Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/250608E2CF5B11EFBF28BCB3762E951A.roa
File: 250608E2CF5B11EFBF28BCB3762E951A.roa (raw, json)
Hash identifier: 7BdZecs0ZJiJoOwQsAfgyybf27kzeb2+VzvCd0Upf98=
Subject key identifier: 61:51:54:CC:22:B4:44:F6:CF:C1:7A:17:11:5B:EA:CE:93:0B:B0:BE
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010549
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/250608E2CF5B11EFBF28BCB3762E951A.roa
Signing time: Fri 10 Jan 2025 13:59:44 +0000
ROA not before: Fri 10 Jan 2025 13:59:40 +0000
ROA not after: Wed 10 Dec 2025 13:59:40 +0000
asID: 984
IP address blocks: 45.206.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66889 (0x10549)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 10 13:59:40 2025 GMT
Not After : Dec 10 13:59:40 2025 GMT
Subject: CN=678127d0-70c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:24:47:57:6c:30:91:18:26:d4:7f:53:c4:dc:
92:cf:7a:5c:d8:eb:c0:f3:44:f8:65:11:c2:6d:19:
92:a7:ed:ff:1b:18:d3:c4:7e:fc:c6:85:88:af:62:
f7:78:1d:cd:0d:1c:3c:0c:81:8d:bf:91:d0:4f:ba:
cc:e4:94:b4:3f:16:cd:4b:8a:7c:b7:d7:d4:0f:e2:
dd:d2:96:7c:56:53:48:c2:8e:67:03:8d:cb:7c:62:
35:61:b9:d3:f7:93:92:25:ca:fe:66:9e:2a:48:9e:
b0:7e:91:3e:da:d6:b0:6b:4d:01:68:e2:8f:94:56:
9d:10:90:72:e1:2c:80:e7:05:e9:8a:b6:5f:94:e3:
fc:cd:53:9a:8d:1f:8d:94:d6:05:29:ae:e5:d1:de:
24:2a:30:a0:35:78:c6:e9:11:88:f4:12:66:80:3f:
9f:7e:af:d5:b2:a7:bf:f5:88:34:ae:9d:ff:41:7f:
09:48:4b:96:99:b6:b8:bc:5e:86:4d:5e:22:d4:e4:
35:26:98:48:0d:d4:ea:20:d8:bb:99:21:af:fa:f5:
24:04:cc:dc:a4:1b:20:23:07:ba:3b:b3:31:4e:6e:
e6:65:a6:2c:92:ff:0b:33:fe:29:6b:69:6d:45:f2:
8c:36:40:ce:bd:11:a7:84:e8:2e:22:cd:41:e6:b3:
a8:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:51:54:CC:22:B4:44:F6:CF:C1:7A:17:11:5B:EA:CE:93:0B:B0:BE
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/250608E2CF5B11EFBF28BCB3762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.206.175.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:65:e0:f6:90:17:a9:72:d7:21:a8:d0:5b:24:46:51:07:75:
2d:ff:3d:aa:28:3f:8b:b9:9c:00:7f:26:d9:da:20:74:79:06:
4d:12:33:b9:c9:af:c0:78:e9:c2:7b:8a:21:4e:f4:c5:ac:10:
c8:00:58:8c:e4:e5:de:d0:50:fe:37:a1:a2:1c:36:9b:c2:ff:
fd:ca:ee:df:35:17:f2:ce:33:e3:c5:84:98:ff:72:62:e9:ce:
1c:4c:1b:d7:97:38:bd:e9:ff:01:28:17:82:e5:69:0d:16:89:
c0:b0:9b:db:2a:9a:fc:2f:35:a2:68:49:da:c2:d8:ef:e7:53:
c9:f2:9c:7d:d9:19:40:ca:b0:27:ef:c4:81:e1:59:cb:c1:5e:
ff:0a:7b:98:ca:12:60:50:ea:80:eb:66:d4:f2:f1:eb:3b:ba:
2c:c4:d5:03:e1:19:ad:42:99:ce:48:dd:0a:b2:cf:0a:85:d9:
da:e0:33:a1:9e:ae:c4:bb:a8:55:57:a2:4e:d2:e9:44:cf:1b:
49:d8:09:01:19:77:31:36:e1:a2:3f:fb:f9:19:62:a1:6e:fc:
7f:57:00:a7:d9:fd:0d:72:23:c2:98:cb:1e:4a:a9:88:72:26:
7d:73:07:a6:e8:79:35:87:31:43:82:9b:1c:ca:2e:ff:01:16:
9f:ba:68:f5
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQVJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTEwMTM1OTQwWhcNMjUxMjEwMTM1OTQwWjAYMRYw
FAYDVQQDEw02NzgxMjdkMC03MGM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxCRHV2wwkRgm1H9TxNySz3pc2OvA80T4ZRHCbRmSp+3/GxjTxH78xoWI
r2L3eB3NDRw8DIGNv5HQT7rM5JS0PxbNS4p8t9fUD+Ld0pZ8VlNIwo5nA43LfGI1
YbnT95OSJcr+Zp4qSJ6wfpE+2tawa00BaOKPlFadEJBy4SyA5wXpirZflOP8zVOa
jR+NlNYFKa7l0d4kKjCgNXjG6RGI9BJmgD+ffq/Vsqe/9Yg0rp3/QX8JSEuWmba4
vF6GTV4i1OQ1JphIDdTqINi7mSGv+vUkBMzcpBsgIwe6O7MxTm7mZaYskv8LM/4p
a2ltRfKMNkDOvRGnhOguIs1B5rOoywIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGFR
VMwitET2z8F6FxFb6s6TC7C+MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yNTA2MDhFMkNGNUIxMUVGQkYyOEJDQjM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc6vMA0GCSqGSIb3DQEBCwUA
A4IBAQAcZeD2kBepctchqNBbJEZRB3Ut/z2qKD+LuZwAfybZ2iB0eQZNEjO5ya/A
eOnCe4ohTvTFrBDIAFiM5OXe0FD+N6GiHDabwv/9yu7fNRfyzjPjxYSY/3Ji6c4c
TBvXlzi96f8BKBeC5WkNFonAsJvbKpr8LzWiaEnawtjv51PJ8px92RlAyrAn78SB
4VnLwV7/CnuYyhJgUOqA62bU8vHrO7osxNUD4RmtQpnOSN0Kss8Khdna4DOhnq7E
u6hVV6JO0ulEzxtJ2AkBGXcxNuGiP/v5GWKhbvx/VwCn2f0NciPCmMseSqmIciZ9
cwem6Hk1hzFDgpscyi7/ARafumj1
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:45:32 2025 by rpki-client