Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6F63F124BDB311EFB4BFCF9B762E951A.roa
File: 6F63F124BDB311EFB4BFCF9B762E951A.roa (raw, json)
Hash identifier: Pi68PwrQIZwxYXlFxEqXp00w5/aY49ivMPa7QP0pTFM=
Subject key identifier: 8F:BE:7A:C0:51:B5:CD:CE:31:21:8A:0F:94:CB:77:BA:77:2E:0E:EF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E4CF
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6F63F124BDB311EFB4BFCF9B762E951A.roa
Signing time: Thu 19 Dec 2024 02:46:24 +0000
ROA not before: Thu 19 Dec 2024 02:46:20 +0000
ROA not after: Wed 10 Dec 2025 02:46:20 +0000
asID: 984
IP address blocks: 45.198.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58575 (0xe4cf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 19 02:46:20 2024 GMT
Not After : Dec 10 02:46:20 2025 GMT
Subject: CN=67638900-45c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:ed:44:56:2b:0a:49:cb:af:97:5b:54:57:34:
d4:1b:a3:4f:e9:82:ad:fc:fc:e1:cb:08:64:61:d6:
ae:0c:61:65:cb:af:00:e2:9c:45:e2:9f:d1:0a:56:
fb:88:ba:c0:d2:2c:d7:b1:94:04:93:a4:04:39:6e:
76:86:fe:d8:e4:d0:a5:6d:10:22:85:09:e4:91:46:
8f:96:c2:77:6a:51:63:af:98:6b:7c:a8:d1:34:69:
6a:6f:00:1c:93:83:80:ab:a4:89:26:1d:6d:c0:ec:
3b:22:c1:97:ed:ef:a6:39:72:ef:2c:6c:a8:51:09:
1b:93:16:57:de:0b:ce:5b:28:9d:c5:a9:01:ba:fa:
20:e8:b7:22:4a:75:72:4e:db:db:f4:12:8a:a4:59:
44:bb:78:f2:73:a8:72:ec:b0:49:81:b7:fb:f2:d5:
ad:cb:a3:a7:d0:32:a5:8e:2f:07:e3:22:b9:1a:15:
c0:c5:19:9e:c5:2e:ad:92:7e:e8:3b:f0:b8:6c:69:
49:43:ed:e7:b1:3f:ef:52:8c:3e:59:89:73:10:be:
b7:81:54:17:0b:66:8d:ef:62:93:4b:9d:cf:ea:8d:
20:d0:de:b5:10:d5:1e:f7:7e:5f:19:95:07:a2:4f:
ba:67:d7:33:53:d4:22:0d:67:20:63:04:ae:e1:80:
96:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:BE:7A:C0:51:B5:CD:CE:31:21:8A:0F:94:CB:77:BA:77:2E:0E:EF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6F63F124BDB311EFB4BFCF9B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.198.255.0/24
Signature Algorithm: sha256WithRSAEncryption
00:53:65:5c:fb:3c:59:db:e2:80:ad:e6:94:b1:31:db:61:18:
47:52:89:19:6e:46:c8:9b:bd:b7:38:90:55:ca:99:a7:73:3d:
01:2a:4e:61:bd:d0:f2:89:9b:09:7f:b1:72:34:37:96:8c:06:
6e:6e:d9:ce:6b:2f:da:49:e9:e5:a3:95:33:80:e1:4a:76:cc:
ed:32:3e:26:0e:52:59:1c:ea:65:b5:5e:63:df:df:dc:4e:36:
7b:ca:d1:d7:13:b3:54:08:5b:e1:64:11:27:7a:f4:9b:27:40:
83:22:83:f3:1d:3c:76:71:14:76:da:9d:6c:02:b2:ee:33:14:
9b:8d:e0:11:f9:9e:1d:30:3a:93:9c:ce:70:bf:78:df:c5:23:
ff:ec:4c:7d:16:a5:12:ae:e5:87:08:61:54:de:86:9d:4e:2d:
8b:1e:67:81:48:f3:9e:57:54:f5:08:ad:2c:7e:03:9f:d8:f4:
71:36:f2:dc:d4:b3:de:7e:e4:67:0c:9f:33:f6:2d:30:ba:c8:
62:86:68:c9:d1:c8:86:bd:40:b9:c9:42:e5:8c:2a:eb:63:d3:
06:2b:96:9a:60:f2:90:5e:d5:7f:52:a0:60:9a:e3:39:5f:66:
90:3f:31:34:a3:88:f8:7f:f7:b4:f8:d6:18:04:49:fa:f9:13:
ca:d7:30:e9
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOTPMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjE5MDI0NjIwWhcNMjUxMjEwMDI0NjIwWjAYMRYw
FAYDVQQDEw02NzYzODkwMC00NWM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA8O1EVisKScuvl1tUVzTUG6NP6YKt/PzhywhkYdauDGFly68A4pxF4p/R
Clb7iLrA0izXsZQEk6QEOW52hv7Y5NClbRAihQnkkUaPlsJ3alFjr5hrfKjRNGlq
bwAck4OAq6SJJh1twOw7IsGX7e+mOXLvLGyoUQkbkxZX3gvOWyidxakBuvog6Lci
SnVyTtvb9BKKpFlEu3jyc6hy7LBJgbf78tWty6On0DKlji8H4yK5GhXAxRmexS6t
kn7oO/C4bGlJQ+3nsT/vUow+WYlzEL63gVQXC2aN72KTS53P6o0g0N61ENUe935f
GZUHok+6Z9czU9QiDWcgYwSu4YCWXwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFI++
esBRtc3OMSGKD5TLd7p3Lg7vMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82RjYzRjEyNEJEQjMxMUVGQjRCRkNGOUI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcb/MA0GCSqGSIb3DQEBCwUA
A4IBAQAAU2Vc+zxZ2+KAreaUsTHbYRhHUokZbkbIm723OJBVypmncz0BKk5hvdDy
iZsJf7FyNDeWjAZubtnOay/aSenlo5UzgOFKdsztMj4mDlJZHOpltV5j39/cTjZ7
ytHXE7NUCFvhZBEnevSbJ0CDIoPzHTx2cRR22p1sArLuMxSbjeAR+Z4dMDqTnM5w
v3jfxSP/7Ex9FqUSruWHCGFU3oadTi2LHmeBSPOeV1T1CK0sfgOf2PRxNvLc1LPe
fuRnDJ8z9i0wushihmjJ0ciGvUC5yULljCrrY9MGK5aaYPKQXtV/UqBgmuM5X2aQ
PzE0o4j4f/e0+NYYBEn6+RPK1zDp
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:41:56 2025 by rpki-client