Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/81A2CE72BDC311EFA0F0EA85762E951A.roa
File: 81A2CE72BDC311EFA0F0EA85762E951A.roa (raw, json)
Hash identifier: oJ9CLMfIFndtftraLE5WO8D8pPOCe88lle/QmEyfWp0=
Subject key identifier: 06:49:BA:3C:68:67:66:D7:3C:10:41:F6:71:E7:2D:DC:D5:E8:90:91
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E58B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/81A2CE72BDC311EFA0F0EA85762E951A.roa
Signing time: Thu 19 Dec 2024 04:41:26 +0000
ROA not before: Thu 19 Dec 2024 04:41:23 +0000
ROA not after: Wed 10 Dec 2025 04:41:23 +0000
asID: 984
IP address blocks: 45.206.104.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58763 (0xe58b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 19 04:41:23 2024 GMT
Not After : Dec 10 04:41:23 2025 GMT
Subject: CN=6763a3f6-07eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:43:bb:0c:cb:7f:c8:1e:4f:ae:fd:96:d7:82:
ee:43:ce:bc:98:1b:a9:6f:31:af:1d:f7:0a:e5:e8:
50:b4:a0:9d:61:43:b6:9e:be:72:66:71:cb:34:da:
03:88:08:38:49:11:f2:33:ec:d9:42:88:ae:5b:7e:
d4:fa:da:25:7c:86:ec:dc:0b:f6:53:58:e7:19:29:
36:ed:03:a6:98:00:74:ef:28:8b:5b:e3:35:25:e6:
cf:d8:5e:e1:13:ea:a4:c3:e9:5c:0c:5b:bf:a7:a7:
6d:7b:10:b2:df:55:32:f7:d3:a9:8d:0a:05:8b:05:
bb:49:cd:c4:8e:e6:78:22:f0:9a:4a:b3:91:e9:53:
f4:37:03:c2:17:d3:59:04:ac:7e:26:3f:65:64:8b:
4a:25:95:02:eb:b8:46:fb:91:8c:ba:42:32:68:2e:
4b:50:b2:0d:7a:3a:e6:3b:c5:7a:33:ce:e4:ea:ac:
77:33:ae:47:77:ca:92:75:bd:83:2c:a8:b1:ab:6c:
cc:bd:8c:dd:fd:5f:23:23:f2:b4:69:87:8c:50:6c:
21:94:af:3b:86:3c:08:4f:16:ae:3b:4b:f1:b3:03:
7e:cc:a2:bc:af:ef:14:50:be:d5:bb:08:ef:51:2e:
3a:f5:c0:ba:d7:a3:85:87:10:84:e1:c5:e2:91:34:
fb:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:49:BA:3C:68:67:66:D7:3C:10:41:F6:71:E7:2D:DC:D5:E8:90:91
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/81A2CE72BDC311EFA0F0EA85762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.206.104.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:a5:c5:92:94:d0:32:4a:8d:d1:03:a1:e1:63:eb:44:88:33:
4f:35:2f:75:38:6d:33:db:92:b7:b0:33:66:d3:21:bb:e3:cd:
10:c2:f3:be:ab:4d:a2:de:42:c6:a9:a2:d5:20:56:d2:f7:59:
ad:dd:98:16:58:58:1c:68:bc:ab:df:55:3f:b9:c7:95:a2:e4:
11:58:92:74:22:de:de:d3:ca:39:d5:cb:a3:ba:73:35:d2:c4:
ec:1b:a0:56:8b:8b:fa:f3:2f:bd:8b:05:a9:f4:d0:b9:dd:a3:
6e:13:31:c0:68:9b:40:19:15:6a:b5:0b:6a:a9:32:6d:fd:e8:
46:37:df:76:f0:4f:0a:56:d6:20:30:53:1e:50:aa:06:57:fe:
e7:f1:27:0e:53:d8:98:26:80:d6:34:d9:9b:d6:70:79:18:28:
92:df:6e:c0:9a:02:21:08:27:66:29:bf:15:10:27:55:a7:21:
33:72:0e:a6:33:f0:b1:fc:14:0b:3f:f2:1e:28:45:a3:27:26:
03:5f:b9:45:3f:09:61:6a:1c:a2:dc:43:3b:35:57:71:f6:a1:
69:9f:e3:bf:98:3f:1a:a1:1c:9d:e7:94:a7:72:ec:9d:57:05:
07:e9:22:5b:06:87:c5:f1:bb:05:bc:55:59:7e:e1:8d:39:95:
8b:fc:10:e0
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOWLMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjE5MDQ0MTIzWhcNMjUxMjEwMDQ0MTIzWjAYMRYw
FAYDVQQDEw02NzYzYTNmNi0wN2ViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzUO7DMt/yB5Prv2W14LuQ868mBupbzGvHfcK5ehQtKCdYUO2nr5yZnHL
NNoDiAg4SRHyM+zZQoiuW37U+tolfIbs3Av2U1jnGSk27QOmmAB07yiLW+M1JebP
2F7hE+qkw+lcDFu/p6dtexCy31Uy99OpjQoFiwW7Sc3EjuZ4IvCaSrOR6VP0NwPC
F9NZBKx+Jj9lZItKJZUC67hG+5GMukIyaC5LULINejrmO8V6M87k6qx3M65Hd8qS
db2DLKixq2zMvYzd/V8jI/K0aYeMUGwhlK87hjwITxauO0vxswN+zKK8r+8UUL7V
uwjvUS469cC616OFhxCE4cXikTT74QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAZJ
ujxoZ2bXPBBB9nHnLdzV6JCRMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84MUEyQ0U3MkJEQzMxMUVGQTBGMEVBODU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc5oMA0GCSqGSIb3DQEBCwUA
A4IBAQAbpcWSlNAySo3RA6HhY+tEiDNPNS91OG0z25K3sDNm0yG7480QwvO+q02i
3kLGqaLVIFbS91mt3ZgWWFgcaLyr31U/uceVouQRWJJ0It7e08o51cujunM10sTs
G6BWi4v68y+9iwWp9NC53aNuEzHAaJtAGRVqtQtqqTJt/ehGN9928E8KVtYgMFMe
UKoGV/7n8ScOU9iYJoDWNNmb1nB5GCiS327AmgIhCCdmKb8VECdVpyEzcg6mM/Cx
/BQLP/IeKEWjJyYDX7lFPwlhahyi3EM7NVdx9qFpn+O/mD8aoRyd55SncuydVwUH
6SJbBofF8bsFvFVZfuGNOZWL/BDg
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:46:35 2025 by rpki-client