Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3579E2BCBE8911EFBC1A5F60762E951A.roa
File: 3579E2BCBE8911EFBC1A5F60762E951A.roa (raw, json)
Hash identifier: tQcAnM+CkTDXqY0xXKzNDuMDb3jhY3ZREUOR93mgSCg=
Subject key identifier: BF:33:68:CE:C2:CC:21:AC:5C:1A:2B:7D:C4:BB:97:E4:5C:D8:61:7D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E6AE
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3579E2BCBE8911EFBC1A5F60762E951A.roa
Signing time: Fri 20 Dec 2024 04:16:39 +0000
ROA not before: Fri 20 Dec 2024 04:16:35 +0000
ROA not after: Wed 10 Dec 2025 04:16:35 +0000
asID: 984
IP address blocks: 45.206.218.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59054 (0xe6ae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 20 04:16:35 2024 GMT
Not After : Dec 10 04:16:35 2025 GMT
Subject: CN=6764efa7-cadd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:b7:fa:6d:4f:ee:ae:07:d7:74:f2:4c:5c:e4:
bd:b8:88:4b:2a:73:5a:60:e2:eb:f7:61:7b:03:35:
3e:92:3c:5c:e6:26:c8:30:1d:8f:51:b8:21:b8:14:
8e:63:65:85:db:c8:0d:9c:c0:68:ea:7b:a7:ec:11:
34:7e:e4:a4:fa:b6:fa:5b:34:55:a4:31:00:47:1f:
74:f1:ab:f5:24:12:33:df:07:85:ec:00:de:4f:87:
71:ca:c7:08:e1:a4:03:d9:ff:26:b4:bc:ab:d5:bb:
43:00:3c:e6:97:c3:78:a2:a1:c3:22:21:da:fa:b3:
f3:5b:eb:b5:ae:b7:ed:21:ca:8b:90:96:e8:6a:1e:
d6:17:2b:44:eb:06:27:58:05:3d:89:b5:e8:92:65:
f9:f3:2c:59:6d:76:d5:3b:0c:01:ef:8e:ae:97:53:
3c:4f:fd:62:6d:02:3e:fb:81:f0:a3:fa:12:20:07:
d4:2e:05:32:56:27:65:09:79:73:e4:72:35:e7:0f:
33:e1:81:13:2f:99:6e:6f:58:78:ca:78:d1:db:1e:
ea:85:59:b2:0c:a2:56:a6:37:ca:b3:5f:c7:29:bc:
eb:9e:5c:d6:9b:51:a6:67:eb:2e:de:47:90:f6:c7:
f8:3a:ee:d3:be:b3:b5:b9:b6:39:9f:df:91:97:11:
a8:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:33:68:CE:C2:CC:21:AC:5C:1A:2B:7D:C4:BB:97:E4:5C:D8:61:7D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3579E2BCBE8911EFBC1A5F60762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.206.218.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:66:2d:ed:a1:72:14:05:10:c9:7f:7a:a9:7a:73:f9:f7:d2:
e0:8a:4b:e8:a8:10:03:33:09:9d:71:5a:4b:43:9f:a4:fc:87:
8a:48:15:57:88:d9:c9:c7:86:a2:84:77:24:92:79:51:8f:c2:
09:f9:08:18:32:90:ab:9e:0d:a5:5d:b8:19:b6:e4:83:66:7a:
9b:77:bd:bd:7e:63:91:5f:5e:88:81:a8:24:01:44:ee:6b:b8:
e3:53:e0:af:7b:ac:7d:0c:87:46:0d:ac:35:a6:24:de:9b:fb:
15:86:bb:c5:65:96:1f:f7:b3:f1:01:df:ca:1d:ea:c2:d7:2f:
87:72:cc:d6:c4:ca:f3:43:2d:23:bf:6f:65:b9:e4:87:60:1e:
64:4d:7f:87:db:93:63:54:33:0b:81:d1:10:e2:11:f6:82:2c:
cb:1d:20:72:b9:d4:4a:d9:fa:84:35:ec:9f:a9:18:1e:8c:b0:
2f:90:c9:39:a1:d6:a5:2e:b5:ef:e3:1b:f7:a7:fb:0d:8f:07:
65:51:38:a7:39:a0:4f:28:82:88:4c:97:48:9f:e0:dd:62:e9:
18:9a:63:f3:58:22:59:e9:ff:0b:1c:9a:a8:84:a6:bc:91:72:
2a:fc:67:6a:5c:5c:c0:1f:5f:82:25:d0:00:e8:88:e7:43:26:
82:98:3f:a0
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOauMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjIwMDQxNjM1WhcNMjUxMjEwMDQxNjM1WjAYMRYw
FAYDVQQDEw02NzY0ZWZhNy1jYWRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0Lf6bU/urgfXdPJMXOS9uIhLKnNaYOLr92F7AzU+kjxc5ibIMB2PUbgh
uBSOY2WF28gNnMBo6nun7BE0fuSk+rb6WzRVpDEARx908av1JBIz3weF7ADeT4dx
yscI4aQD2f8mtLyr1btDADzml8N4oqHDIiHa+rPzW+u1rrftIcqLkJboah7WFytE
6wYnWAU9ibXokmX58yxZbXbVOwwB746ul1M8T/1ibQI++4Hwo/oSIAfULgUyVidl
CXlz5HI15w8z4YETL5lub1h4ynjR2x7qhVmyDKJWpjfKs1/HKbzrnlzWm1GmZ+su
3keQ9sf4Ou7TvrO1ubY5n9+RlxGo+QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFL8z
aM7CzCGsXBorfcS7l+Rc2GF9MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zNTc5RTJCQ0JFODkxMUVGQkMxQTVGNjA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc7aMA0GCSqGSIb3DQEBCwUA
A4IBAQBaZi3toXIUBRDJf3qpenP599LgikvoqBADMwmdcVpLQ5+k/IeKSBVXiNnJ
x4aihHckknlRj8IJ+QgYMpCrng2lXbgZtuSDZnqbd729fmORX16IgagkAUTua7jj
U+Cve6x9DIdGDaw1piTem/sVhrvFZZYf97PxAd/KHerC1y+HcszWxMrzQy0jv29l
ueSHYB5kTX+H25NjVDMLgdEQ4hH2gizLHSByudRK2fqENeyfqRgejLAvkMk5odal
LrXv4xv3p/sNjwdlUTinOaBPKIKITJdIn+DdYukYmmPzWCJZ6f8LHJqohKa8kXIq
/GdqXFzAH1+CJdAA6IjnQyaCmD+g
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:46:46 2025 by rpki-client