Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/49157F7EBDBD11EFAF19B25E762E951A.roa
File: 49157F7EBDBD11EFAF19B25E762E951A.roa (raw, json)
Hash identifier: V8oZoEFg2THVFI64ZfyWFHb2KvyM+ByTlK2RhQzjNsw=
Subject key identifier: CA:66:2E:C0:F0:51:A2:BD:97:C1:5B:F5:7C:09:C9:86:87:C4:DD:95
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E54D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/49157F7EBDBD11EFAF19B25E762E951A.roa
Signing time: Thu 19 Dec 2024 03:56:54 +0000
ROA not before: Thu 19 Dec 2024 03:56:51 +0000
ROA not after: Wed 10 Dec 2025 03:56:51 +0000
asID: 984
IP address blocks: 45.206.73.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58701 (0xe54d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 19 03:56:51 2024 GMT
Not After : Dec 10 03:56:51 2025 GMT
Subject: CN=67639986-34b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:dc:97:ff:00:0f:55:12:62:43:b0:91:2b:77:
6d:51:f1:f4:a6:49:93:2e:78:cb:0c:66:86:a5:47:
04:9b:d3:17:33:09:2e:4e:83:0f:14:7a:4a:0f:2b:
4c:38:63:e2:7c:0c:4b:fa:b1:06:99:0f:0e:ad:99:
70:04:6f:ea:6e:74:b8:86:0b:45:cd:14:0b:78:22:
a0:79:a2:24:e2:ea:1d:f2:1f:20:c6:7f:cd:44:44:
35:22:95:25:e4:a5:24:f3:3d:68:7e:42:5b:c0:b4:
39:91:7f:2b:68:30:77:63:2c:86:c1:35:a2:77:fd:
42:22:3d:52:94:93:c7:e4:1c:3c:b4:9a:9f:8a:b0:
b9:d5:0c:80:c2:16:3e:57:b5:78:31:9c:e9:3a:21:
7f:44:ce:c5:f5:b2:1c:e7:5c:44:c0:be:59:6e:61:
00:c2:39:fb:33:1d:40:5e:fa:44:13:1b:63:1b:99:
a1:8b:07:2f:41:8b:05:68:5c:74:12:5d:f0:8e:06:
11:81:30:03:06:0f:23:89:31:df:38:ca:77:eb:2c:
e7:0f:81:d5:96:00:9d:14:05:3b:7f:72:4a:15:30:
df:6c:84:6b:34:cf:fe:56:7a:ad:67:7d:48:7d:df:
f2:56:2c:94:7c:d2:70:ae:6a:70:f6:4a:07:b5:89:
e7:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:66:2E:C0:F0:51:A2:BD:97:C1:5B:F5:7C:09:C9:86:87:C4:DD:95
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/49157F7EBDBD11EFAF19B25E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.206.73.0/24
Signature Algorithm: sha256WithRSAEncryption
50:21:10:f9:21:52:44:80:f5:5e:6f:f3:58:d8:e4:5d:c2:c5:
3d:52:4c:a5:83:23:da:3d:c3:73:81:99:15:e4:67:d0:66:2a:
af:fb:6b:38:ed:09:06:96:78:9e:e5:e8:76:aa:c9:80:d5:67:
b1:12:42:6f:3c:07:37:6f:cf:68:93:2e:54:91:5d:ff:15:44:
65:02:d9:95:b6:5f:19:fd:c0:04:4c:ad:73:94:44:a0:a1:73:
d3:c7:bc:0d:01:ca:75:48:d1:1f:5e:bd:4a:c4:57:c7:ee:73:
f4:f1:25:82:8e:84:72:dd:f0:fe:e0:c9:13:eb:be:67:e1:f3:
ed:a0:8a:ce:4f:36:5f:4d:95:18:17:aa:2f:fd:27:55:41:b0:
a2:67:b5:f4:20:60:f9:32:8d:84:c9:5b:ad:df:27:dd:d7:9a:
9f:af:04:16:44:40:6f:1a:79:b5:ae:34:fc:3d:33:97:41:33:
9e:ec:ae:c7:c8:9d:4a:8d:f5:4a:ce:52:72:0f:97:7f:ff:84:
65:11:04:2d:fc:fd:59:36:98:96:b7:ed:3d:4c:59:2b:52:56:
c8:3c:92:67:2a:a4:42:47:a0:ce:66:14:ac:1b:91:d2:fe:ca:
31:a2:0a:e4:51:aa:1b:bd:41:40:15:00:90:a7:1e:b8:f4:97:
63:e5:97:1a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOVNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjE5MDM1NjUxWhcNMjUxMjEwMDM1NjUxWjAYMRYw
FAYDVQQDEw02NzYzOTk4Ni0zNGI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtNyX/wAPVRJiQ7CRK3dtUfH0pkmTLnjLDGaGpUcEm9MXMwkuToMPFHpK
DytMOGPifAxL+rEGmQ8OrZlwBG/qbnS4hgtFzRQLeCKgeaIk4uod8h8gxn/NREQ1
IpUl5KUk8z1ofkJbwLQ5kX8raDB3YyyGwTWid/1CIj1SlJPH5Bw8tJqfirC51QyA
whY+V7V4MZzpOiF/RM7F9bIc51xEwL5ZbmEAwjn7Mx1AXvpEExtjG5mhiwcvQYsF
aFx0El3wjgYRgTADBg8jiTHfOMp36yznD4HVlgCdFAU7f3JKFTDfbIRrNM/+Vnqt
Z31Ifd/yViyUfNJwrmpw9koHtYnncQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMpm
LsDwUaK9l8Fb9XwJyYaHxN2VMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80OTE1N0Y3RUJEQkQxMUVGQUYxOUIyNUU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc5JMA0GCSqGSIb3DQEBCwUA
A4IBAQBQIRD5IVJEgPVeb/NY2ORdwsU9UkylgyPaPcNzgZkV5GfQZiqv+2s47QkG
lnie5eh2qsmA1WexEkJvPAc3b89oky5UkV3/FURlAtmVtl8Z/cAETK1zlESgoXPT
x7wNAcp1SNEfXr1KxFfH7nP08SWCjoRy3fD+4MkT675n4fPtoIrOTzZfTZUYF6ov
/SdVQbCiZ7X0IGD5Mo2EyVut3yfd15qfrwQWREBvGnm1rjT8PTOXQTOe7K7HyJ1K
jfVKzlJyD5d//4RlEQQt/P1ZNpiWt+09TFkrUlbIPJJnKqRCR6DOZhSsG5HS/sox
ogrkUaobvUFAFQCQpx649Jdj5Zca
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:41:37 2025 by rpki-client