Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9CF58ADCC3B511EFBEA67897762E951A.roa
File: 9CF58ADCC3B511EFBEA67897762E951A.roa (raw, json)
Hash identifier: kfCtAIR2gV9k2sQZs3zlXXf68LNZVZXfSoTlLN43ZvQ=
Subject key identifier: AE:DA:4D:13:71:79:58:E0:6E:70:79:08:AB:E0:B9:09:59:55:E3:19
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EE71
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9CF58ADCC3B511EFBEA67897762E951A.roa
Signing time: Thu 26 Dec 2024 18:17:06 +0000
ROA not before: Thu 26 Dec 2024 18:17:02 +0000
ROA not after: Fri 12 Dec 2025 18:17:02 +0000
asID: 984
IP address blocks: 45.207.21.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61041 (0xee71)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 18:17:02 2024 GMT
Not After : Dec 12 18:17:02 2025 GMT
Subject: CN=676d9da2-6dec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:65:58:8c:35:65:0f:46:59:c1:f4:12:41:a4:
6e:84:ab:ba:11:40:f4:dc:90:af:4b:93:3b:56:b6:
32:48:fe:17:13:5f:fd:92:52:42:6b:dd:00:7a:da:
95:c1:a6:25:3c:8e:8c:3f:e5:44:4e:9f:81:88:81:
7e:2c:ec:e1:a4:ef:2e:43:48:ea:56:54:e5:43:49:
0d:b6:dd:bc:9f:7f:cb:07:a1:ab:ab:52:d9:13:f0:
67:5f:e2:70:6c:dd:62:1f:39:34:f8:8d:09:0a:6f:
e4:35:41:ca:02:9c:82:76:8b:2f:d5:eb:9a:29:7c:
16:87:3c:44:9d:4f:90:4c:a5:d1:21:63:ee:81:15:
70:ca:99:17:d9:3a:4f:9f:50:24:6f:ee:38:68:24:
3f:a5:b5:cf:4c:2b:ee:a0:b8:d7:be:f5:93:ab:e3:
fa:dc:16:17:26:49:7b:1e:ee:db:43:ea:5e:f6:78:
ea:f5:13:f3:44:e8:d2:c0:60:57:c4:d0:d5:4f:e7:
19:d5:ce:9d:bd:3d:a4:3e:d5:42:f3:35:0c:dd:ce:
46:6d:df:c9:f6:fd:52:34:32:6e:0d:50:a8:35:4e:
dd:5e:d7:3a:2f:f5:c8:4d:dd:ee:d5:3a:9a:db:8b:
79:18:8a:ed:07:37:6e:e6:c0:0a:34:9c:11:8e:77:
f7:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:DA:4D:13:71:79:58:E0:6E:70:79:08:AB:E0:B9:09:59:55:E3:19
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9CF58ADCC3B511EFBEA67897762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.207.21.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:a7:f4:81:e9:45:33:4b:63:84:1d:b9:b8:41:c1:39:53:0e:
3d:86:69:62:dc:e3:fb:36:fa:69:ff:7b:22:9c:64:3b:b7:dc:
aa:6c:6f:82:e3:bc:30:99:c5:4c:02:fb:49:2e:91:2b:39:b8:
32:1b:67:32:76:7e:05:f5:0c:63:11:70:97:3b:ca:e6:50:0c:
3d:a7:54:cb:37:41:c8:e9:51:d0:e3:ba:76:5f:4c:f7:0d:9c:
85:14:5d:e7:2a:68:0f:e9:95:f7:56:80:03:58:61:46:db:1e:
db:11:ef:41:52:1b:3a:7e:71:40:2a:a0:d0:15:91:2d:e1:54:
d3:52:c4:38:3d:29:97:3a:98:70:20:96:34:e0:ca:fb:ab:72:
b5:3f:2e:cb:aa:af:02:a1:af:b4:04:09:cb:1a:a3:fc:db:f0:
3f:45:c0:ca:a3:be:6a:c0:69:25:cb:5b:ac:8f:8c:f6:6f:7b:
19:37:7d:4d:07:a7:8a:29:e7:ce:b6:57:40:74:ed:ee:54:81:
28:95:7c:d6:78:9f:d3:f2:8a:69:b8:fa:ad:22:14:bf:70:4b:
d6:ae:16:58:c7:6c:3a:90:42:f4:e6:42:af:71:db:f2:18:c3:
19:ee:90:ff:0e:e1:62:ae:e9:4f:01:67:89:c4:3d:e8:41:dd:
48:89:b7:31
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO5xMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTgxNzAyWhcNMjUxMjEyMTgxNzAyWjAYMRYw
FAYDVQQDEw02NzZkOWRhMi02ZGVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA9mVYjDVlD0ZZwfQSQaRuhKu6EUD03JCvS5M7VrYySP4XE1/9klJCa90A
etqVwaYlPI6MP+VETp+BiIF+LOzhpO8uQ0jqVlTlQ0kNtt28n3/LB6Grq1LZE/Bn
X+JwbN1iHzk0+I0JCm/kNUHKApyCdosv1euaKXwWhzxEnU+QTKXRIWPugRVwypkX
2TpPn1Akb+44aCQ/pbXPTCvuoLjXvvWTq+P63BYXJkl7Hu7bQ+pe9njq9RPzROjS
wGBXxNDVT+cZ1c6dvT2kPtVC8zUM3c5Gbd/J9v1SNDJuDVCoNU7dXtc6L/XITd3u
1Tqa24t5GIrtBzdu5sAKNJwRjnf3dwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFK7a
TRNxeVjgbnB5CKvguQlZVeMZMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85Q0Y1OEFEQ0MzQjUxMUVGQkVBNjc4OTc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc8VMA0GCSqGSIb3DQEBCwUA
A4IBAQCrp/SB6UUzS2OEHbm4QcE5Uw49hmli3OP7Nvpp/3sinGQ7t9yqbG+C47ww
mcVMAvtJLpErObgyG2cydn4F9QxjEXCXO8rmUAw9p1TLN0HI6VHQ47p2X0z3DZyF
FF3nKmgP6ZX3VoADWGFG2x7bEe9BUhs6fnFAKqDQFZEt4VTTUsQ4PSmXOphwIJY0
4Mr7q3K1Py7Lqq8Coa+0BAnLGqP82/A/RcDKo75qwGkly1usj4z2b3sZN31NB6eK
KefOtldAdO3uVIEolXzWeJ/T8oppuPqtIhS/cEvWrhZYx2w6kEL05kKvcdvyGMMZ
7pD/DuFirulPAWeJxD3oQd1Iibcx
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:52:33 2025 by rpki-client