e2:75:ed:be:db:f5:4e:01:e5:7a:a9:9c:2f:
02:5b:0a:d0:fc:82:4c:68:cb:e9:fb:b0:8d:ed:97:
85:7c:f2:46:59:38:bd:2f:0b:a5:34:46:9d:8c:b3:
79:ba:16:69:01:e0:28:25:32:db:28:9e:4f:f6:df:
50:6e:61:40:95:74:4f:c4:a9:36:d6:94:0f:8d:5f:
b7:44:e3:68:77:74:26:06:97:57:bc:10:e1:e7:50:
e4:23:43:06:19:9c:ab:a5:18:e4:3f:30:c2:2c:aa:
54:fa:7c:83:66:d7:1c:2c:71:b7:2d:d9:97:e2:54:
d4:bb:43:38:d6:57:b0:23:a7:ca:a3:84:70:c4:a8:
aa:31:9f:0d:2e:86:d2:d4:71:e8:2c:0d:e8:db:d7:
35:28:78:d8:75:92:22:9c:46:89:24:76:59:1a:38:
e1:bd:a8:1a:78:84:0d:b2:ee:5d:a2:71:c4:e1:df:
2a:36:97:5a:c6:8f:a7:59:56:5e:a1:5e:11:66:c7:
82:ea:f6:77:f1:4b:42:2d:18:aa:76:3f:3d:c5:65:
cb:aa:e6:a4:38:c5:7b:fb:94:5a:81:85:29:42:2c:
15:d1:35:3b:a7:1a:cf:e2:a7:9a:e7:42:e6:ec:84:
4a:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:34:E7:6A:02:35:6C:9F:D1:D6:E4:83:18:E1:11:83:8B:E0:3E:CA
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1F635818BDC211EF8E38717C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.206.96.0/24
Signature Algorithm: sha256WithRSAEncryption
44:69:fb:27:d5:21:33:72:fa:19:bb:21:a4:89:f4:0a:80:63:
90:04:11:e7:11:09:b6:72:f2:e2:86:2b:9d:05:35:78:f0:39:
c2:36:35:08:aa:f9:ab:7d:ef:8c:89:1b:45:4f:06:bc:42:2e:
09:5f:97:e7:8d:f0:10:a8:c6:e8:64:36:9f:aa:05:ec:03:59:
bb:14:3e:54:b7:95:d3:6b:ee:fa:9c:03:a0:67:09:93:31:b3:
d6:b5:47:fc:96:8c:f5:4d:90:f5:23:8b:ce:64:b9:fa:a2:22:
89:48:15:b6:02:5a:ac:c0:c7:91:79:ee:c8:5c:09:4a:0e:6a:
26:7c:c9:f8:0a:9f:1f:9b:2c:fe:87:4c:f1:f5:c2:a7:0b:75:
61:51:fa:15:48:d3:b4:8c:99:69:9f:97:d8:59:2d:d9:8d:1a:
4c:80:44:ca:1b:fc:d7:97:df:11:8f:49:cc:40:4c:d9:dc:23:
97:25:6f:23:8e:43:dd:be:a3:59:3a:3c:5b:bd:b0:98:5d:60:
00:40:be:5a:32:b3:23:ae:50:65:ce:98:96:40:d3:3b:b9:77:
76:ed:42:5f:17:2f:b8:9a:ae:02:d3:ef:12:d2:98:3d:00:b5:
48:c9:4c:5c:62:1f:65:18:68:73:ee:f1:f3:d8:03:f4:f8:04:
d9:ec:80:ff
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOV7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjE5MDQzMTI4WhcNMjUxMjEwMDQzMTI4WjAYMRYw
FAYDVQQDEw02NzYzYTFhNC1iYTU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyRKBT2KJI66ZpQBF4HekxuJ17b7b9U4B5XqpnC8CWwrQ/IJMaMvp+7CN
7ZeFfPJGWTi9LwulNEadjLN5uhZpAeAoJTLbKJ5P9t9QbmFAlXRPxKk21pQPjV+3
RONod3QmBpdXvBDh51DkI0MGGZyrpRjkPzDCLKpU+nyDZtccLHG3LdmX4lTUu0M4
1lewI6fKo4RwxKiqMZ8NLobS1HHoLA3o29c1KHjYdZIinEaJJHZZGjjhvagaeIQN
su5donHE4d8qNpdaxo+nWVZeoV4RZseC6vZ38UtCLRiqdj89xWXLquakOMV7+5Ra
gYUpQiwV0TU7pxrP4qea50Lm7IRKcQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKE0
52oCNWyf0dbkgxjhEYOL4D7KMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xRjYzNTgxOEJEQzIxMUVGOEUzODcxN0M3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc5gMA0GCSqGSIb3DQEBCwUA
A4IBAQBEafsn1SEzcvoZuyGkifQKgGOQBBHnEQm2cvLihiudBTV48DnCNjUIqvmr
fe+MiRtFTwa8Qi4JX5fnjfAQqMboZDafqgXsA1m7FD5Ut5XTa+76nAOgZwmTMbPW
tUf8loz1TZD1I4vOZLn6oiKJSBW2AlqswMeRee7IXAlKDmomfMn4Cp8fmyz+h0zx
9cKnC3VhUfoVSNO0jJlpn5fYWS3ZjRpMgETKG/zXl98Rj0nMQEzZ3COXJW8jjkPd
vqNZOjxbvbCYXWAAQL5aMrMjrlBlzpiWQNM7uXd27UJfFy+4mq4C0+8S0pg9ALVI
yUxcYh9lGGhz7vHz2AP0+ATZ7ID/
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:46:40 2025 by rpki-client