Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3F1965EEBE7B11EF9C04A382762E951A.roa
File: 3F1965EEBE7B11EF9C04A382762E951A.roa (raw, json)
Hash identifier: JyAQujdYKBstAvylS3SPkMf4WlpNxjXaJOW7Z0n3M38=
Subject key identifier: 44:44:CF:2D:B3:68:88:67:82:4A:21:5D:E2:78:4B:95:85:FF:DA:F1
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E65E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3F1965EEBE7B11EF9C04A382762E951A.roa
Signing time: Fri 20 Dec 2024 02:36:42 +0000
ROA not before: Fri 20 Dec 2024 02:36:38 +0000
ROA not after: Wed 10 Dec 2025 02:36:38 +0000
asID: 984
IP address blocks: 45.206.177.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58974 (0xe65e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 20 02:36:38 2024 GMT
Not After : Dec 10 02:36:38 2025 GMT
Subject: CN=6764d83a-5ea5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:09:fb:a7:50:e7:bc:d8:1f:fe:88:bd:ca:dd:
a3:e1:d4:6c:ec:bd:ea:bd:d8:70:b6:83:30:b2:72:
5b:0a:14:8b:bd:ec:9a:df:c9:18:d4:38:52:a1:dc:
23:2d:27:94:97:aa:19:2b:79:b9:d8:b9:55:c0:49:
b2:55:53:b1:42:0d:ba:ba:0c:c0:a2:68:3d:c0:b3:
92:d8:d7:83:27:c7:e0:87:c3:b9:41:15:23:2b:ab:
cb:30:55:e3:7f:c5:a7:10:af:09:fc:d0:1e:4d:60:
42:a9:5c:7a:04:64:9c:bf:bc:32:54:c3:a4:5e:92:
50:44:07:dd:27:58:c5:06:2f:ac:e4:a9:3f:29:52:
5d:d9:4c:6b:7a:9a:e2:56:c1:af:4f:80:55:3c:35:
76:4e:18:a8:12:2e:d9:6e:94:31:9d:51:59:52:44:
22:6c:9d:36:32:3e:dc:9e:c6:45:53:2f:f6:ee:f9:
2e:57:eb:4c:6d:b5:13:ab:7e:37:dc:08:f5:ad:47:
1f:ac:37:b1:2e:c4:21:f6:4c:d8:e1:04:24:92:f5:
a5:9a:a5:1f:88:65:54:c8:81:cb:81:da:a9:f4:8b:
0c:cb:3b:79:55:11:07:2b:71:11:8e:07:ea:20:d2:
9d:f6:ee:51:a0:ce:82:b5:03:1a:fe:a2:a7:58:47:
4e:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:44:CF:2D:B3:68:88:67:82:4A:21:5D:E2:78:4B:95:85:FF:DA:F1
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3F1965EEBE7B11EF9C04A382762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.206.177.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:f2:06:a1:23:40:e5:b7:ca:80:28:2e:a3:18:cb:fd:b8:ab:
a4:0f:49:77:e1:13:43:94:b9:75:49:c8:48:57:d9:fe:2d:29:
50:28:1b:8f:e4:67:b9:cf:5e:43:6e:ff:ec:c5:89:a5:fe:71:
d8:aa:f4:f9:1e:cd:e8:73:b4:55:61:dd:d3:24:8c:2e:29:e4:
25:ec:dc:7f:98:b9:97:eb:f7:d6:a7:70:82:6e:fb:d8:ba:95:
a7:a4:f9:14:16:75:6f:6c:44:e8:7d:98:0f:ef:13:23:35:eb:
ad:60:d3:b6:3d:43:42:1d:8a:60:d3:23:ac:33:f0:cc:76:e4:
69:da:bb:ee:2b:1a:15:80:ed:83:6a:1c:17:31:ab:70:88:11:
fa:38:81:b8:fb:f1:ca:95:d7:fa:f9:5c:7a:8d:23:d8:12:dd:
81:2f:3b:46:65:97:df:72:0a:f4:d7:89:15:3c:12:8f:33:87:
45:28:fb:9d:85:d0:18:1f:58:71:b8:9c:31:db:9c:e0:cf:eb:
88:50:11:b5:2b:90:4f:9d:5e:cf:a8:3e:c1:a2:58:69:65:bb:
b4:97:17:24:7d:e7:50:d1:90:24:7d:7a:e6:0d:e0:2e:99:63:
87:47:c8:4c:15:e9:e7:6e:b1:d8:1e:76:8a:c5:d3:c9:49:95:
ef:cc:71:8b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOZeMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjIwMDIzNjM4WhcNMjUxMjEwMDIzNjM4WjAYMRYw
FAYDVQQDEw02NzY0ZDgzYS01ZWE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtQn7p1DnvNgf/oi9yt2j4dRs7L3qvdhwtoMwsnJbChSLveya38kY1DhS
odwjLSeUl6oZK3m52LlVwEmyVVOxQg26ugzAomg9wLOS2NeDJ8fgh8O5QRUjK6vL
MFXjf8WnEK8J/NAeTWBCqVx6BGScv7wyVMOkXpJQRAfdJ1jFBi+s5Kk/KVJd2Uxr
epriVsGvT4BVPDV2ThioEi7ZbpQxnVFZUkQibJ02Mj7cnsZFUy/27vkuV+tMbbUT
q3433Aj1rUcfrDexLsQh9kzY4QQkkvWlmqUfiGVUyIHLgdqp9IsMyzt5VREHK3ER
jgfqINKd9u5RoM6CtQMa/qKnWEdOnQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFERE
zy2zaIhngkohXeJ4S5WF/9rxMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zRjE5NjVFRUJFN0IxMUVGOUMwNEEzODI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc6xMA0GCSqGSIb3DQEBCwUA
A4IBAQBO8gahI0Dlt8qAKC6jGMv9uKukD0l34RNDlLl1SchIV9n+LSlQKBuP5Ge5
z15Dbv/sxYml/nHYqvT5Hs3oc7RVYd3TJIwuKeQl7Nx/mLmX6/fWp3CCbvvYupWn
pPkUFnVvbETofZgP7xMjNeutYNO2PUNCHYpg0yOsM/DMduRp2rvuKxoVgO2DahwX
MatwiBH6OIG4+/HKldf6+Vx6jSPYEt2BLztGZZffcgr014kVPBKPM4dFKPudhdAY
H1hxuJwx25zgz+uIUBG1K5BPnV7PqD7BolhpZbu0lxckfedQ0ZAkfXrmDeAumWOH
R8hMFennbrHYHnaKxdPJSZXvzHGL
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:50:33 2025 by rpki-client