Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8B1607C4BE8811EFAE9A1F5C762E951A.roa
File: 8B1607C4BE8811EFAE9A1F5C762E951A.roa (raw, json)
Hash identifier: jkSZ7UU7VDt/oukhx1lOTdy2a2g9Ps+NnSuIZrxtrI8=
Subject key identifier: E8:DB:23:81:E0:3B:4F:36:BE:DA:BF:F0:FC:D6:71:A6:60:BF:6C:58
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E6A6
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8B1607C4BE8811EFAE9A1F5C762E951A.roa
Signing time: Fri 20 Dec 2024 04:11:53 +0000
ROA not before: Fri 20 Dec 2024 04:11:49 +0000
ROA not after: Wed 10 Dec 2025 04:11:49 +0000
asID: 984
IP address blocks: 45.206.214.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59046 (0xe6a6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 20 04:11:49 2024 GMT
Not After : Dec 10 04:11:49 2025 GMT
Subject: CN=6764ee89-4905
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:76:66:75:88:19:dd:89:cd:99:39:6a:b0:4b:
78:13:c2:0f:98:5c:4b:6d:70:b4:93:93:8e:5a:ac:
86:4a:9d:ab:40:a1:5c:f8:4b:12:50:55:f8:cf:53:
8e:12:7e:00:78:cf:ce:58:e5:f0:9c:fd:c1:f8:e8:
c9:9e:fc:79:7c:be:71:f3:83:95:c3:58:df:92:56:
0c:8d:93:e1:c3:1c:66:61:13:f8:83:e0:f3:84:2f:
60:35:a9:16:c7:76:14:3c:ed:bc:6a:22:fe:63:50:
59:0f:ea:18:de:60:99:03:b1:9d:bc:84:27:b6:4f:
7b:0b:60:c7:6f:a9:9b:9e:ff:8e:ee:36:a9:f6:03:
2b:e0:a7:bf:ed:d5:21:f2:6e:6c:84:38:00:cb:ea:
8d:36:ee:90:f0:a5:a8:5c:8e:5e:08:54:4c:3f:90:
83:a5:92:45:fd:0e:d6:4b:3c:3f:e8:9f:0a:26:e2:
06:c7:94:30:a6:ba:f5:ba:66:d7:12:23:c5:04:cd:
66:3c:10:2f:71:24:c3:40:eb:ac:b3:de:dd:60:a1:
95:ab:69:f2:59:67:d2:03:ff:9f:22:e0:2b:c4:5e:
eb:78:ed:a2:4c:d3:20:39:78:19:de:8b:a8:27:20:
73:0e:8d:d9:f8:d9:88:5f:b8:93:7f:10:ee:43:54:
12:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:DB:23:81:E0:3B:4F:36:BE:DA:BF:F0:FC:D6:71:A6:60:BF:6C:58
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8B1607C4BE8811EFAE9A1F5C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.206.214.0/24
Signature Algorithm: sha256WithRSAEncryption
28:40:c7:19:2d:10:14:8a:4b:78:29:a9:d9:97:48:e9:9b:58:
95:01:50:9e:03:3b:10:5b:12:0e:a5:87:11:a1:03:f6:4e:45:
c0:b9:9c:8b:c3:32:84:b9:eb:3a:15:68:82:7d:8a:d3:64:2f:
78:37:fd:0c:a1:de:67:ee:13:f5:e4:1d:64:9f:59:83:cd:fd:
8f:3d:ca:59:81:3f:76:03:57:39:a3:c6:f6:80:74:e6:8d:94:
5b:49:02:a2:65:44:b4:de:73:63:ed:2c:23:c5:c3:94:59:88:
e3:74:89:fb:d0:d6:c9:0f:9b:18:5e:41:c3:aa:8b:a2:a3:fc:
87:2f:e4:9a:db:fc:80:1c:4f:40:40:27:28:6e:5f:48:4c:42:
f3:55:fa:8f:7f:ac:1f:5c:1f:a3:82:1a:38:88:b7:23:1e:76:
09:47:84:3e:b2:f2:97:4c:82:2b:5b:5f:ab:58:aa:fb:b9:12:
f2:4f:9c:cc:cf:d5:60:b2:1f:56:a0:5b:a4:47:97:3f:ae:69:
41:20:af:4a:5b:67:5e:e1:21:69:4c:d4:0c:71:a2:8c:fd:5e:
f2:53:99:b1:62:43:85:c8:20:87:6f:16:39:44:0d:a0:de:ce:
02:90:df:e6:d9:0a:8f:28:ab:48:b4:3e:c6:d2:5f:c4:e7:1d:
dd:71:91:cf
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOamMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjIwMDQxMTQ5WhcNMjUxMjEwMDQxMTQ5WjAYMRYw
FAYDVQQDEw02NzY0ZWU4OS00OTA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7XZmdYgZ3YnNmTlqsEt4E8IPmFxLbXC0k5OOWqyGSp2rQKFc+EsSUFX4
z1OOEn4AeM/OWOXwnP3B+OjJnvx5fL5x84OVw1jfklYMjZPhwxxmYRP4g+DzhC9g
NakWx3YUPO28aiL+Y1BZD+oY3mCZA7GdvIQntk97C2DHb6mbnv+O7jap9gMr4Ke/
7dUh8m5shDgAy+qNNu6Q8KWoXI5eCFRMP5CDpZJF/Q7WSzw/6J8KJuIGx5Qwprr1
umbXEiPFBM1mPBAvcSTDQOuss97dYKGVq2nyWWfSA/+fIuArxF7reO2iTNMgOXgZ
3ouoJyBzDo3Z+NmIX7iTfxDuQ1QS2wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOjb
I4HgO082vtq/8PzWcaZgv2xYMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84QjE2MDdDNEJFODgxMUVGQUU5QTFGNUM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc7WMA0GCSqGSIb3DQEBCwUA
A4IBAQAoQMcZLRAUikt4KanZl0jpm1iVAVCeAzsQWxIOpYcRoQP2TkXAuZyLwzKE
ues6FWiCfYrTZC94N/0Mod5n7hP15B1kn1mDzf2PPcpZgT92A1c5o8b2gHTmjZRb
SQKiZUS03nNj7SwjxcOUWYjjdIn70NbJD5sYXkHDqouio/yHL+Sa2/yAHE9AQCco
bl9ITELzVfqPf6wfXB+jgho4iLcjHnYJR4Q+svKXTIIrW1+rWKr7uRLyT5zMz9Vg
sh9WoFukR5c/rmlBIK9KW2de4SFpTNQMcaKM/V7yU5mxYkOFyCCHbxY5RA2g3s4C
kN/m2QqPKKtItD7G0l/E5x3dcZHP
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:49:11 2025 by rpki-client