Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8BE7F2DABE8711EFA1E53F57762E951A.roa
File: 8BE7F2DABE8711EFA1E53F57762E951A.roa (raw, json)
Hash identifier: gc9hzz19s4Qzu9sRw735brTvZi9SQsYTgRp0EdGZvio=
Subject key identifier: 76:96:75:F7:61:F9:54:E4:48:07:36:B9:58:00:84:E8:3C:BD:08:C0
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E69A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8BE7F2DABE8711EFA1E53F57762E951A.roa
Signing time: Fri 20 Dec 2024 04:04:45 +0000
ROA not before: Fri 20 Dec 2024 04:04:41 +0000
ROA not after: Wed 10 Dec 2025 04:04:41 +0000
asID: 984
IP address blocks: 45.206.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59034 (0xe69a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 20 04:04:41 2024 GMT
Not After : Dec 10 04:04:41 2025 GMT
Subject: CN=6764ecdd-954a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f5:9a:0e:03:71:1a:2e:5f:62:6d:d2:5f:64:
a7:6e:f1:a5:be:eb:c2:1e:2d:70:61:d4:b0:60:d8:
f0:1c:87:9c:e3:f9:98:30:b6:c2:1a:5a:26:4e:03:
e2:b0:b0:4d:59:25:83:ec:e7:c4:40:5a:e4:a9:55:
95:bd:dd:f1:63:8d:25:37:0f:ea:33:fc:37:65:2a:
89:62:23:82:ef:7a:b8:fb:6b:92:b0:d2:d6:00:2a:
e0:56:cb:5b:0f:7e:db:82:89:45:6a:65:0f:bc:8b:
7a:0e:d8:2a:63:a2:52:4b:8a:d7:4c:9a:27:3f:06:
83:bb:95:ac:35:ec:36:bb:d4:a1:b7:c1:17:e0:b7:
8d:78:6a:d6:4b:67:d5:f0:8e:0f:3e:68:5c:9b:f8:
59:9a:c3:a2:88:d7:93:ed:0c:3d:74:c2:74:b9:b8:
73:21:03:03:cf:34:87:e5:68:de:f9:61:d1:d5:e9:
0b:5b:a4:50:68:de:04:2d:8d:d6:2f:3c:f1:2a:8b:
cc:c7:b4:04:f6:d6:a9:2e:e5:22:46:a4:90:1f:53:
fb:9c:4a:d3:b8:79:4a:09:4d:fc:d1:0d:ac:7e:ce:
37:f2:b6:20:75:2c:1f:99:b6:12:6d:7b:a6:3b:97:
bc:be:e9:97:b4:97:9a:b0:a2:49:a9:e5:fb:87:e2:
0f:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:96:75:F7:61:F9:54:E4:48:07:36:B9:58:00:84:E8:3C:BD:08:C0
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8BE7F2DABE8711EFA1E53F57762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.206.208.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:f3:d4:a8:5f:9f:f1:a9:92:83:2e:1f:00:0c:ac:95:f1:8b:
43:df:50:0d:98:69:ee:5e:43:89:ae:d2:51:73:4b:f9:76:bb:
36:9c:4a:b2:6f:c2:06:5b:59:b6:a2:4c:30:3e:84:9b:29:d8:
80:ce:bb:a8:ba:37:13:29:66:e6:0f:15:2d:7d:bc:94:fc:1b:
54:46:8e:b8:89:3a:77:84:a5:2b:d3:c0:40:aa:53:69:3c:f2:
6a:a0:36:89:2a:e5:9a:90:fb:9c:86:0e:e2:9e:e5:12:c1:1a:
88:ff:56:9d:3d:d9:c7:f0:8f:93:b4:fc:c4:6c:61:74:13:a5:
9c:bb:2c:46:cc:57:fc:b6:14:eb:bf:70:48:1f:89:43:37:8d:
fd:6b:72:fa:17:5f:5f:e0:cd:83:30:66:c6:e3:1e:b9:90:70:
6d:d3:aa:18:02:c4:d1:64:9f:d8:af:ad:d1:d5:37:e6:19:38:
0f:a7:9d:b6:40:58:a0:7e:36:7b:1e:62:28:3a:92:ab:a1:1a:
a4:16:35:01:7e:6e:a5:8f:e7:bb:cd:7d:98:68:d4:2c:b1:f0:
28:77:a8:7c:2e:33:27:7a:2d:36:b7:25:80:68:36:02:b5:c1:
d1:b4:c7:d9:de:fa:dd:1f:c1:93:c9:18:60:80:c1:1c:5f:33:
9f:c5:1a:60
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOaaMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjIwMDQwNDQxWhcNMjUxMjEwMDQwNDQxWjAYMRYw
FAYDVQQDEw02NzY0ZWNkZC05NTRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsfWaDgNxGi5fYm3SX2SnbvGlvuvCHi1wYdSwYNjwHIec4/mYMLbCGlom
TgPisLBNWSWD7OfEQFrkqVWVvd3xY40lNw/qM/w3ZSqJYiOC73q4+2uSsNLWACrg
VstbD37bgolFamUPvIt6DtgqY6JSS4rXTJonPwaDu5WsNew2u9Sht8EX4LeNeGrW
S2fV8I4PPmhcm/hZmsOiiNeT7Qw9dMJ0ubhzIQMDzzSH5Wje+WHR1ekLW6RQaN4E
LY3WLzzxKovMx7QE9tapLuUiRqSQH1P7nErTuHlKCU380Q2sfs438rYgdSwfmbYS
bXumO5e8vumXtJeasKJJqeX7h+IPMQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHaW
dfdh+VTkSAc2uVgAhOg8vQjAMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84QkU3RjJEQUJFODcxMUVGQTFFNTNGNTc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc7QMA0GCSqGSIb3DQEBCwUA
A4IBAQCm89SoX5/xqZKDLh8ADKyV8YtD31ANmGnuXkOJrtJRc0v5drs2nEqyb8IG
W1m2okwwPoSbKdiAzruoujcTKWbmDxUtfbyU/BtURo64iTp3hKUr08BAqlNpPPJq
oDaJKuWakPuchg7inuUSwRqI/1adPdnH8I+TtPzEbGF0E6WcuyxGzFf8thTrv3BI
H4lDN439a3L6F19f4M2DMGbG4x65kHBt06oYAsTRZJ/Yr63R1TfmGTgPp522QFig
fjZ7HmIoOpKroRqkFjUBfm6lj+e7zX2YaNQssfAod6h8LjMnei02tyWAaDYCtcHR
tMfZ3vrdH8GTyRhggMEcXzOfxRpg
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:53:59 2025 by rpki-client