Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/513784E0BE7611EFBC82035E762E951A.roa
File: 513784E0BE7611EFBC82035E762E951A.roa (raw, json)
Hash identifier: 7BIVWHYLecyPa5sV7bHnNj4mzM60pYcOY88AkhRJGN8=
Subject key identifier: 36:10:84:B7:D0:EE:F6:2E:6F:8B:D6:54:57:7A:E6:F0:CE:3D:D5:2A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E62A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/513784E0BE7611EFBC82035E762E951A.roa
Signing time: Fri 20 Dec 2024 02:01:25 +0000
ROA not before: Fri 20 Dec 2024 02:01:21 +0000
ROA not after: Wed 10 Dec 2025 02:01:21 +0000
asID: 984
IP address blocks: 45.206.149.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58922 (0xe62a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 20 02:01:21 2024 GMT
Not After : Dec 10 02:01:21 2025 GMT
Subject: CN=6764cff5-2050
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:04:3a:5b:df:a9:54:a3:b4:5b:ba:c8:56:94:
6e:22:a9:ec:d6:86:48:52:97:02:04:be:e3:41:08:
ae:2b:17:2f:cc:4e:2b:c0:01:b6:e5:11:87:90:e8:
2c:52:ab:f1:54:63:b4:39:60:e9:2a:77:7a:47:70:
25:22:e0:da:63:2f:bb:85:d8:59:2c:78:f1:8a:32:
71:96:61:95:fc:a3:59:72:56:cc:8e:6b:e0:5c:82:
24:eb:d8:a0:88:6c:a7:0f:3f:88:63:0d:04:6b:d0:
b9:86:82:1d:93:d9:d5:de:8a:b5:ca:cd:5c:b2:e4:
db:6e:28:f4:ed:3d:eb:1c:bd:dd:83:3d:16:be:4c:
53:b9:cb:8c:27:54:88:1b:ab:a3:76:74:c1:56:a2:
b5:58:61:7c:d5:46:89:45:8b:29:03:f8:e4:aa:18:
a8:9c:3e:40:f8:74:8c:ce:a8:70:5e:13:7f:08:8f:
e7:15:ef:b4:b4:0f:aa:9a:b6:c8:4a:15:02:6e:77:
5b:2a:c9:a2:b7:a8:4f:d4:38:56:e3:a7:16:0b:07:
7e:a6:4f:d5:2b:33:49:0c:27:66:7b:a3:b7:95:39:
4b:15:65:5a:42:3c:d8:2a:3b:0c:69:57:a4:f8:50:
0a:e7:5d:46:6b:31:7e:b3:0a:12:60:e8:09:63:92:
12:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:10:84:B7:D0:EE:F6:2E:6F:8B:D6:54:57:7A:E6:F0:CE:3D:D5:2A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/513784E0BE7611EFBC82035E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.206.149.0/24
Signature Algorithm: sha256WithRSAEncryption
10:cc:c8:dc:70:11:1f:3c:71:cd:e4:d3:b6:f3:88:b2:e8:4c:
03:89:0c:35:5d:90:4a:d2:b1:53:5d:a3:d1:ed:31:53:8c:4b:
9f:29:af:7c:37:83:61:aa:1e:aa:02:d1:49:30:4d:e2:56:eb:
0d:9b:5a:d1:4f:63:bf:75:df:17:e5:30:9d:87:e9:72:cb:f9:
8d:a0:b5:af:ac:eb:9f:76:de:63:eb:cb:6c:78:c7:5b:c6:82:
90:72:1f:26:a4:68:f8:8f:fd:02:bd:c2:91:c9:e0:01:1c:91:
d6:19:43:ef:c8:c8:6a:99:61:99:86:f1:9a:53:61:71:39:d8:
cf:cb:8a:e7:ce:b5:73:65:ce:90:60:e1:f8:09:75:09:60:4f:
8e:d6:1d:83:af:0d:51:82:ba:a2:36:8e:35:72:33:b8:46:41:
37:02:90:41:04:8e:e5:54:0a:a8:eb:57:bf:58:12:81:01:9d:
21:28:b2:d0:10:0d:62:79:0e:72:c2:23:9c:84:c9:c9:83:81:
b7:b0:2f:65:3d:59:61:f6:db:34:6a:08:c8:d5:fc:0c:69:8c:
3f:4e:ba:84:d7:90:d0:f4:ab:bc:7a:1f:44:a7:b6:11:af:b1:
4f:27:d6:9f:b8:e7:0f:3a:e9:67:1a:92:ed:07:5b:e3:f3:46:
f1:71:79:1b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOYqMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjIwMDIwMTIxWhcNMjUxMjEwMDIwMTIxWjAYMRYw
FAYDVQQDEw02NzY0Y2ZmNS0yMDUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA9wQ6W9+pVKO0W7rIVpRuIqns1oZIUpcCBL7jQQiuKxcvzE4rwAG25RGH
kOgsUqvxVGO0OWDpKnd6R3AlIuDaYy+7hdhZLHjxijJxlmGV/KNZclbMjmvgXIIk
69igiGynDz+IYw0Ea9C5hoIdk9nV3oq1ys1csuTbbij07T3rHL3dgz0WvkxTucuM
J1SIG6ujdnTBVqK1WGF81UaJRYspA/jkqhionD5A+HSMzqhwXhN/CI/nFe+0tA+q
mrbIShUCbndbKsmit6hP1DhW46cWCwd+pk/VKzNJDCdme6O3lTlLFWVaQjzYKjsM
aVek+FAK511GazF+swoSYOgJY5IS9QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDYQ
hLfQ7vYub4vWVFd65vDOPdUqMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81MTM3ODRFMEJFNzYxMUVGQkM4MjAzNUU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc6VMA0GCSqGSIb3DQEBCwUA
A4IBAQAQzMjccBEfPHHN5NO284iy6EwDiQw1XZBK0rFTXaPR7TFTjEufKa98N4Nh
qh6qAtFJME3iVusNm1rRT2O/dd8X5TCdh+lyy/mNoLWvrOufdt5j68tseMdbxoKQ
ch8mpGj4j/0CvcKRyeABHJHWGUPvyMhqmWGZhvGaU2FxOdjPy4rnzrVzZc6QYOH4
CXUJYE+O1h2Drw1RgrqiNo41cjO4RkE3ApBBBI7lVAqo61e/WBKBAZ0hKLLQEA1i
eQ5ywiOchMnJg4G3sC9lPVlh9ts0agjI1fwMaYw/TrqE15DQ9Ku8eh9Ep7YRr7FP
J9afuOcPOulnGpLtB1vj80bxcXkb
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:58:45 2025 by rpki-client