Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/488A5C74BDEE11EFB151818C762E951A.roa
File: 488A5C74BDEE11EFB151818C762E951A.roa (raw, json)
Hash identifier: jLGJeQsdJN2Jq22TETw2ujeLIB/OK34IHwPUIyvjHZE=
Subject key identifier: 93:97:E0:A9:1F:70:F0:CD:E1:A4:F4:CE:76:C2:AD:13:26:34:42:13
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E5DD
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/488A5C74BDEE11EFB151818C762E951A.roa
Signing time: Thu 19 Dec 2024 09:47:39 +0000
ROA not before: Thu 19 Dec 2024 09:47:35 +0000
ROA not after: Wed 10 Dec 2025 09:47:35 +0000
asID: 984
IP address blocks: 45.206.111.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58845 (0xe5dd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 19 09:47:35 2024 GMT
Not After : Dec 10 09:47:35 2025 GMT
Subject: CN=6763ebbb-0fa9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:23:7a:81:c9:54:77:4f:d0:0b:44:96:a7:94:
a5:e1:cd:b0:f3:82:ed:5e:9d:1d:6d:42:90:bd:e5:
3b:37:f6:37:f0:2e:83:3a:12:32:2b:4c:80:12:82:
d1:ef:5b:3a:bd:26:e0:76:60:e3:c1:cc:6b:1e:44:
a9:49:fa:96:43:2f:cd:c1:15:a4:49:72:94:0b:d1:
77:81:0f:4f:8f:dc:1a:7b:c1:60:c2:dd:bb:d6:2d:
b6:9b:2a:fe:99:7c:83:c8:08:40:84:21:48:e3:b3:
6b:92:d8:4c:30:5b:8e:0e:82:2f:c4:ed:4b:f5:f4:
ba:01:39:e4:73:1c:6d:11:0e:0b:a6:28:60:2d:ab:
9b:b4:db:78:48:73:87:d4:33:c9:bd:47:c1:1b:c0:
2c:4b:17:c0:ec:5a:1e:f8:ac:da:be:81:12:68:2f:
6f:d2:e8:be:67:2a:e9:e4:b4:5d:e6:40:79:75:57:
75:f6:05:be:a6:27:a2:90:a2:9c:39:0f:7d:7d:6f:
b7:5f:c2:42:1a:5c:d6:0a:4c:06:0d:45:07:4e:5e:
f0:1f:51:98:95:b0:3f:42:95:78:9c:42:99:ff:0d:
20:fa:18:de:aa:52:56:2e:94:82:6d:40:29:50:87:
fe:22:51:59:d5:38:fc:be:20:a6:8b:5f:c1:15:b3:
7d:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:97:E0:A9:1F:70:F0:CD:E1:A4:F4:CE:76:C2:AD:13:26:34:42:13
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/488A5C74BDEE11EFB151818C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.206.111.0/24
Signature Algorithm: sha256WithRSAEncryption
39:87:f2:f6:f6:60:ef:65:c2:d9:36:48:62:05:e1:58:cd:da:
32:fd:8d:07:d5:a0:37:97:35:9f:20:8f:44:ff:1b:e7:be:7f:
3e:76:95:11:4c:e2:e5:63:fa:64:df:74:c9:43:e4:00:ad:77:
ed:2f:4e:49:62:dc:7d:b2:db:db:fc:40:b0:9e:7c:ce:ad:1a:
5e:af:28:74:dc:0a:a7:3d:cd:39:27:50:c0:76:6a:97:13:88:
e4:04:96:34:f5:0e:d3:98:ba:68:4d:87:76:b7:0c:c7:b9:ae:
00:ed:9c:b4:f3:a8:9b:b7:92:70:41:4e:87:cd:a7:74:8e:d1:
cd:2f:82:0a:0c:df:01:77:71:b8:46:20:39:e7:6a:b6:e0:ab:
ca:ab:b6:42:c5:c9:16:cf:3e:c5:49:bc:52:73:ed:3f:0c:ac:
93:29:1d:b4:50:d2:32:0a:e3:09:e4:31:54:0a:e5:de:16:a5:
05:fc:00:37:78:25:89:ba:05:dc:cc:cd:86:88:b2:36:06:1a:
f3:f8:98:b9:64:33:63:b9:2c:d1:ff:6c:65:f6:33:38:17:5a:
4c:1c:0d:b5:ca:95:d3:20:54:07:8c:fc:ef:3a:c7:7d:69:fa:
34:af:6b:f2:78:44:b3:77:f4:8e:45:78:4f:84:1e:c1:0a:7a:
8d:d7:2e:60
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOXdMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjE5MDk0NzM1WhcNMjUxMjEwMDk0NzM1WjAYMRYw
FAYDVQQDEw02NzYzZWJiYi0wZmE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3iN6gclUd0/QC0SWp5Sl4c2w84LtXp0dbUKQveU7N/Y38C6DOhIyK0yA
EoLR71s6vSbgdmDjwcxrHkSpSfqWQy/NwRWkSXKUC9F3gQ9Pj9wae8Fgwt271i22
myr+mXyDyAhAhCFI47NrkthMMFuODoIvxO1L9fS6ATnkcxxtEQ4LpihgLaubtNt4
SHOH1DPJvUfBG8AsSxfA7Foe+KzavoESaC9v0ui+Zyrp5LRd5kB5dVd19gW+piei
kKKcOQ99fW+3X8JCGlzWCkwGDUUHTl7wH1GYlbA/QpV4nEKZ/w0g+hjeqlJWLpSC
bUApUIf+IlFZ1Tj8viCmi1/BFbN93QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJOX
4KkfcPDN4aT0znbCrRMmNEITMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80ODhBNUM3NEJERUUxMUVGQjE1MTgxOEM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc5vMA0GCSqGSIb3DQEBCwUA
A4IBAQA5h/L29mDvZcLZNkhiBeFYzdoy/Y0H1aA3lzWfII9E/xvnvn8+dpURTOLl
Y/pk33TJQ+QArXftL05JYtx9stvb/ECwnnzOrRperyh03AqnPc05J1DAdmqXE4jk
BJY09Q7TmLpoTYd2twzHua4A7Zy086ibt5JwQU6Hzad0jtHNL4IKDN8Bd3G4RiA5
52q24KvKq7ZCxckWzz7FSbxSc+0/DKyTKR20UNIyCuMJ5DFUCuXeFqUF/AA3eCWJ
ugXczM2GiLI2Bhrz+Ji5ZDNjuSzR/2xl9jM4F1pMHA21ypXTIFQHjPzvOsd9afo0
r2vyeESzd/SORXhPhB7BCnqN1y5g
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:40:28 2025 by rpki-client