Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5F9C9AF8BE8911EF83607360762E951A.roa
File: 5F9C9AF8BE8911EF83607360762E951A.roa (raw, json)
Hash identifier: U7Ax/jejod7wVgy/oEDL8ZCt9l16RylR5MpZ2QGc8nM=
Subject key identifier: 2D:C6:F5:30:A4:CA:9E:AE:3F:ED:73:FB:EF:FD:D4:2B:13:70:4B:71
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E6B0
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5F9C9AF8BE8911EF83607360762E951A.roa
Signing time: Fri 20 Dec 2024 04:17:50 +0000
ROA not before: Fri 20 Dec 2024 04:17:46 +0000
ROA not after: Wed 10 Dec 2025 04:17:46 +0000
asID: 984
IP address blocks: 45.206.219.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59056 (0xe6b0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 20 04:17:46 2024 GMT
Not After : Dec 10 04:17:46 2025 GMT
Subject: CN=6764efed-5a0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:9d:de:36:cd:74:cf:ce:d4:e1:3a:a2:29:ef:
01:be:5b:e0:da:68:4f:17:b0:14:b3:12:45:4e:48:
26:93:da:8b:87:92:29:d0:38:c6:64:e9:8f:69:9d:
38:97:17:c8:11:5d:a2:eb:c3:9b:7c:a7:17:0e:d0:
05:14:0d:2f:39:75:fe:f7:76:7d:ba:0e:83:cc:66:
34:19:03:4b:ae:2a:53:1a:db:b9:47:2e:4d:4b:99:
6a:bb:5d:8f:32:ad:e4:47:96:51:c8:98:24:d1:a4:
d9:26:2c:42:63:d6:dc:47:b3:57:cf:dd:14:67:92:
1b:68:de:02:9d:dd:bc:46:16:ce:0d:dd:e7:b2:e4:
55:f5:c9:15:ba:ed:37:3a:e1:17:39:90:c4:7e:39:
1f:85:cb:83:3d:86:b1:07:34:22:b6:47:e9:0c:05:
9a:5d:3d:a5:54:8c:4d:89:43:a0:e6:89:48:80:5a:
77:39:1c:28:51:06:8b:52:a6:0a:56:3f:21:84:f7:
d5:9a:eb:8b:96:1c:b9:2f:7a:c2:0f:66:79:39:e9:
a3:cb:37:23:16:35:3b:69:7c:bd:af:e6:5c:a6:80:
b3:41:13:ba:14:1b:e1:ea:e8:bf:ee:38:1c:eb:af:
7d:b6:b6:1c:af:8f:28:c7:c2:61:7f:0f:90:74:29:
4a:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:C6:F5:30:A4:CA:9E:AE:3F:ED:73:FB:EF:FD:D4:2B:13:70:4B:71
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5F9C9AF8BE8911EF83607360762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.206.219.0/24
Signature Algorithm: sha256WithRSAEncryption
01:59:c6:c0:90:06:62:2d:e7:49:86:95:41:1f:bf:59:4e:fd:
7e:7e:12:5c:10:8f:61:2a:7f:bd:92:da:af:b9:8e:90:66:c8:
60:af:0c:a3:e7:8b:e1:f7:75:3d:a6:c2:90:b3:1d:b6:93:9e:
dd:99:bf:fc:7b:34:88:85:31:6b:1c:08:ff:ac:6d:6a:54:47:
97:98:da:c8:5d:35:27:e8:6e:02:73:21:8f:30:a2:e7:13:ac:
4a:d6:ba:a2:03:6c:3f:62:54:1f:46:8b:18:1c:a1:49:6c:37:
6b:01:f1:9a:27:14:c2:99:d0:a5:b0:c7:81:71:2d:77:a0:3a:
3e:b2:51:0c:f9:5f:23:93:29:97:74:34:a9:4b:8d:71:dc:7d:
a9:88:1b:c9:5c:4d:f9:ce:fb:d5:d3:52:6d:13:91:2a:f0:69:
62:22:1c:1c:00:c8:c8:60:30:dd:b3:d1:af:28:18:71:b0:a2:
d8:da:7d:25:e3:ae:16:1a:3c:87:4a:a2:bb:6f:23:3e:02:bc:
63:a3:b6:ce:58:3f:de:12:c7:c0:d0:2d:23:34:0e:c3:a1:ef:
05:70:c7:03:12:1f:6f:82:56:79:0b:d5:3a:00:cf:34:7d:31:
7f:b3:34:fe:17:5a:a2:07:32:e7:04:90:18:ce:f6:81:d2:db:
14:93:06:98
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOawMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjIwMDQxNzQ2WhcNMjUxMjEwMDQxNzQ2WjAYMRYw
FAYDVQQDEw02NzY0ZWZlZC01YTBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5Z3eNs10z87U4TqiKe8Bvlvg2mhPF7AUsxJFTkgmk9qLh5Ip0DjGZOmP
aZ04lxfIEV2i68ObfKcXDtAFFA0vOXX+93Z9ug6DzGY0GQNLripTGtu5Ry5NS5lq
u12PMq3kR5ZRyJgk0aTZJixCY9bcR7NXz90UZ5IbaN4Cnd28RhbODd3nsuRV9ckV
uu03OuEXOZDEfjkfhcuDPYaxBzQitkfpDAWaXT2lVIxNiUOg5olIgFp3ORwoUQaL
UqYKVj8hhPfVmuuLlhy5L3rCD2Z5OemjyzcjFjU7aXy9r+ZcpoCzQRO6FBvh6ui/
7jgc6699trYcr48ox8Jhfw+QdClKgwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFC3G
9TCkyp6uP+1z++/91CsTcEtxMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81RjlDOUFGOEJFODkxMUVGODM2MDczNjA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc7bMA0GCSqGSIb3DQEBCwUA
A4IBAQABWcbAkAZiLedJhpVBH79ZTv1+fhJcEI9hKn+9ktqvuY6QZshgrwyj54vh
93U9psKQsx22k57dmb/8ezSIhTFrHAj/rG1qVEeXmNrIXTUn6G4CcyGPMKLnE6xK
1rqiA2w/YlQfRosYHKFJbDdrAfGaJxTCmdClsMeBcS13oDo+slEM+V8jkymXdDSp
S41x3H2piBvJXE35zvvV01JtE5Eq8GliIhwcAMjIYDDds9GvKBhxsKLY2n0l464W
GjyHSqK7byM+Arxjo7bOWD/eEsfA0C0jNA7Doe8FcMcDEh9vglZ5C9U6AM80fTF/
szT+F1qiBzLnBJAYzvaB0tsUkwaY
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:54:17 2025 by rpki-client