Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/24EE7F0EBDC411EF86D8238A762E951A.roa
File: 24EE7F0EBDC411EF86D8238A762E951A.roa (raw, json)
Hash identifier: ZTXDIH9hGwqMWXofLvQNxRYF73m0a2s8WMM9hceB59o=
Subject key identifier: 42:CC:C6:54:A2:A4:2E:32:15:EA:CA:8D:B3:C9:5A:51:7E:30:EA:F0
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E593
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/24EE7F0EBDC411EF86D8238A762E951A.roa
Signing time: Thu 19 Dec 2024 04:46:00 +0000
ROA not before: Thu 19 Dec 2024 04:45:57 +0000
ROA not after: Wed 10 Dec 2025 04:45:57 +0000
asID: 984
IP address blocks: 45.206.108.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58771 (0xe593)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 19 04:45:57 2024 GMT
Not After : Dec 10 04:45:57 2025 GMT
Subject: CN=6763a508-b2e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:a9:11:87:73:0c:6a:fc:eb:58:b7:19:67:79:
27:37:82:cf:79:9b:c3:cc:c6:7d:44:8b:bb:f7:fa:
35:66:0f:9f:92:56:3a:51:a3:03:d1:ee:5e:3d:e5:
55:2d:49:92:56:ec:0e:b0:1a:d9:9b:2d:02:d9:69:
94:78:91:6e:a6:cd:df:18:7b:ad:79:c2:1a:b5:f3:
ba:5c:a5:fb:6b:0e:53:82:76:11:ee:52:0b:3a:52:
cd:de:90:5a:5a:cb:a6:35:5f:6d:22:77:d5:92:03:
91:49:6c:2e:6f:6e:cf:28:21:4f:d3:3f:d6:2b:8c:
5b:c6:ad:02:1a:d8:7c:ce:b4:a5:66:a2:f2:79:3d:
84:15:ad:9a:23:9c:a0:ee:ff:7b:ca:ad:5b:0b:d1:
26:76:93:ee:a0:05:d7:5c:45:46:20:d1:c6:53:72:
fd:8f:73:67:0d:f8:db:ca:9b:3c:67:ee:a6:2d:6f:
b9:20:58:55:8b:b2:96:fd:2d:87:5e:cd:09:37:7d:
3d:1f:61:cd:9e:ee:55:6b:d6:82:8a:8d:40:fe:26:
c3:6a:7a:ca:40:2e:1a:ec:69:6e:2a:fa:5b:7a:8a:
5b:f2:42:68:f8:5f:f3:16:b5:13:22:3a:64:70:5e:
d3:40:78:a2:e4:16:47:c7:60:dc:12:c4:ec:d2:0e:
6d:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:CC:C6:54:A2:A4:2E:32:15:EA:CA:8D:B3:C9:5A:51:7E:30:EA:F0
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/24EE7F0EBDC411EF86D8238A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.206.108.0/24
Signature Algorithm: sha256WithRSAEncryption
41:df:56:af:b0:33:91:e0:cb:8f:79:54:59:c4:e0:29:2b:ee:
7e:24:03:c6:29:72:6d:54:95:1a:7c:d9:c1:0e:16:d0:db:e5:
12:14:b9:90:c5:5b:f7:d5:26:a9:b4:61:97:0b:cf:d6:ec:84:
16:06:eb:93:36:97:9d:cd:48:7f:eb:61:44:fa:a3:0f:b3:66:
48:b9:a8:fe:9f:38:8d:71:87:7f:93:db:3e:41:15:f4:14:f7:
75:1c:80:70:b7:f9:24:32:b5:11:27:5c:c2:03:b6:b8:59:b0:
b4:5c:93:28:6e:04:4b:88:22:c1:fe:4b:52:91:79:6a:b6:f3:
5c:f7:7c:70:5f:7d:73:4d:77:ed:8a:82:96:8b:c4:a1:e4:63:
4c:2f:2e:c2:fa:fd:86:a3:7c:65:33:e7:0a:8a:99:55:71:ac:
f7:e5:2e:78:70:94:84:c2:4f:83:d9:8e:01:70:67:71:24:c0:
f5:39:43:42:8b:8d:29:c2:8d:e8:c5:62:ae:54:30:11:53:5a:
c5:e5:39:89:1b:6f:34:0a:66:df:6e:c8:b6:9c:b1:59:d6:e4:
c6:8f:98:5c:20:b0:ce:43:80:65:b1:29:76:bd:01:9b:ee:09:
09:fc:7e:ee:5a:aa:96:fe:57:9c:f7:30:ec:d5:2c:f8:74:c4:
a7:03:c8:ac
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOWTMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjE5MDQ0NTU3WhcNMjUxMjEwMDQ0NTU3WjAYMRYw
FAYDVQQDEw02NzYzYTUwOC1iMmU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAu6kRh3MMavzrWLcZZ3knN4LPeZvDzMZ9RIu79/o1Zg+fklY6UaMD0e5e
PeVVLUmSVuwOsBrZmy0C2WmUeJFups3fGHutecIatfO6XKX7aw5TgnYR7lILOlLN
3pBaWsumNV9tInfVkgORSWwub27PKCFP0z/WK4xbxq0CGth8zrSlZqLyeT2EFa2a
I5yg7v97yq1bC9EmdpPuoAXXXEVGINHGU3L9j3NnDfjbyps8Z+6mLW+5IFhVi7KW
/S2HXs0JN309H2HNnu5Va9aCio1A/ibDanrKQC4a7GluKvpbeopb8kJo+F/zFrUT
IjpkcF7TQHii5BZHx2DcEsTs0g5tgwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFELM
xlSipC4yFerKjbPJWlF+MOrwMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yNEVFN0YwRUJEQzQxMUVGODZEODIzOEE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc5sMA0GCSqGSIb3DQEBCwUA
A4IBAQBB31avsDOR4MuPeVRZxOApK+5+JAPGKXJtVJUafNnBDhbQ2+USFLmQxVv3
1SaptGGXC8/W7IQWBuuTNpedzUh/62FE+qMPs2ZIuaj+nziNcYd/k9s+QRX0FPd1
HIBwt/kkMrURJ1zCA7a4WbC0XJMobgRLiCLB/ktSkXlqtvNc93xwX31zTXftioKW
i8Sh5GNMLy7C+v2Go3xlM+cKiplVcaz35S54cJSEwk+D2Y4BcGdxJMD1OUNCi40p
wo3oxWKuVDARU1rF5TmJG280Cmbfbsi2nLFZ1uTGj5hcILDOQ4BlsSl2vQGb7gkJ
/H7uWqqW/lec9zDs1Sz4dMSnA8is
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:51:52 2025 by rpki-client