Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/93830474CF5A11EF8C3CC1AF762E951A.roa
File: 93830474CF5A11EF8C3CC1AF762E951A.roa (raw, json)
Hash identifier: 7txUJOXJ/Dx7suF1qJ3NfCk5pmnfDYRNP4K1PntUErA=
Subject key identifier: D6:8E:59:E3:56:A0:3E:52:D8:DD:96:DC:4A:1B:C7:4D:A8:26:B3:0D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010545
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/93830474CF5A11EF8C3CC1AF762E951A.roa
Signing time: Fri 10 Jan 2025 13:55:40 +0000
ROA not before: Fri 10 Jan 2025 13:55:36 +0000
ROA not after: Wed 10 Dec 2025 13:55:36 +0000
asID: 984
IP address blocks: 45.206.146.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66885 (0x10545)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 10 13:55:36 2025 GMT
Not After : Dec 10 13:55:36 2025 GMT
Subject: CN=678126dc-d610
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:73:52:33:44:e4:7a:7e:21:bd:fd:39:01:bc:
e4:ca:44:7c:61:17:64:60:3a:47:b7:bf:66:01:de:
be:c7:44:ed:5d:79:95:0e:ad:41:ba:a4:1a:b5:e1:
91:ce:6a:7a:ce:fb:28:58:38:d0:2e:89:95:97:b5:
62:bc:d2:3a:3c:55:4b:d7:0a:ba:71:0d:81:60:85:
28:a3:4d:55:ba:ac:b6:ba:9f:1f:e6:05:cb:c4:c2:
91:29:df:df:d7:43:4b:63:1e:b7:7c:bf:08:de:42:
ca:5a:5d:d0:07:17:6e:2a:0d:91:06:76:a9:b2:3a:
79:e0:ae:56:ba:68:71:b9:0d:d1:ad:db:e7:c1:3a:
bc:01:ea:54:ed:e9:37:2b:29:62:33:9b:6b:8b:5e:
b1:25:c7:3c:42:ad:45:8e:87:e1:dd:91:0d:ae:38:
f8:fa:b0:21:71:33:b8:9c:31:a0:5f:f8:94:48:bd:
9c:df:14:73:16:1c:29:23:24:32:2b:ab:71:2e:ff:
87:25:f6:b2:00:eb:ab:ce:99:d8:80:19:68:a6:69:
d8:14:0b:da:1d:0e:2b:ad:17:ab:74:9a:b8:23:c0:
6e:96:9c:69:3d:5f:8e:0a:c6:c4:d4:50:1e:e1:ca:
4d:dc:c6:8f:a0:90:a2:4f:21:b4:e6:82:c8:87:09:
93:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:8E:59:E3:56:A0:3E:52:D8:DD:96:DC:4A:1B:C7:4D:A8:26:B3:0D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/93830474CF5A11EF8C3CC1AF762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.206.146.0/24
Signature Algorithm: sha256WithRSAEncryption
54:3d:01:1e:98:24:62:cb:03:d7:da:30:45:de:c3:c7:9a:a0:
6d:83:80:91:5f:5c:88:30:39:04:8b:d0:ff:3a:ef:25:d7:46:
3c:c9:8a:a8:14:91:f4:4d:bb:4e:18:c4:31:df:00:96:72:2e:
74:ab:17:73:b8:fb:f0:09:f2:e0:a4:0c:8f:d8:50:e0:79:0d:
db:f8:00:0c:63:72:d1:90:f8:70:2f:ac:e5:42:05:fa:c7:4b:
4a:02:2c:3b:9e:79:de:6e:f4:38:86:25:c9:84:b2:6d:21:3e:
2c:ea:26:47:7c:26:47:d5:f0:37:f6:a9:8f:7d:f0:4e:46:e3:
44:34:cf:77:fc:71:b4:19:1e:f7:96:b0:97:2f:4a:68:af:5f:
f3:f5:b0:83:1f:0a:ae:99:11:5e:f6:84:06:d5:d4:3f:89:e7:
93:6c:73:2b:6c:d2:49:ef:47:14:f5:c5:37:92:87:18:e4:bb:
50:7e:c1:49:7c:09:4a:86:5e:ea:b0:6a:94:6c:4b:4e:15:27:
bc:38:05:3d:12:7c:ef:c9:42:5a:b2:a5:18:b6:04:ad:36:a7:
7e:a5:48:ea:41:bd:e1:13:11:e9:c4:28:cb:31:23:c9:d7:c0:
72:ba:73:f9:12:a9:20:42:cc:00:7d:6c:19:1d:84:c4:ae:0c:
8e:77:a9:cd
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQVFMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTEwMTM1NTM2WhcNMjUxMjEwMTM1NTM2WjAYMRYw
FAYDVQQDEw02NzgxMjZkYy1kNjEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArHNSM0Tken4hvf05AbzkykR8YRdkYDpHt79mAd6+x0TtXXmVDq1BuqQa
teGRzmp6zvsoWDjQLomVl7VivNI6PFVL1wq6cQ2BYIUoo01Vuqy2up8f5gXLxMKR
Kd/f10NLYx63fL8I3kLKWl3QBxduKg2RBnapsjp54K5WumhxuQ3RrdvnwTq8AepU
7ek3KyliM5tri16xJcc8Qq1Fjofh3ZENrjj4+rAhcTO4nDGgX/iUSL2c3xRzFhwp
IyQyK6txLv+HJfayAOurzpnYgBlopmnYFAvaHQ4rrRerdJq4I8BulpxpPV+OCsbE
1FAe4cpN3MaPoJCiTyG05oLIhwmTmQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNaO
WeNWoD5S2N2W3Eobx02oJrMNMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85MzgzMDQ3NENGNUExMUVGOEMzQ0MxQUY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc6SMA0GCSqGSIb3DQEBCwUA
A4IBAQBUPQEemCRiywPX2jBF3sPHmqBtg4CRX1yIMDkEi9D/Ou8l10Y8yYqoFJH0
TbtOGMQx3wCWci50qxdzuPvwCfLgpAyP2FDgeQ3b+AAMY3LRkPhwL6zlQgX6x0tK
Aiw7nnnebvQ4hiXJhLJtIT4s6iZHfCZH1fA39qmPffBORuNENM93/HG0GR73lrCX
L0por1/z9bCDHwqumRFe9oQG1dQ/ieeTbHMrbNJJ70cU9cU3kocY5LtQfsFJfAlK
hl7qsGqUbEtOFSe8OAU9EnzvyUJasqUYtgStNqd+pUjqQb3hExHpxCjLMSPJ18By
unP5EqkgQswAfWwZHYTErgyOd6nN
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:47:55 2025 by rpki-client