Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/39494A08BE8F11EF92DB9D85762E951A.roa
File: 39494A08BE8F11EF92DB9D85762E951A.roa (raw, json)
Hash identifier: EARGlzHx9e+RtYK+cftWvOMdGuS84j8DfLkh3HabsDc=
Subject key identifier: 53:CC:79:5D:20:1E:3F:3C:A6:2E:D8:D9:93:F9:3F:9B:D9:BE:26:BF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E6F6
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/39494A08BE8F11EF92DB9D85762E951A.roa
Signing time: Fri 20 Dec 2024 04:59:42 +0000
ROA not before: Fri 20 Dec 2024 04:59:39 +0000
ROA not after: Wed 10 Dec 2025 04:59:39 +0000
asID: 984
IP address blocks: 45.206.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59126 (0xe6f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 20 04:59:39 2024 GMT
Not After : Dec 10 04:59:39 2025 GMT
Subject: CN=6764f9be-f720
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:e9:a4:6e:05:5d:7f:8e:9e:5a:1c:d4:6f:e2:
98:83:e1:7e:55:dd:cd:f4:b7:b4:98:0c:cd:a1:2d:
6d:13:19:cc:8d:de:dc:d6:5a:3e:e7:85:cd:09:27:
11:10:81:03:ae:cd:4e:74:fd:25:46:c8:21:8a:e0:
de:2b:61:1b:7a:a8:79:d6:62:37:7a:5a:37:e8:b1:
10:9d:1c:7b:21:a8:92:cc:99:fa:98:88:ea:96:91:
e8:e5:3e:ee:ce:fd:32:eb:19:27:71:05:43:73:df:
7b:ad:db:90:fd:70:7e:ed:89:8f:0b:10:ca:94:9c:
7d:2d:98:a7:0a:dd:e5:fd:13:16:c8:0f:03:36:af:
aa:f0:5d:43:0f:2b:20:27:ee:f3:db:5a:c3:b1:a8:
02:a4:08:ff:3f:2e:5a:72:14:00:b5:ec:70:64:4e:
bf:8b:0d:65:03:b9:7c:e5:94:cf:c9:81:fc:9e:e4:
49:3f:1a:5f:3d:98:82:1b:62:2f:41:0a:0b:59:7e:
d4:6d:c1:9f:0c:45:dc:29:e2:7f:1a:c7:4d:c8:0a:
4c:9a:a0:a1:30:84:18:8d:3f:4e:76:47:e5:c2:28:
2a:ba:f5:cd:54:df:1a:42:77:57:03:10:fd:21:22:
c6:07:fb:31:30:b2:fc:5b:b9:95:a7:5d:7c:da:50:
a5:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:CC:79:5D:20:1E:3F:3C:A6:2E:D8:D9:93:F9:3F:9B:D9:BE:26:BF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/39494A08BE8F11EF92DB9D85762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.206.254.0/24
Signature Algorithm: sha256WithRSAEncryption
45:c9:8f:15:e0:26:bf:4e:66:67:62:82:85:1d:85:10:26:35:
0c:20:6c:07:66:a0:f9:d8:fc:1d:85:48:0f:58:7f:90:e8:58:
68:0c:49:f0:67:28:ff:01:8d:9c:31:02:52:c2:0f:8a:bf:cf:
36:b8:c3:68:4a:36:0f:10:ad:5a:da:2a:6e:3f:98:06:11:37:
1b:91:82:93:50:1e:b1:d7:b0:28:30:45:1e:2e:d4:99:97:ec:
38:a6:74:86:b8:c8:ff:16:30:eb:13:83:81:e7:7a:34:f6:84:
ac:e4:03:02:e7:b5:d2:93:10:32:43:e8:6c:a9:f5:c0:16:8f:
c2:a7:2c:49:29:c7:52:5d:ac:ce:cb:bf:51:83:84:07:39:bd:
5c:59:58:1c:c9:d2:05:8c:e1:70:42:65:af:b3:aa:a1:84:b1:
e6:02:b2:9f:c7:06:82:4e:57:d5:0c:6c:e3:4e:4c:79:37:3a:
2d:db:e7:6c:4e:d7:d8:5b:28:19:e0:fc:3a:5f:2e:dd:2a:39:
9e:fd:11:a2:4d:98:69:8f:da:bd:0e:82:95:96:a9:86:b1:03:
41:82:12:2b:12:f1:13:6e:69:b7:62:30:64:cb:34:a9:7d:54:
2f:b8:f2:2d:0f:59:21:59:18:d4:e1:33:56:33:85:97:eb:ac:
98:8e:81:34
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOb2MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjIwMDQ1OTM5WhcNMjUxMjEwMDQ1OTM5WjAYMRYw
FAYDVQQDEw02NzY0ZjliZS1mNzIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAkemkbgVdf46eWhzUb+KYg+F+Vd3N9Le0mAzNoS1tExnMjd7c1lo+54XN
CScREIEDrs1OdP0lRsghiuDeK2Ebeqh51mI3elo36LEQnRx7IaiSzJn6mIjqlpHo
5T7uzv0y6xkncQVDc997rduQ/XB+7YmPCxDKlJx9LZinCt3l/RMWyA8DNq+q8F1D
DysgJ+7z21rDsagCpAj/Py5achQAtexwZE6/iw1lA7l85ZTPyYH8nuRJPxpfPZiC
G2IvQQoLWX7UbcGfDEXcKeJ/GsdNyApMmqChMIQYjT9OdkflwigquvXNVN8aQndX
AxD9ISLGB/sxMLL8W7mVp1182lCl4QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFPM
eV0gHj88pi7Y2ZP5P5vZvia/MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zOTQ5NEEwOEJFOEYxMUVGOTJEQjlEODU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc7+MA0GCSqGSIb3DQEBCwUA
A4IBAQBFyY8V4Ca/TmZnYoKFHYUQJjUMIGwHZqD52PwdhUgPWH+Q6FhoDEnwZyj/
AY2cMQJSwg+Kv882uMNoSjYPEK1a2ipuP5gGETcbkYKTUB6x17AoMEUeLtSZl+w4
pnSGuMj/FjDrE4OB53o09oSs5AMC57XSkxAyQ+hsqfXAFo/CpyxJKcdSXazOy79R
g4QHOb1cWVgcydIFjOFwQmWvs6qhhLHmArKfxwaCTlfVDGzjTkx5Nzot2+dsTtfY
WygZ4Pw6Xy7dKjme/RGiTZhpj9q9DoKVlqmGsQNBghIrEvETbmm3YjBkyzSpfVQv
uPItD1khWRjU4TNWM4WX66yYjoE0
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:41:21 2025 by rpki-client