Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2F45FCA0BDBC11EF9C320A58762E951A.roa
File: 2F45FCA0BDBC11EF9C320A58762E951A.roa (raw, json)
Hash identifier: xpNJlIP7c0sMfJUrCeqw+8OXEkK3NKQFJ+zGNEVCcHc=
Subject key identifier: A1:EC:91:A6:CD:D3:3E:23:45:48:00:6B:0E:FC:06:60:25:09:91:4B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E53F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2F45FCA0BDBC11EF9C320A58762E951A.roa
Signing time: Thu 19 Dec 2024 03:49:02 +0000
ROA not before: Thu 19 Dec 2024 03:48:58 +0000
ROA not after: Wed 10 Dec 2025 03:48:58 +0000
asID: 984
IP address blocks: 45.206.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58687 (0xe53f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 19 03:48:58 2024 GMT
Not After : Dec 10 03:48:58 2025 GMT
Subject: CN=676397ae-df22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:28:98:a1:bc:ca:80:3d:a0:d6:79:f1:62:a0:
37:08:50:54:d0:e3:54:2b:3f:6b:ea:d8:96:b7:99:
ed:da:9a:3a:40:af:33:16:4b:db:8e:d4:6e:fd:0f:
31:7e:6a:0e:1a:3e:66:54:26:2f:a1:bb:20:20:a4:
5f:a3:02:4c:41:2e:d4:c1:c3:cc:f9:04:d7:e4:15:
53:8f:95:c3:ec:65:6e:28:0e:dc:5f:ca:3c:43:ae:
a2:42:42:d6:5f:80:b4:9a:72:1c:2c:4c:37:2a:fa:
8d:40:07:f9:de:83:c2:93:02:c8:77:94:b6:62:de:
bc:de:e5:19:e5:96:5e:db:c9:cb:fa:36:10:d1:7f:
9d:99:fe:75:fd:91:97:1d:24:bc:35:44:91:cf:c7:
52:42:1c:af:e1:44:87:83:08:00:07:1f:ea:06:66:
9a:ee:16:3d:15:c8:33:b9:30:6d:00:cb:62:86:c7:
f7:34:b9:e5:8e:6a:7f:4d:4e:6a:42:5f:ef:7b:48:
67:4a:0f:30:20:c7:11:e7:f9:81:26:44:67:82:f7:
a6:a7:fd:f7:19:0a:2d:e8:7a:e0:d1:01:cd:89:9a:
4b:0d:a0:f3:cb:ff:6d:f1:6b:18:c0:da:13:67:d1:
c4:cc:be:5c:c8:18:85:7f:e1:b2:25:44:63:25:40:
21:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:EC:91:A6:CD:D3:3E:23:45:48:00:6B:0E:FC:06:60:25:09:91:4B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2F45FCA0BDBC11EF9C320A58762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.206.55.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:b3:3e:5e:d0:d9:e5:33:5f:1d:7e:91:44:55:18:e2:e9:44:
22:27:5e:ae:b7:fd:2b:fe:db:a9:6d:ce:1d:79:17:14:0f:94:
ac:5b:1d:4a:03:1b:5c:5f:60:d5:ff:f2:2d:39:79:a6:10:25:
9a:c7:20:34:48:0d:98:ab:c1:6a:ef:73:ea:29:b8:06:15:bb:
ff:d6:43:78:20:2e:cb:10:61:28:f2:d1:8a:2d:f8:26:a8:a5:
9f:8d:c4:f2:74:78:9a:81:52:a8:96:8e:fd:36:57:b9:d2:72:
32:86:f6:bb:26:19:39:f9:8e:7a:64:e6:ea:1c:98:16:2e:09:
ca:6f:dc:a4:58:f1:eb:77:94:3c:31:98:46:76:5e:d5:75:58:
a2:00:0f:21:61:82:cd:44:14:f2:3a:d4:ce:d3:65:8c:3d:ad:
b9:83:a6:71:c1:b0:d6:ca:5c:5f:26:87:31:2c:dc:ab:19:cb:
70:df:0d:74:f3:20:f7:c6:fa:49:33:89:8f:17:f3:68:b1:5e:
0d:92:a7:3a:7a:05:26:58:52:fc:24:2e:df:26:5c:dc:5d:d4:
4d:91:52:36:fe:8d:4a:3f:5d:9c:83:75:72:74:a4:e6:db:c5:
5e:dd:16:6a:aa:86:23:04:70:5e:a1:f3:a9:f3:83:33:d2:2a:
a0:70:1f:68
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOU/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjE5MDM0ODU4WhcNMjUxMjEwMDM0ODU4WjAYMRYw
FAYDVQQDEw02NzYzOTdhZS1kZjIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4yiYobzKgD2g1nnxYqA3CFBU0ONUKz9r6tiWt5nt2po6QK8zFkvbjtRu
/Q8xfmoOGj5mVCYvobsgIKRfowJMQS7UwcPM+QTX5BVTj5XD7GVuKA7cX8o8Q66i
QkLWX4C0mnIcLEw3KvqNQAf53oPCkwLId5S2Yt683uUZ5ZZe28nL+jYQ0X+dmf51
/ZGXHSS8NUSRz8dSQhyv4USHgwgABx/qBmaa7hY9FcgzuTBtAMtihsf3NLnljmp/
TU5qQl/ve0hnSg8wIMcR5/mBJkRngvemp/33GQot6Hrg0QHNiZpLDaDzy/9t8WsY
wNoTZ9HEzL5cyBiFf+GyJURjJUAhYwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKHs
kabN0z4jRUgAaw78BmAlCZFLMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yRjQ1RkNBMEJEQkMxMUVGOUMzMjBBNTg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc43MA0GCSqGSIb3DQEBCwUA
A4IBAQANsz5e0NnlM18dfpFEVRji6UQiJ16ut/0r/tupbc4deRcUD5SsWx1KAxtc
X2DV//ItOXmmECWaxyA0SA2Yq8Fq73PqKbgGFbv/1kN4IC7LEGEo8tGKLfgmqKWf
jcTydHiagVKolo79Nle50nIyhva7Jhk5+Y56ZObqHJgWLgnKb9ykWPHrd5Q8MZhG
dl7VdViiAA8hYYLNRBTyOtTO02WMPa25g6ZxwbDWylxfJocxLNyrGctw3w108yD3
xvpJM4mPF/NosV4Nkqc6egUmWFL8JC7fJlzcXdRNkVI2/o1KP12cg3VydKTm28Ve
3RZqqoYjBHBeofOp84Mz0iqgcB9o
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:49:42 2025 by rpki-client