Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/61D34C42BE8711EF8DAF6555762E951A.roa
File: 61D34C42BE8711EF8DAF6555762E951A.roa (raw, json)
Hash identifier: X4+9jeXtt6BoMC9nVqgop7xukO+TeVBnkJeOPd0OPhw=
Subject key identifier: 4E:6C:31:46:21:7E:96:26:19:C6:DC:D4:EF:E4:09:97:A8:F9:B8:12
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E698
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/61D34C42BE8711EF8DAF6555762E951A.roa
Signing time: Fri 20 Dec 2024 04:03:34 +0000
ROA not before: Fri 20 Dec 2024 04:03:31 +0000
ROA not after: Wed 10 Dec 2025 04:03:31 +0000
asID: 984
IP address blocks: 45.206.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59032 (0xe698)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 20 04:03:31 2024 GMT
Not After : Dec 10 04:03:31 2025 GMT
Subject: CN=6764ec96-6ca6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:9a:13:06:0d:9f:05:19:4c:2c:aa:d1:83:13:
76:e2:f3:34:bb:92:e2:0a:0c:ab:52:1f:a9:91:99:
4b:88:61:8f:b8:6b:7f:5b:3f:e0:c7:95:05:05:9d:
50:4f:e6:54:fc:83:7a:7d:2d:af:ce:03:d5:cf:e5:
2c:a2:34:fe:22:27:fe:b4:6f:ae:fa:9b:1a:f0:d6:
41:ad:0a:73:8d:7f:bb:1f:99:9c:a6:b2:ac:5e:f8:
39:f8:f9:f3:4b:74:75:6a:30:47:50:98:c1:60:cd:
17:72:da:02:33:ac:a7:c3:59:0a:0d:f5:80:b3:4a:
a6:c5:91:9c:b9:78:86:3e:e0:d2:78:0d:4c:fe:6d:
d0:1f:1b:c2:b5:6b:7d:d2:52:1c:68:c3:22:c0:20:
21:95:e6:55:dc:6f:2b:c8:80:ca:a6:59:e8:02:ed:
5a:eb:c2:85:b5:44:0e:21:2b:2f:7c:9f:2f:16:88:
7c:91:8d:dc:49:57:e5:f8:70:63:ad:8b:d5:50:f3:
34:7c:09:44:a2:40:93:ba:72:55:44:de:db:04:ed:
35:58:b1:5b:a5:1e:6b:ae:2d:0a:f8:78:4c:b6:08:
9f:dd:39:a4:41:42:7f:9d:df:2a:15:a2:47:a1:78:
97:8f:8f:ca:fa:92:a2:d4:19:f5:ff:a6:59:7b:84:
51:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:6C:31:46:21:7E:96:26:19:C6:DC:D4:EF:E4:09:97:A8:F9:B8:12
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/61D34C42BE8711EF8DAF6555762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.206.207.0/24
Signature Algorithm: sha256WithRSAEncryption
00:1d:b2:20:80:86:41:bc:f0:2f:33:bd:86:7b:89:dc:a1:53:
7e:72:c3:fd:60:cc:23:e8:0d:0e:97:35:bb:66:15:15:71:ea:
e6:80:e0:2a:66:11:ed:f6:91:b2:d2:ac:92:60:d8:db:46:a1:
d1:3b:91:ef:12:aa:72:c5:ce:d9:31:7c:25:11:5e:51:33:0c:
35:37:59:6f:b6:a1:60:b1:6e:3e:18:99:e0:b5:6f:17:e0:2d:
9c:84:94:1e:43:1c:74:58:d1:80:1f:3a:0b:f0:f7:9c:3b:eb:
bc:61:5b:cc:86:50:92:fc:c3:48:df:2f:56:c3:8d:98:56:7b:
77:66:c1:d4:60:4a:19:39:80:ec:20:5e:5e:66:49:f9:9c:da:
af:a1:f8:7f:b7:42:b2:16:17:28:eb:51:4b:fb:37:05:5a:ac:
cb:51:a0:6c:98:08:22:ac:55:3a:5b:46:a1:48:58:5e:cb:7c:
49:ad:21:e3:b8:4e:d5:32:9b:b2:71:5e:68:65:39:09:18:b8:
3a:d0:92:f9:ca:2c:16:4c:4e:32:a8:37:3d:5a:ef:a3:ec:bc:
03:4d:3f:7e:3e:4b:11:d1:77:fe:91:a5:07:84:e5:43:14:12:
5c:10:bf:e3:55:7e:56:6b:45:05:c1:91:a0:be:45:e8:f9:23:
83:8c:88:a9
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOaYMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjIwMDQwMzMxWhcNMjUxMjEwMDQwMzMxWjAYMRYw
FAYDVQQDEw02NzY0ZWM5Ni02Y2E2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwJoTBg2fBRlMLKrRgxN24vM0u5LiCgyrUh+pkZlLiGGPuGt/Wz/gx5UF
BZ1QT+ZU/IN6fS2vzgPVz+UsojT+Iif+tG+u+psa8NZBrQpzjX+7H5mcprKsXvg5
+PnzS3R1ajBHUJjBYM0XctoCM6ynw1kKDfWAs0qmxZGcuXiGPuDSeA1M/m3QHxvC
tWt90lIcaMMiwCAhleZV3G8ryIDKplnoAu1a68KFtUQOISsvfJ8vFoh8kY3cSVfl
+HBjrYvVUPM0fAlEokCTunJVRN7bBO01WLFbpR5rri0K+HhMtgif3TmkQUJ/nd8q
FaJHoXiXj4/K+pKi1Bn1/6ZZe4RRjQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFE5s
MUYhfpYmGcbc1O/kCZeo+bgSMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82MUQzNEM0MkJFODcxMUVGOERBRjY1NTU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc7PMA0GCSqGSIb3DQEBCwUA
A4IBAQAAHbIggIZBvPAvM72Ge4ncoVN+csP9YMwj6A0OlzW7ZhUVcermgOAqZhHt
9pGy0qySYNjbRqHRO5HvEqpyxc7ZMXwlEV5RMww1N1lvtqFgsW4+GJngtW8X4C2c
hJQeQxx0WNGAHzoL8PecO+u8YVvMhlCS/MNI3y9Ww42YVnt3ZsHUYEoZOYDsIF5e
Zkn5nNqvofh/t0KyFhco61FL+zcFWqzLUaBsmAgirFU6W0ahSFhey3xJrSHjuE7V
MpuycV5oZTkJGLg60JL5yiwWTE4yqDc9Wu+j7LwDTT9+PksR0Xf+kaUHhOVDFBJc
EL/jVX5Wa0UFwZGgvkXo+SODjIip
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:46:51 2025 by rpki-client