Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4B00B3AABE7911EF890BA672762E951A.roa
File: 4B00B3AABE7911EF890BA672762E951A.roa (raw, json)
Hash identifier: K4b4SqXubaEKHZB8vbeqiiYecqqkAF7rBkGFsgnlMeA=
Subject key identifier: E2:AB:66:6A:04:5B:45:17:88:72:E9:12:C8:5A:52:29:16:C1:67:C2
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E64E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4B00B3AABE7911EF890BA672762E951A.roa
Signing time: Fri 20 Dec 2024 02:22:43 +0000
ROA not before: Fri 20 Dec 2024 02:22:39 +0000
ROA not after: Wed 10 Dec 2025 02:22:39 +0000
asID: 984
IP address blocks: 45.206.168.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58958 (0xe64e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 20 02:22:39 2024 GMT
Not After : Dec 10 02:22:39 2025 GMT
Subject: CN=6764d4f3-c39c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:39:cc:6c:f4:16:7a:a7:17:2f:5e:52:a3:8a:
1b:2e:ee:83:7e:75:4c:0d:9e:b7:d2:d6:d7:06:ea:
b7:75:13:08:fa:53:06:5e:1c:0d:80:95:8e:4d:33:
ce:b8:2b:ce:72:73:e5:ed:8f:ca:96:ba:aa:10:a3:
f3:6c:84:6c:18:51:2d:bc:a7:88:33:a6:d4:df:8b:
89:ce:d4:26:fa:37:b8:dc:7a:42:a3:ae:fc:e0:41:
62:41:d9:51:10:19:6b:1e:6c:56:68:60:09:6f:ac:
d7:26:59:b2:cb:4a:7a:1e:90:a3:8b:d9:0a:a3:9d:
83:49:c0:3a:9f:82:b5:a6:d6:7e:b5:d5:1f:9f:50:
7c:ec:2e:89:7a:00:d1:de:c7:c9:b5:43:bb:c1:8d:
1f:18:2a:66:2d:a8:e1:9e:da:6b:9f:16:2e:5d:d5:
f3:82:fa:1f:7a:d9:61:a4:da:8e:43:40:99:35:4d:
9b:93:91:a8:13:e2:43:89:92:84:97:e8:d0:27:84:
e6:6f:92:8d:f2:0d:e5:58:e4:19:5d:26:6e:ac:08:
57:87:b1:3a:dd:87:25:1f:5f:e7:fd:36:dc:a0:37:
0d:f2:c4:3c:ef:7f:ad:95:5f:be:30:22:36:86:de:
9c:7c:0d:27:21:25:43:2a:e8:29:bd:a2:5c:4c:70:
26:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:AB:66:6A:04:5B:45:17:88:72:E9:12:C8:5A:52:29:16:C1:67:C2
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4B00B3AABE7911EF890BA672762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.206.168.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:0e:fd:51:ba:4d:49:a2:f6:12:ba:a4:c5:b1:9a:81:98:6a:
6b:38:92:a2:83:62:5a:12:3d:a6:87:ce:0b:70:ef:ea:16:2c:
06:71:61:54:f7:bf:f9:8f:ba:44:94:7b:fe:bb:1e:97:5d:63:
4d:b5:e6:e8:eb:a1:59:59:f8:9b:a1:1f:d4:c9:73:d6:c2:76:
26:df:9b:9e:96:4f:7b:f9:50:21:20:87:1f:7c:ae:dd:ec:7f:
6a:d9:ce:55:dd:15:1f:ea:0f:16:ed:a8:91:bd:45:1c:8e:e7:
a4:8c:2b:23:13:55:fd:de:9c:83:d9:7c:c3:f7:cb:54:e6:f4:
2b:84:ec:a7:75:62:b8:e0:90:7c:82:2e:2f:6d:76:0e:d8:0d:
fe:04:c1:3d:27:f6:7b:13:33:a1:65:97:26:d1:a2:29:de:ed:
78:97:61:a2:b5:96:aa:45:0c:f0:05:35:dd:a8:8b:9e:8a:f3:
5b:b2:24:76:60:c3:98:c5:7e:c4:fd:35:59:0a:b6:12:99:00:
f7:79:cd:a2:07:6a:b0:7f:83:29:58:0c:a0:eb:67:5c:3a:94:
2e:b7:bf:4c:50:65:39:0e:16:f1:16:49:ae:ae:0c:95:da:d5:
f5:41:70:48:b2:5a:55:12:4f:78:5b:a9:f4:8f:da:e8:f4:89:
dd:1b:fc:a9
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOZOMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjIwMDIyMjM5WhcNMjUxMjEwMDIyMjM5WjAYMRYw
FAYDVQQDEw02NzY0ZDRmMy1jMzljMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2jnMbPQWeqcXL15So4obLu6DfnVMDZ630tbXBuq3dRMI+lMGXhwNgJWO
TTPOuCvOcnPl7Y/KlrqqEKPzbIRsGFEtvKeIM6bU34uJztQm+je43HpCo6784EFi
QdlREBlrHmxWaGAJb6zXJlmyy0p6HpCji9kKo52DScA6n4K1ptZ+tdUfn1B87C6J
egDR3sfJtUO7wY0fGCpmLajhntprnxYuXdXzgvofetlhpNqOQ0CZNU2bk5GoE+JD
iZKEl+jQJ4Tmb5KN8g3lWOQZXSZurAhXh7E63YclH1/n/TbcoDcN8sQ873+tlV++
MCI2ht6cfA0nISVDKugpvaJcTHAmvQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOKr
ZmoEW0UXiHLpEshaUikWwWfCMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80QjAwQjNBQUJFNzkxMUVGODkwQkE2NzI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc6oMA0GCSqGSIb3DQEBCwUA
A4IBAQBfDv1Ruk1JovYSuqTFsZqBmGprOJKig2JaEj2mh84LcO/qFiwGcWFU97/5
j7pElHv+ux6XXWNNtebo66FZWfiboR/UyXPWwnYm35uelk97+VAhIIcffK7d7H9q
2c5V3RUf6g8W7aiRvUUcjuekjCsjE1X93pyD2XzD98tU5vQrhOyndWK44JB8gi4v
bXYO2A3+BME9J/Z7EzOhZZcm0aIp3u14l2GitZaqRQzwBTXdqIueivNbsiR2YMOY
xX7E/TVZCrYSmQD3ec2iB2qwf4MpWAyg62dcOpQut79MUGU5DhbxFkmurgyV2tX1
QXBIslpVEk94W6n0j9ro9IndG/yp
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:44:40 2025 by rpki-client