Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4164A1F6BDEF11EF8F4BAC92762E951A.roa
File: 4164A1F6BDEF11EF8F4BAC92762E951A.roa (raw, json)
Hash identifier: Xz1Bi1XD9gieiBzO1XdeSH9zGPBCXA+Oh1vX0paYJqE=
Subject key identifier: 46:AB:19:5E:D2:82:E0:1D:53:65:35:6E:50:9F:C5:36:56:60:73:F3
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E5E9
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4164A1F6BDEF11EF8F4BAC92762E951A.roa
Signing time: Thu 19 Dec 2024 09:54:36 +0000
ROA not before: Thu 19 Dec 2024 09:54:33 +0000
ROA not after: Wed 10 Dec 2025 09:54:33 +0000
asID: 984
IP address blocks: 45.206.117.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58857 (0xe5e9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 19 09:54:33 2024 GMT
Not After : Dec 10 09:54:33 2025 GMT
Subject: CN=6763ed5c-be03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:d2:b2:f5:9e:5d:94:44:6d:33:fa:c3:c2:4b:
60:9a:ae:67:e5:75:86:e0:70:e3:ac:47:0e:23:26:
02:df:1c:eb:16:51:d4:81:e0:a1:5a:7f:de:3b:a2:
a5:83:db:06:1d:d3:9f:2e:38:c8:c3:75:bf:ed:03:
32:cf:5b:ee:a0:bd:e4:d0:33:9d:22:89:2e:b8:ef:
b3:83:47:79:bd:a7:af:99:57:ad:5c:6d:2e:6f:34:
c4:5f:ee:57:12:45:aa:c2:4a:eb:6f:3d:c3:18:94:
3a:c7:66:c2:12:b7:74:64:79:db:7c:8f:f9:78:79:
ae:c9:f5:a4:f8:db:cd:c6:58:95:d8:61:fe:dc:1d:
c8:19:ab:d0:4e:e0:44:9d:87:05:aa:cf:3a:11:88:
ec:ba:25:0c:d5:5b:a5:4a:a1:2e:32:6b:0a:73:9a:
2e:0d:bc:b3:f0:d5:14:3f:ed:92:e8:15:5a:6e:83:
8a:60:c1:1c:73:42:db:5e:07:8a:1d:f7:05:f6:2a:
7e:ab:3a:59:71:e0:60:c1:48:4b:ff:a1:62:e7:0e:
02:2e:02:0b:72:07:f1:6c:5f:8c:a4:94:b6:95:39:
4d:c7:c8:f5:a0:ee:3d:0f:ef:26:ed:25:32:e8:93:
35:84:47:09:43:c0:0a:f4:79:cc:d7:37:ff:8a:5f:
f8:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:AB:19:5E:D2:82:E0:1D:53:65:35:6E:50:9F:C5:36:56:60:73:F3
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4164A1F6BDEF11EF8F4BAC92762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.206.117.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:55:79:1a:b6:d1:d1:47:e6:15:13:a3:98:df:6c:3d:51:43:
19:5f:c8:15:3d:7b:f9:7b:18:44:6a:75:5a:98:29:44:3b:80:
ee:90:f8:b1:2a:6d:19:5b:d1:d6:fe:29:88:b9:e8:74:db:38:
fc:1e:b9:4f:44:a9:43:4a:ed:40:90:e4:a3:a9:2a:52:a4:15:
82:66:ee:f1:b3:ad:95:ae:6c:e2:e3:63:51:66:cf:dd:48:d3:
bb:44:24:ae:00:e3:dc:7a:31:68:97:bd:43:ed:a0:e1:49:a1:
96:da:b8:06:d0:11:84:63:5c:43:fb:bb:81:d3:e6:d9:e1:e4:
b0:f2:39:32:4a:88:47:0e:85:be:77:e2:62:9b:b9:35:df:db:
54:8f:c3:63:19:19:5f:1e:02:8d:d9:95:cd:3d:b4:50:22:3b:
f3:31:13:f4:1c:18:6b:8d:85:6d:3f:2d:9f:29:fa:1e:65:a7:
ac:23:f9:c5:5f:a7:74:c9:b0:02:18:eb:1e:22:84:c4:c9:3a:
35:e2:77:1a:dd:56:8c:75:30:11:cc:75:f1:6c:42:2c:47:2e:
c7:d3:00:84:eb:e7:72:5b:5f:70:d8:ea:92:fd:f8:aa:38:8c:
74:47:f3:fc:09:c4:86:63:91:de:b5:d7:3c:f9:dc:3c:ce:34:
74:5a:f5:c1
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOXpMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjE5MDk1NDMzWhcNMjUxMjEwMDk1NDMzWjAYMRYw
FAYDVQQDEw02NzYzZWQ1Yy1iZTAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxdKy9Z5dlERtM/rDwktgmq5n5XWG4HDjrEcOIyYC3xzrFlHUgeChWn/e
O6Klg9sGHdOfLjjIw3W/7QMyz1vuoL3k0DOdIokuuO+zg0d5vaevmVetXG0ubzTE
X+5XEkWqwkrrbz3DGJQ6x2bCErd0ZHnbfI/5eHmuyfWk+NvNxliV2GH+3B3IGavQ
TuBEnYcFqs86EYjsuiUM1VulSqEuMmsKc5ouDbyz8NUUP+2S6BVaboOKYMEcc0Lb
XgeKHfcF9ip+qzpZceBgwUhL/6Fi5w4CLgILcgfxbF+MpJS2lTlNx8j1oO49D+8m
7SUy6JM1hEcJQ8AK9HnM1zf/il/4BQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEar
GV7SguAdU2U1blCfxTZWYHPzMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80MTY0QTFGNkJERUYxMUVGOEY0QkFDOTI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc51MA0GCSqGSIb3DQEBCwUA
A4IBAQAbVXkattHRR+YVE6OY32w9UUMZX8gVPXv5exhEanVamClEO4DukPixKm0Z
W9HW/imIueh02zj8HrlPRKlDSu1AkOSjqSpSpBWCZu7xs62Vrmzi42NRZs/dSNO7
RCSuAOPcejFol71D7aDhSaGW2rgG0BGEY1xD+7uB0+bZ4eSw8jkySohHDoW+d+Ji
m7k139tUj8NjGRlfHgKN2ZXNPbRQIjvzMRP0HBhrjYVtPy2fKfoeZaesI/nFX6d0
ybACGOseIoTEyTo14nca3VaMdTARzHXxbEIsRy7H0wCE6+dyW19w2OqS/fiqOIx0
R/P8CcSGY5Hetdc8+dw8zjR0WvXB
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:55:05 2025 by rpki-client