Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/97A8BFC0BDBD11EF8AC69A60762E951A.roa
File: 97A8BFC0BDBD11EF8AC69A60762E951A.roa (raw, json)
Hash identifier: Crfmt9AhYb+J/aDLkE27d2f9G/UGacVvVH5tHF4gZto=
Subject key identifier: 1B:48:9C:90:5E:14:F0:DC:76:22:60:2E:BB:6D:0A:35:BB:2F:65:66
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E551
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/97A8BFC0BDBD11EF8AC69A60762E951A.roa
Signing time: Thu 19 Dec 2024 03:59:06 +0000
ROA not before: Thu 19 Dec 2024 03:59:03 +0000
ROA not after: Wed 10 Dec 2025 03:59:03 +0000
asID: 984
IP address blocks: 45.206.75.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58705 (0xe551)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 19 03:59:03 2024 GMT
Not After : Dec 10 03:59:03 2025 GMT
Subject: CN=67639a0a-e3e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:7f:fd:56:ed:bf:58:00:dd:ec:5a:4d:25:bc:
c0:ae:4c:24:8a:4a:17:ca:4f:6f:e8:e0:d7:f2:85:
8c:88:4a:b0:a8:5d:8d:6b:e0:dc:27:ff:11:79:8f:
d8:71:bd:48:d3:11:d0:cd:a5:37:fe:e6:4c:5f:6d:
68:3a:c5:44:6a:e6:c6:ef:f8:a6:fb:7a:da:a1:6c:
46:43:2a:30:94:95:10:b3:2f:2d:c0:72:4d:14:19:
bc:ff:c8:fd:fc:94:d3:19:00:21:bc:19:c9:e7:2d:
65:cc:24:24:cb:51:6e:fa:43:cc:9b:c9:af:3c:08:
c2:e0:c0:8b:13:11:3c:27:7d:97:ee:45:3e:f5:20:
72:73:65:f2:b5:df:33:56:44:45:69:2a:79:b4:7e:
02:dd:4b:5a:df:6c:ec:ef:0f:86:a6:16:53:0f:cc:
a0:28:ad:13:79:d2:dc:9c:b3:58:e7:48:e7:95:40:
e9:2f:b7:68:e5:2e:43:a1:08:4c:8a:82:10:89:f2:
0a:cf:f3:bd:ea:b3:6d:6d:b7:be:55:cb:c4:f5:70:
58:2d:59:39:f7:8d:4d:93:19:11:29:c8:e3:66:7d:
a7:13:2c:a9:8a:aa:3d:35:27:a0:47:ab:3a:21:c3:
cd:d5:3e:27:b7:66:ff:15:ec:bd:21:56:d1:af:58:
44:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:48:9C:90:5E:14:F0:DC:76:22:60:2E:BB:6D:0A:35:BB:2F:65:66
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/97A8BFC0BDBD11EF8AC69A60762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.206.75.0/24
Signature Algorithm: sha256WithRSAEncryption
61:ee:fd:07:03:e8:14:b5:17:f2:f1:2e:5a:cf:89:4e:54:5e:
6e:b3:5c:f7:b8:83:af:04:13:2e:23:47:50:2a:c4:57:e6:49:
98:b1:99:63:70:c3:29:98:17:82:03:a3:ff:00:83:f2:e9:39:
42:9a:db:0c:57:c3:8c:49:b8:06:4a:81:8a:c8:46:2c:d2:3a:
c2:0d:bf:09:a3:b8:bc:04:40:3a:85:1f:3f:8a:13:3e:44:24:
c0:ba:ff:75:8f:48:3d:4d:09:4b:8d:45:62:b0:a7:18:4a:5c:
58:c7:0b:b9:35:5a:e8:1f:b6:88:3c:e2:30:b2:c3:3a:e2:4c:
5d:b9:e2:e6:1b:8c:bf:4c:f6:3c:d0:ed:97:b8:3e:55:da:4b:
ff:a1:18:02:7e:90:2b:f9:05:de:a9:c7:32:90:09:0f:cb:68:
70:12:e8:d4:83:02:10:4c:f3:47:a9:9e:20:3a:91:33:df:70:
d5:23:39:a5:4f:b7:57:be:85:8c:c0:d7:06:04:63:fd:a6:af:
79:05:cb:74:b3:1d:47:88:e1:23:b9:64:5e:02:d6:57:10:84:
3a:f2:b3:2f:1c:d9:a1:34:da:36:d5:fb:ba:3d:1a:f9:32:26:
66:3e:3d:1c:b7:8f:20:aa:77:58:68:83:6c:2a:85:ef:b3:24:
2f:f3:c3:c5
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOVRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjE5MDM1OTAzWhcNMjUxMjEwMDM1OTAzWjAYMRYw
FAYDVQQDEw02NzYzOWEwYS1lM2U3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsn/9Vu2/WADd7FpNJbzArkwkikoXyk9v6ODX8oWMiEqwqF2Na+DcJ/8R
eY/Ycb1I0xHQzaU3/uZMX21oOsVEaubG7/im+3raoWxGQyowlJUQsy8twHJNFBm8
/8j9/JTTGQAhvBnJ5y1lzCQky1Fu+kPMm8mvPAjC4MCLExE8J32X7kU+9SByc2Xy
td8zVkRFaSp5tH4C3Uta32zs7w+GphZTD8ygKK0TedLcnLNY50jnlUDpL7do5S5D
oQhMioIQifIKz/O96rNtbbe+VcvE9XBYLVk5941NkxkRKcjjZn2nEyypiqo9NSeg
R6s6IcPN1T4nt2b/Fey9IVbRr1hE+wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBtI
nJBeFPDcdiJgLrttCjW7L2VmMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85N0E4QkZDMEJEQkQxMUVGOEFDNjlBNjA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc5LMA0GCSqGSIb3DQEBCwUA
A4IBAQBh7v0HA+gUtRfy8S5az4lOVF5us1z3uIOvBBMuI0dQKsRX5kmYsZljcMMp
mBeCA6P/AIPy6TlCmtsMV8OMSbgGSoGKyEYs0jrCDb8Jo7i8BEA6hR8/ihM+RCTA
uv91j0g9TQlLjUVisKcYSlxYxwu5NVroH7aIPOIwssM64kxdueLmG4y/TPY80O2X
uD5V2kv/oRgCfpAr+QXeqccykAkPy2hwEujUgwIQTPNHqZ4gOpEz33DVIzmlT7dX
voWMwNcGBGP9pq95Bct0sx1HiOEjuWReAtZXEIQ68rMvHNmhNNo21fu6PRr5MiZm
Pj0ct48gqndYaINsKoXvsyQv88PF
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:58:40 2025 by rpki-client