Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/705BE4ECCF5B11EFBBA148B4762E951A.roa
File: 705BE4ECCF5B11EFBBA148B4762E951A.roa (raw, json)
Hash identifier: HadcFIgIlvPYK+MPgRRzOGmdxuFDrnzjsp7caIsZf48=
Subject key identifier: 65:27:84:AA:C2:BB:F3:EA:4E:DC:0C:F8:96:88:F2:1D:1B:BC:37:90
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01054B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/705BE4ECCF5B11EFBBA148B4762E951A.roa
Signing time: Fri 10 Jan 2025 14:01:51 +0000
ROA not before: Fri 10 Jan 2025 14:01:46 +0000
ROA not after: Wed 10 Dec 2025 14:01:46 +0000
asID: 984
IP address blocks: 45.206.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66891 (0x1054b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 10 14:01:46 2025 GMT
Not After : Dec 10 14:01:46 2025 GMT
Subject: CN=6781284f-0927
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:f1:dd:78:e6:e1:78:f4:b5:a0:96:e7:c7:0b:
18:86:b9:6e:9a:30:51:71:37:d4:fe:0c:af:4c:bf:
91:85:bc:f7:34:15:9d:19:e1:75:1a:1a:60:83:57:
a3:25:57:c3:58:c8:3b:10:b6:8f:66:b2:f2:ab:15:
34:25:e5:ac:41:db:53:17:58:47:5f:f9:6f:34:15:
08:a5:d0:e5:cf:1a:8c:e1:58:87:7d:ed:92:31:85:
ce:c5:12:bc:32:d0:a0:b3:b9:30:ac:2b:50:a7:57:
3e:03:6e:cf:1b:ea:7f:55:ec:a0:f4:03:ad:39:8b:
6f:e4:56:d4:55:08:af:a4:17:5a:0d:37:cf:69:4a:
81:69:8c:8c:c5:4d:b7:9f:6b:45:c6:7f:d4:10:02:
19:3c:65:f3:89:00:0f:02:aa:40:c8:74:85:e2:17:
53:50:17:ac:3b:58:c4:cd:01:97:30:17:23:6b:dc:
f8:6f:a5:2d:63:2a:98:33:b3:90:ce:0f:9c:b9:99:
ed:9f:c3:1f:96:c1:5e:09:6d:83:e5:04:b1:09:47:
2b:98:1b:9e:fb:a1:a4:36:bf:22:f1:77:36:e2:40:
5b:27:84:36:1e:6a:70:02:08:1b:59:83:7f:3a:61:
d6:28:03:01:40:be:1d:cf:32:34:3e:bd:a1:be:18:
a9:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:27:84:AA:C2:BB:F3:EA:4E:DC:0C:F8:96:88:F2:1D:1B:BC:37:90
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/705BE4ECCF5B11EFBBA148B4762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.206.187.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:5d:8b:29:1d:fc:63:6a:93:b6:7a:96:a5:a0:e1:77:7b:c0:
61:28:a4:84:ba:89:97:63:32:59:c1:c4:3f:44:30:1a:44:74:
25:29:a6:93:14:6d:72:89:e8:e6:dc:5e:2c:52:6e:e6:bc:53:
42:46:fe:15:46:54:1e:b0:fe:42:c2:cb:b5:4c:87:cd:b0:34:
10:d4:84:9f:e3:ad:29:1a:2c:2b:4d:cf:15:c5:98:01:d1:2a:
e2:79:de:ed:3d:f7:9c:5e:83:36:ac:30:54:c9:7f:b3:0d:d6:
56:2d:34:c2:12:25:c2:48:0b:14:00:a7:1c:05:ef:60:e4:12:
e3:39:a4:92:49:5e:65:22:ea:be:01:0d:af:02:68:89:1a:8e:
1d:a4:4d:d6:fc:f6:e7:8a:62:dd:ff:6c:a3:2d:69:60:bf:a9:
0e:63:94:7a:3e:40:48:b4:c7:da:41:42:f4:12:c0:85:53:d5:
80:fe:10:4f:0e:b7:db:77:15:6e:66:21:86:cd:1c:42:fd:c0:
be:10:65:39:6f:dd:ad:40:55:3b:bd:0b:ea:8c:04:81:66:0b:
e2:92:ed:08:e8:cb:7c:7b:10:05:af:c5:18:38:cc:4b:ff:8f:
2e:81:96:96:c2:80:1a:60:59:1d:96:9d:c1:03:b1:e1:a5:75:
f5:b3:bc:c6
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQVLMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTEwMTQwMTQ2WhcNMjUxMjEwMTQwMTQ2WjAYMRYw
FAYDVQQDEw02NzgxMjg0Zi0wOTI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsvHdeObhePS1oJbnxwsYhrlumjBRcTfU/gyvTL+Rhbz3NBWdGeF1Ghpg
g1ejJVfDWMg7ELaPZrLyqxU0JeWsQdtTF1hHX/lvNBUIpdDlzxqM4ViHfe2SMYXO
xRK8MtCgs7kwrCtQp1c+A27PG+p/Veyg9AOtOYtv5FbUVQivpBdaDTfPaUqBaYyM
xU23n2tFxn/UEAIZPGXziQAPAqpAyHSF4hdTUBesO1jEzQGXMBcja9z4b6UtYyqY
M7OQzg+cuZntn8MflsFeCW2D5QSxCUcrmBue+6GkNr8i8Xc24kBbJ4Q2HmpwAggb
WYN/OmHWKAMBQL4dzzI0Pr2hvhip1wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGUn
hKrCu/PqTtwM+JaI8h0bvDeQMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83MDVCRTRFQ0NGNUIxMUVGQkJBMTQ4QjQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc67MA0GCSqGSIb3DQEBCwUA
A4IBAQBdXYspHfxjapO2epaloOF3e8BhKKSEuomXYzJZwcQ/RDAaRHQlKaaTFG1y
iejm3F4sUm7mvFNCRv4VRlQesP5Cwsu1TIfNsDQQ1ISf460pGiwrTc8VxZgB0Sri
ed7tPfecXoM2rDBUyX+zDdZWLTTCEiXCSAsUAKccBe9g5BLjOaSSSV5lIuq+AQ2v
AmiJGo4dpE3W/PbnimLd/2yjLWlgv6kOY5R6PkBItMfaQUL0EsCFU9WA/hBPDrfb
dxVuZiGGzRxC/cC+EGU5b92tQFU7vQvqjASBZgviku0I6Mt8exAFr8UYOMxL/48u
gZaWwoAaYFkdlp3BA7HhpXX1s7zG
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:42:58 2025 by rpki-client