Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/56067B5ABDBF11EFB9B9836B762E951A.roa
File: 56067B5ABDBF11EFB9B9836B762E951A.roa (raw, json)
Hash identifier: f3Vzo3hawgCbIT0+ouFiNMKCEPXpoMDce2CTI14mPKw=
Subject key identifier: 12:4C:F1:3C:78:67:2E:4E:3A:21:92:A2:9A:59:92:3A:B0:41:9F:2D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E567
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/56067B5ABDBF11EFB9B9836B762E951A.roa
Signing time: Thu 19 Dec 2024 04:11:35 +0000
ROA not before: Thu 19 Dec 2024 04:11:31 +0000
ROA not after: Wed 10 Dec 2025 04:11:31 +0000
asID: 984
IP address blocks: 45.206.86.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58727 (0xe567)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 19 04:11:31 2024 GMT
Not After : Dec 10 04:11:31 2025 GMT
Subject: CN=67639cf7-cfe4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:f7:19:84:26:7e:99:4e:b3:9e:cb:68:b5:66:
e8:71:dc:9a:42:48:02:af:f4:e5:90:87:94:cd:49:
13:bb:8c:70:0f:8e:fb:40:ae:c0:91:3c:4f:57:29:
39:d5:40:25:86:1e:20:ad:74:92:72:db:42:d5:3e:
68:4e:ab:1b:8b:b4:ea:ff:5b:fa:81:28:07:59:98:
9f:93:67:fe:33:83:38:9c:4c:57:fc:67:7d:21:d9:
99:e3:79:25:b4:23:24:ec:a9:c1:c8:0b:b5:73:24:
24:6c:86:41:29:39:5a:3b:01:e3:59:df:29:fd:52:
53:8e:86:14:e0:fa:d6:39:8e:a0:0a:e2:a5:28:99:
13:13:73:68:3f:3d:4d:d5:20:5f:d4:55:ee:54:6a:
53:94:d1:b8:c7:c7:11:70:a0:26:7b:51:e2:76:9a:
3e:34:48:b8:4d:22:5f:01:05:3c:0e:34:dd:97:9c:
86:94:cf:73:e6:ab:6a:14:eb:74:b6:79:bb:41:4c:
1d:9e:f2:47:de:8e:bc:fb:4a:dc:8f:19:04:2e:31:
10:4d:41:29:8d:e4:22:e3:ab:ef:49:39:7a:c8:b1:
df:b4:51:02:b3:51:a7:39:69:fa:f6:06:fa:69:bc:
b6:89:7f:85:d8:18:c7:b4:84:2d:d4:09:43:ff:db:
9a:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:4C:F1:3C:78:67:2E:4E:3A:21:92:A2:9A:59:92:3A:B0:41:9F:2D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/56067B5ABDBF11EFB9B9836B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.206.86.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:5f:c8:de:2c:92:bc:e6:ce:c9:79:87:f2:61:02:30:97:aa:
ff:35:bb:0c:a3:45:df:83:2e:87:2b:65:9a:d4:85:13:ab:76:
a5:d3:aa:49:68:b5:04:f5:af:60:8c:4b:68:db:c3:8f:c6:f6:
09:92:e8:d0:e4:ad:e0:b7:1d:9a:c1:3d:55:c8:87:d3:cd:07:
c8:7c:92:d0:25:fb:8f:81:7f:dd:21:3a:8d:f6:ec:56:a0:d3:
cf:a8:c6:a0:f2:9f:68:6c:68:69:15:b0:a3:66:23:89:10:f8:
c6:11:3f:a0:c4:3c:c2:9e:cd:fd:0c:99:18:49:0b:c1:07:da:
2b:ac:0d:28:f0:c1:50:5f:11:5d:d9:4c:c2:0b:32:79:a7:b4:
80:61:8e:1b:4f:cf:26:d2:9a:c9:5d:31:53:a1:1f:cc:91:e2:
3c:7d:18:7b:8e:09:44:90:7f:79:a0:ec:00:a6:b4:6e:e9:7d:
1d:58:3e:2f:d8:a3:d7:7e:4e:97:2c:a9:ee:a9:20:f4:77:37:
dd:8c:7b:e6:ba:bb:74:92:34:da:e7:65:64:c2:5b:e4:f3:74:
3f:95:b6:df:fa:c8:17:16:a7:8d:0d:db:a4:c0:5f:fa:b9:36:
86:5a:f3:6e:d7:28:37:ba:0a:23:52:33:ed:0a:03:0d:ac:a5:
5f:f3:69:6c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOVnMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjE5MDQxMTMxWhcNMjUxMjEwMDQxMTMxWjAYMRYw
FAYDVQQDEw02NzYzOWNmNy1jZmU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxfcZhCZ+mU6znstotWbocdyaQkgCr/TlkIeUzUkTu4xwD477QK7AkTxP
Vyk51UAlhh4grXSScttC1T5oTqsbi7Tq/1v6gSgHWZifk2f+M4M4nExX/Gd9IdmZ
43kltCMk7KnByAu1cyQkbIZBKTlaOwHjWd8p/VJTjoYU4PrWOY6gCuKlKJkTE3No
Pz1N1SBf1FXuVGpTlNG4x8cRcKAme1Hidpo+NEi4TSJfAQU8DjTdl5yGlM9z5qtq
FOt0tnm7QUwdnvJH3o68+0rcjxkELjEQTUEpjeQi46vvSTl6yLHftFECs1GnOWn6
9gb6aby2iX+F2BjHtIQt1AlD/9uaCwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBJM
8Tx4Zy5OOiGSoppZkjqwQZ8tMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81NjA2N0I1QUJEQkYxMUVGQjlCOTgzNkI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc5WMA0GCSqGSIb3DQEBCwUA
A4IBAQAfX8jeLJK85s7JeYfyYQIwl6r/NbsMo0Xfgy6HK2Wa1IUTq3al06pJaLUE
9a9gjEto28OPxvYJkujQ5K3gtx2awT1VyIfTzQfIfJLQJfuPgX/dITqN9uxWoNPP
qMag8p9obGhpFbCjZiOJEPjGET+gxDzCns39DJkYSQvBB9orrA0o8MFQXxFd2UzC
CzJ5p7SAYY4bT88m0prJXTFToR/MkeI8fRh7jglEkH95oOwAprRu6X0dWD4v2KPX
fk6XLKnuqSD0dzfdjHvmurt0kjTa52Vkwlvk83Q/lbbf+sgXFqeNDdukwF/6uTaG
WvNu1yg3ugojUjPtCgMNrKVf82ls
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:48:39 2025 by rpki-client