Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/659C45ECBE8F11EF846FC487762E951A.roa
File: 659C45ECBE8F11EF846FC487762E951A.roa (raw, json)
Hash identifier: BEXbF32x1HSYC5uRovgsAvIAoF036wP09sPxwZmCMQY=
Subject key identifier: 37:FB:3D:82:C2:92:16:55:6B:86:A7:5E:ED:EA:5B:2E:3F:2D:A7:53
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E6F8
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/659C45ECBE8F11EF846FC487762E951A.roa
Signing time: Fri 20 Dec 2024 05:00:57 +0000
ROA not before: Fri 20 Dec 2024 05:00:53 +0000
ROA not after: Wed 10 Dec 2025 05:00:53 +0000
asID: 984
IP address blocks: 45.206.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59128 (0xe6f8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 20 05:00:53 2024 GMT
Not After : Dec 10 05:00:53 2025 GMT
Subject: CN=6764fa09-4b8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:ad:5d:97:b7:28:59:6b:a1:0b:55:c8:2b:dd:
55:0d:ba:8d:2c:18:f6:2f:fa:5b:42:9b:9d:1d:b1:
57:48:d8:e0:9d:5a:61:70:ee:b4:ca:a8:48:8c:30:
29:f0:2e:48:31:e4:34:d3:3f:1a:35:e9:06:42:66:
87:75:31:00:25:21:12:e0:74:62:34:30:96:65:c8:
f8:c9:c9:43:22:96:93:a4:0e:9a:30:07:55:bf:3d:
f0:54:78:4a:9e:d1:31:1a:1e:0b:76:51:e4:9e:f2:
bd:99:a1:e2:a5:65:2d:4a:bb:a3:3a:78:ea:3f:9c:
30:bc:c5:dd:c4:ff:2b:5f:e1:81:33:fd:d8:d1:5c:
3c:71:b3:06:da:0e:48:3a:27:31:00:01:c3:45:bd:
2a:2b:bc:81:58:30:0d:51:aa:71:0f:67:61:c3:fd:
e5:78:37:a6:da:50:32:91:8b:97:13:08:6d:f3:40:
48:03:7c:78:74:9c:dd:e8:e3:82:65:8e:d1:42:c9:
84:d6:09:5f:f3:d6:53:41:7a:af:f0:3f:dd:83:4f:
24:73:9f:34:2c:54:c7:cf:ff:05:41:e8:39:18:0f:
b8:e6:62:45:5a:7f:96:97:87:03:94:24:21:04:61:
7a:50:61:c5:c2:77:9f:44:23:19:15:69:a6:39:74:
06:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:FB:3D:82:C2:92:16:55:6B:86:A7:5E:ED:EA:5B:2E:3F:2D:A7:53
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/659C45ECBE8F11EF846FC487762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.206.255.0/24
Signature Algorithm: sha256WithRSAEncryption
24:c8:4f:f2:28:63:38:04:bc:7d:24:ce:c5:f8:26:c4:7b:91:
6b:ce:7d:ec:54:19:01:ce:fb:b1:ab:36:5e:29:39:b4:a7:6e:
e0:df:0d:55:45:03:55:b0:52:04:db:51:06:60:73:01:30:4e:
19:8f:b0:9a:5e:f1:a5:01:3d:c6:cf:ee:a4:16:13:13:ce:19:
fb:2c:1c:e0:f3:4b:e0:db:46:8a:78:05:d0:db:97:13:f7:03:
82:d4:d7:bc:f4:c8:da:3a:b2:d2:63:db:61:73:5c:3c:a4:f0:
3b:b5:aa:70:fd:10:09:ff:bc:3b:95:f8:d6:75:a0:ce:e9:8c:
69:0f:ca:ab:50:d1:b8:b8:81:a1:e7:4b:ce:5a:02:4a:49:12:
46:64:e5:5d:8e:a4:d0:82:bd:25:ad:da:ee:55:16:85:98:c3:
a9:6f:82:89:b9:69:11:ba:93:50:18:11:4f:a5:f3:30:a4:b3:
30:e1:c0:89:04:9d:5a:a1:35:2d:30:4e:87:d1:c7:e9:bd:87:
50:a2:46:4c:12:dc:0f:f1:38:90:ad:ae:21:aa:7b:58:93:7a:
1f:4b:ef:31:58:5b:aa:58:05:19:2e:0f:20:39:cb:96:4c:cf:
af:08:42:ae:a5:4e:86:1a:81:34:c9:37:d9:0f:07:14:75:89:
e3:59:f2:1b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOb4MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjIwMDUwMDUzWhcNMjUxMjEwMDUwMDUzWjAYMRYw
FAYDVQQDEw02NzY0ZmEwOS00YjhkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAo61dl7coWWuhC1XIK91VDbqNLBj2L/pbQpudHbFXSNjgnVphcO60yqhI
jDAp8C5IMeQ00z8aNekGQmaHdTEAJSES4HRiNDCWZcj4yclDIpaTpA6aMAdVvz3w
VHhKntExGh4LdlHknvK9maHipWUtSrujOnjqP5wwvMXdxP8rX+GBM/3Y0Vw8cbMG
2g5IOicxAAHDRb0qK7yBWDANUapxD2dhw/3leDem2lAykYuXEwht80BIA3x4dJzd
6OOCZY7RQsmE1glf89ZTQXqv8D/dg08kc580LFTHz/8FQeg5GA+45mJFWn+Wl4cD
lCQhBGF6UGHFwnefRCMZFWmmOXQGTQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDf7
PYLCkhZVa4anXu3qWy4/LadTMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82NTlDNDVFQ0JFOEYxMUVGODQ2RkM0ODc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc7/MA0GCSqGSIb3DQEBCwUA
A4IBAQAkyE/yKGM4BLx9JM7F+CbEe5Frzn3sVBkBzvuxqzZeKTm0p27g3w1VRQNV
sFIE21EGYHMBME4Zj7CaXvGlAT3Gz+6kFhMTzhn7LBzg80vg20aKeAXQ25cT9wOC
1Ne89MjaOrLSY9thc1w8pPA7tapw/RAJ/7w7lfjWdaDO6YxpD8qrUNG4uIGh50vO
WgJKSRJGZOVdjqTQgr0lrdruVRaFmMOpb4KJuWkRupNQGBFPpfMwpLMw4cCJBJ1a
oTUtME6H0cfpvYdQokZMEtwP8TiQra4hqntYk3ofS+8xWFuqWAUZLg8gOcuWTM+v
CEKupU6GGoE0yTfZDwcUdYnjWfIb
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:49:42 2025 by rpki-client