Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/37E4BD22BE8B11EFADD20E6D762E951A.roa
File: 37E4BD22BE8B11EFADD20E6D762E951A.roa (raw, json)
Hash identifier: +j+jqpuDX9bd49H4tqrdVPbeXFnFEfNL4mWP8txsjg8=
Subject key identifier: 39:C1:5E:DA:18:F3:28:DA:B0:4F:2B:91:34:5E:9F:F1:07:BD:B9:2A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E6C6
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/37E4BD22BE8B11EFADD20E6D762E951A.roa
Signing time: Fri 20 Dec 2024 04:31:02 +0000
ROA not before: Fri 20 Dec 2024 04:30:58 +0000
ROA not after: Wed 10 Dec 2025 04:30:58 +0000
asID: 984
IP address blocks: 45.206.230.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59078 (0xe6c6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 20 04:30:58 2024 GMT
Not After : Dec 10 04:30:58 2025 GMT
Subject: CN=6764f306-11a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:f3:e6:b1:37:ee:06:00:a4:b0:7f:38:d4:5e:
06:b1:50:23:99:b0:ed:fe:31:68:85:65:85:4d:cc:
b0:0d:c7:3b:a4:a1:47:a7:62:5f:89:d6:8e:94:8b:
3d:ee:d6:ed:b4:04:0d:7d:cf:11:c4:98:02:32:2a:
1f:c2:cb:38:9e:52:7f:42:8d:1d:40:55:3d:74:b4:
11:31:79:17:e9:91:e9:de:0b:b2:ac:25:77:dc:cf:
1e:38:4a:9b:ba:af:a5:55:dc:fb:1c:0e:c1:fb:23:
29:96:80:16:7d:69:19:74:85:b6:89:79:1a:9c:69:
78:1f:b9:86:4b:90:51:6e:9a:ce:71:d5:57:3c:b5:
3e:55:6d:0d:7a:9f:b6:2d:02:4a:d4:5c:b4:08:50:
5a:2a:df:bd:07:ee:f7:c9:1a:63:55:1c:2f:21:58:
47:9c:ff:57:cd:b8:60:04:65:c0:f5:46:19:53:5e:
49:42:67:2d:f0:1e:ea:ab:d7:e8:3d:8e:29:c3:8b:
1e:ef:35:79:be:01:98:54:8d:d2:81:bc:b2:5f:85:
27:e6:5f:d3:da:63:e2:dc:d9:b9:bd:de:1f:70:13:
49:eb:77:c4:7d:36:05:b6:25:af:eb:36:4c:29:32:
d0:00:7b:5e:3a:88:72:bb:c6:32:20:36:04:df:78:
66:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:C1:5E:DA:18:F3:28:DA:B0:4F:2B:91:34:5E:9F:F1:07:BD:B9:2A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/37E4BD22BE8B11EFADD20E6D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.206.230.0/24
Signature Algorithm: sha256WithRSAEncryption
98:2e:8b:26:7b:b9:a6:4e:f0:f9:d9:f8:b7:23:b1:6b:a6:aa:
3a:5f:6b:3a:9e:47:2e:1f:df:70:6f:b6:7e:54:23:3a:87:8b:
f7:c5:f0:6d:61:68:b9:53:b6:6e:47:ab:fc:15:8a:98:a6:d8:
92:e4:7d:40:c2:3f:be:b5:fd:38:1b:3a:6b:5f:6f:05:96:af:
0a:6c:70:8d:a0:5b:01:38:50:76:bf:bc:3d:eb:95:db:9a:c7:
4c:4e:ea:ed:c2:8c:38:36:0f:a8:c0:ff:25:04:e9:a9:54:52:
72:32:93:f6:e8:41:80:dc:71:9a:d6:8d:da:2a:b1:16:8a:8a:
a8:95:b0:40:e0:85:c2:94:c8:cf:8a:79:5c:92:f6:21:0f:7d:
78:32:fd:62:58:10:fc:16:d0:e4:8d:58:d5:cb:22:63:e7:15:
67:64:fd:49:24:e6:ab:08:84:7c:33:9c:8a:11:a9:1d:f7:60:
c6:34:9a:0b:88:08:a7:b3:2c:b9:4a:eb:23:ab:25:24:e5:59:
6f:c6:47:46:6a:b7:bb:a3:2f:17:2a:50:e4:55:5a:4d:16:9c:
5d:90:38:35:15:e1:87:3a:9d:0e:b2:39:ce:05:ca:5e:11:08:
a7:45:24:2f:1a:37:b6:7f:f0:be:9a:93:50:9c:00:0f:38:54:
a3:28:3a:1c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAObGMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjIwMDQzMDU4WhcNMjUxMjEwMDQzMDU4WjAYMRYw
FAYDVQQDEw02NzY0ZjMwNi0xMWE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxfPmsTfuBgCksH841F4GsVAjmbDt/jFohWWFTcywDcc7pKFHp2JfidaO
lIs97tbttAQNfc8RxJgCMiofwss4nlJ/Qo0dQFU9dLQRMXkX6ZHp3guyrCV33M8e
OEqbuq+lVdz7HA7B+yMploAWfWkZdIW2iXkanGl4H7mGS5BRbprOcdVXPLU+VW0N
ep+2LQJK1Fy0CFBaKt+9B+73yRpjVRwvIVhHnP9XzbhgBGXA9UYZU15JQmct8B7q
q9foPY4pw4se7zV5vgGYVI3SgbyyX4Un5l/T2mPi3Nm5vd4fcBNJ63fEfTYFtiWv
6zZMKTLQAHteOohyu8YyIDYE33hm2QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDnB
XtoY8yjasE8rkTRen/EHvbkqMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zN0U0QkQyMkJFOEIxMUVGQUREMjBFNkQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc7mMA0GCSqGSIb3DQEBCwUA
A4IBAQCYLosme7mmTvD52fi3I7Frpqo6X2s6nkcuH99wb7Z+VCM6h4v3xfBtYWi5
U7ZuR6v8FYqYptiS5H1Awj++tf04GzprX28Flq8KbHCNoFsBOFB2v7w965XbmsdM
Turtwow4Ng+owP8lBOmpVFJyMpP26EGA3HGa1o3aKrEWioqolbBA4IXClMjPinlc
kvYhD314Mv1iWBD8FtDkjVjVyyJj5xVnZP1JJOarCIR8M5yKEakd92DGNJoLiAin
syy5SusjqyUk5VlvxkdGare7oy8XKlDkVVpNFpxdkDg1FeGHOp0OsjnOBcpeEQin
RSQvGje2f/C+mpNQnAAPOFSjKDoc
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:54:55 2025 by rpki-client