Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/87B367E6BE8A11EFA1E3C968762E951A.roa
File: 87B367E6BE8A11EFA1E3C968762E951A.roa (raw, json)
Hash identifier: 6bTmsV4ygCah1XJc5KF7JB5wUrXeS+GYaPpkRXR3Ob0=
Subject key identifier: FB:77:4C:C0:CC:38:F4:83:00:6B:35:5E:36:A8:C4:16:47:D7:84:DF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E6BE
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/87B367E6BE8A11EFA1E3C968762E951A.roa
Signing time: Fri 20 Dec 2024 04:26:06 +0000
ROA not before: Fri 20 Dec 2024 04:26:03 +0000
ROA not after: Wed 10 Dec 2025 04:26:03 +0000
asID: 984
IP address blocks: 45.206.226.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59070 (0xe6be)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 20 04:26:03 2024 GMT
Not After : Dec 10 04:26:03 2025 GMT
Subject: CN=6764f1de-9c9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:7f:e9:f3:75:8f:2d:2f:d9:ac:b5:5f:30:a9:
f7:ed:15:2e:d7:90:33:69:ac:17:3b:18:fa:1f:00:
b7:85:24:61:79:7b:f9:82:1a:60:29:5c:57:56:59:
3d:62:a0:9a:17:f0:c9:8f:33:3a:04:fc:35:ee:17:
bc:51:c8:ac:93:fa:96:6f:42:f1:00:8e:d9:f6:28:
1c:df:3f:4c:33:55:ef:7f:f5:ef:e4:5a:0f:3a:3b:
eb:3f:e1:89:88:88:b1:32:b1:a5:64:31:ad:6c:11:
8b:e1:e0:70:73:9a:07:f1:44:77:fe:3f:4e:b2:0c:
4e:b8:e5:53:8b:0c:4a:8a:38:f0:2c:f2:c8:ee:1b:
e2:bd:af:67:fb:3a:26:5a:40:f7:ef:8c:31:0c:38:
27:8a:c8:1c:63:71:c2:51:0c:b0:13:31:8b:22:b9:
2b:69:cf:41:59:da:f3:05:1e:0f:3b:5e:7e:ff:f6:
76:df:f5:9c:ce:39:c7:ce:e2:7a:b4:3d:65:52:61:
99:08:21:7d:10:8f:36:21:2a:d8:73:19:0d:1d:b3:
c0:91:fa:22:13:84:d5:db:79:9d:e9:95:4d:b3:18:
91:12:db:2d:e0:0a:99:83:70:bc:a0:cc:f5:ce:79:
71:e7:3c:34:6c:46:94:3c:c0:8a:01:7b:f9:6b:9a:
ad:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:77:4C:C0:CC:38:F4:83:00:6B:35:5E:36:A8:C4:16:47:D7:84:DF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/87B367E6BE8A11EFA1E3C968762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.206.226.0/24
Signature Algorithm: sha256WithRSAEncryption
71:51:00:07:ea:78:3e:c5:19:77:68:f8:4c:82:ec:29:2c:95:
0d:cc:9a:23:41:94:26:c5:ef:57:50:b5:7f:6c:5b:01:db:9a:
55:9d:1e:4d:1e:3a:53:68:35:8f:39:a1:7a:78:3f:fa:5d:f5:
f6:05:4e:ba:93:88:5e:d3:e9:30:60:f6:69:6a:40:e7:55:31:
6d:95:c9:08:c8:cf:46:e6:23:91:ed:92:44:2c:56:e9:ba:02:
80:66:ab:5c:1b:80:a6:f8:01:f7:66:10:56:8a:1e:01:37:ad:
0e:8d:92:25:35:77:dd:f9:45:57:e7:a9:c1:f3:48:7c:d3:e0:
5c:e4:df:2d:3e:82:36:42:bf:a6:54:f6:52:7a:56:cf:76:a4:
1c:4a:63:f2:13:f2:8d:1e:64:b7:d9:a5:e6:12:4e:4c:3f:09:
9a:04:eb:da:96:4b:bf:97:56:2d:f2:2d:a7:83:3b:c8:d3:59:
18:33:4f:15:29:89:f9:21:b5:8b:98:31:92:43:fe:ac:ad:fe:
f1:32:ce:6c:ca:6e:c5:47:06:c2:dc:e4:3f:43:f2:94:5b:f3:
f9:27:7e:b8:bb:97:85:28:b6:cd:9d:14:d5:cf:d6:d5:fc:d9:
46:1b:51:78:83:0d:eb:59:0c:3c:ce:0b:82:f2:25:c1:ed:42:
f7:27:bb:7f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOa+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjIwMDQyNjAzWhcNMjUxMjEwMDQyNjAzWjAYMRYw
FAYDVQQDEw02NzY0ZjFkZS05YzliMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv3/p83WPLS/ZrLVfMKn37RUu15AzaawXOxj6HwC3hSRheXv5ghpgKVxX
Vlk9YqCaF/DJjzM6BPw17he8Ucisk/qWb0LxAI7Z9igc3z9MM1Xvf/Xv5FoPOjvr
P+GJiIixMrGlZDGtbBGL4eBwc5oH8UR3/j9OsgxOuOVTiwxKijjwLPLI7hviva9n
+zomWkD374wxDDgnisgcY3HCUQywEzGLIrkrac9BWdrzBR4PO15+//Z23/WczjnH
zuJ6tD1lUmGZCCF9EI82ISrYcxkNHbPAkfoiE4TV23md6ZVNsxiREtst4AqZg3C8
oMz1znlx5zw0bEaUPMCKAXv5a5qtcQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPt3
TMDMOPSDAGs1XjaoxBZH14TfMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84N0IzNjdFNkJFOEExMUVGQTFFM0M5Njg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc7iMA0GCSqGSIb3DQEBCwUA
A4IBAQBxUQAH6ng+xRl3aPhMguwpLJUNzJojQZQmxe9XULV/bFsB25pVnR5NHjpT
aDWPOaF6eD/6XfX2BU66k4he0+kwYPZpakDnVTFtlckIyM9G5iOR7ZJELFbpugKA
ZqtcG4Cm+AH3ZhBWih4BN60OjZIlNXfd+UVX56nB80h80+Bc5N8tPoI2Qr+mVPZS
elbPdqQcSmPyE/KNHmS32aXmEk5MPwmaBOvalku/l1Yt8i2ngzvI01kYM08VKYn5
IbWLmDGSQ/6srf7xMs5sym7FRwbC3OQ/Q/KUW/P5J364u5eFKLbNnRTVz9bV/NlG
G1F4gw3rWQw8zguC8iXB7UL3J7t/
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:38:29 2025 by rpki-client