Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5258F9EABDC111EF97BAF877762E951A.roa
File: 5258F9EABDC111EF97BAF877762E951A.roa (raw, json)
Hash identifier: /jfWimUIUOmNg83YCegiBzWgKDRR/K/eYttWR+NicTQ=
Subject key identifier: 70:F9:60:63:12:D8:58:37:E8:E9:22:32:35:5C:D6:40:22:2C:54:62
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E571
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5258F9EABDC111EF97BAF877762E951A.roa
Signing time: Thu 19 Dec 2024 04:25:48 +0000
ROA not before: Thu 19 Dec 2024 04:25:44 +0000
ROA not after: Wed 10 Dec 2025 04:25:44 +0000
asID: 984
IP address blocks: 45.206.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58737 (0xe571)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 19 04:25:44 2024 GMT
Not After : Dec 10 04:25:44 2025 GMT
Subject: CN=6763a04c-98c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:d8:be:6a:e9:c6:3b:77:6f:b2:f8:e5:bd:42:
47:cf:f3:f5:62:6c:7b:eb:43:53:17:67:62:af:ed:
f3:26:20:01:fa:98:58:06:97:dc:c5:64:30:50:38:
d6:ad:b7:28:02:06:31:dc:b0:d2:0a:a3:04:f8:9a:
02:ae:34:bb:33:c4:17:79:61:cb:7f:c7:ad:8d:0b:
78:e3:02:99:24:32:a6:0f:85:5b:2e:5a:c1:1c:45:
dd:58:22:c6:00:ca:c2:f8:1b:ec:a7:2a:b5:25:77:
ea:21:e7:fd:06:d9:26:bb:93:e7:3b:6c:8e:c6:de:
c5:ca:63:59:09:99:7a:10:4a:f7:ca:4c:e9:e3:2e:
b7:57:c3:b1:71:01:6d:ee:6e:38:d9:d7:4a:b8:19:
48:00:ef:2b:19:7b:9f:98:ce:03:27:1b:bd:c3:c1:
29:a9:8e:63:85:46:7d:1e:6d:2d:e7:89:3b:b9:f9:
b7:a0:ef:dc:ae:cb:1e:31:55:bd:f8:3c:e9:97:34:
d1:71:d4:b5:7b:bc:d8:08:29:84:85:b2:69:c4:0b:
e9:bb:30:b6:41:fe:01:50:5f:57:c1:0a:82:7b:5d:
4e:52:ce:50:be:c2:f4:d2:2a:ed:08:b7:81:73:57:
19:82:73:c2:b3:07:b5:35:9c:2b:01:7a:88:70:75:
7a:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:F9:60:63:12:D8:58:37:E8:E9:22:32:35:5C:D6:40:22:2C:54:62
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5258F9EABDC111EF97BAF877762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.206.91.0/24
Signature Algorithm: sha256WithRSAEncryption
42:9d:0a:52:c2:ff:c6:58:b6:57:f0:09:4d:48:e7:81:61:02:
b2:55:d1:8d:d3:3c:7c:e4:c4:ed:8f:5c:2b:ad:1b:cc:2c:5e:
ee:de:32:f9:5c:04:9c:34:ea:05:aa:95:01:c6:83:6c:d5:a7:
d7:dd:b7:d9:ee:6d:02:ea:39:33:bf:92:48:7d:57:0b:d6:ee:
d3:66:11:c4:71:10:a0:ee:23:1d:46:b2:31:56:37:38:cf:2d:
85:a1:6a:e4:f9:58:29:e3:72:c9:d0:f7:1c:e7:e4:97:93:dc:
81:30:81:17:a8:7f:fd:e7:12:9b:69:ca:7c:dd:74:6f:6f:54:
9e:0a:21:1a:c5:4f:71:e7:4e:78:fc:0f:27:a5:77:81:e3:44:
96:7b:30:8f:7d:76:14:d7:2e:1b:24:45:ab:41:ed:d0:9c:0f:
c3:dd:a8:18:df:4a:60:41:1e:02:3d:31:4e:5d:2d:cb:f6:3e:
97:d4:82:5c:1b:08:15:a0:24:55:41:9f:a3:d2:9b:4e:26:32:
68:df:c2:cb:70:8a:87:76:23:40:47:e7:d4:71:e8:02:13:f9:
ea:ea:01:b6:f7:4f:0a:36:6e:9f:c1:0f:dc:04:de:79:cb:6f:
ca:fe:e2:0c:1c:38:1e:13:17:32:4b:c0:e7:b9:af:70:b5:66:
1f:6c:89:3d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOVxMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjE5MDQyNTQ0WhcNMjUxMjEwMDQyNTQ0WjAYMRYw
FAYDVQQDEw02NzYzYTA0Yy05OGM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAn9i+aunGO3dvsvjlvUJHz/P1Ymx760NTF2dir+3zJiAB+phYBpfcxWQw
UDjWrbcoAgYx3LDSCqME+JoCrjS7M8QXeWHLf8etjQt44wKZJDKmD4VbLlrBHEXd
WCLGAMrC+Bvspyq1JXfqIef9Btkmu5PnO2yOxt7FymNZCZl6EEr3ykzp4y63V8Ox
cQFt7m442ddKuBlIAO8rGXufmM4DJxu9w8EpqY5jhUZ9Hm0t54k7ufm3oO/crsse
MVW9+DzplzTRcdS1e7zYCCmEhbJpxAvpuzC2Qf4BUF9XwQqCe11OUs5QvsL00irt
CLeBc1cZgnPCswe1NZwrAXqIcHV6swIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHD5
YGMS2Fg36OkiMjVc1kAiLFRiMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81MjU4RjlFQUJEQzExMUVGOTdCQUY4Nzc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc5bMA0GCSqGSIb3DQEBCwUA
A4IBAQBCnQpSwv/GWLZX8AlNSOeBYQKyVdGN0zx85MTtj1wrrRvMLF7u3jL5XASc
NOoFqpUBxoNs1afX3bfZ7m0C6jkzv5JIfVcL1u7TZhHEcRCg7iMdRrIxVjc4zy2F
oWrk+Vgp43LJ0Pcc5+SXk9yBMIEXqH/95xKbacp83XRvb1SeCiEaxU9x5054/A8n
pXeB40SWezCPfXYU1y4bJEWrQe3QnA/D3agY30pgQR4CPTFOXS3L9j6X1IJcGwgV
oCRVQZ+j0ptOJjJo38LLcIqHdiNAR+fUcegCE/nq6gG2908KNm6fwQ/cBN55y2/K
/uIMHDgeExcyS8Dnua9wtWYfbIk9
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:45:32 2025 by rpki-client