Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9FD5AA36BE7211EFB799F843762E951A.roa
File: 9FD5AA36BE7211EFB799F843762E951A.roa (raw, json)
Hash identifier: pt5nTpkO1p0yXAlRslLqIzd6Ug/n21+Wb34O/KSR/k4=
Subject key identifier: 13:6A:C0:0B:43:9E:BA:86:09:FC:CA:36:6D:C8:11:C2:EB:D7:D1:AA
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E5FE
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9FD5AA36BE7211EFB799F843762E951A.roa
Signing time: Fri 20 Dec 2024 01:34:59 +0000
ROA not before: Fri 20 Dec 2024 01:34:55 +0000
ROA not after: Wed 10 Dec 2025 01:34:55 +0000
asID: 984
IP address blocks: 45.206.126.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58878 (0xe5fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 20 01:34:55 2024 GMT
Not After : Dec 10 01:34:55 2025 GMT
Subject: CN=6764c9c3-ea8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:36:e6:c4:57:04:39:97:86:94:7c:15:0f:94:
c0:16:4f:f2:78:2b:8e:67:af:df:6a:70:17:92:50:
5e:2f:83:8f:47:02:d1:da:83:6b:3d:e2:65:0f:37:
56:6a:45:0c:85:4e:ae:73:66:38:08:4e:89:01:5e:
5e:5e:f0:ae:20:16:f0:10:e3:5e:6e:c9:84:bc:80:
4d:4f:90:53:46:66:0e:63:46:a8:c6:e0:ef:25:b0:
b6:78:1d:f0:57:9d:70:3d:dc:74:5c:75:b2:1b:a1:
3c:31:aa:df:4d:91:d0:c1:5e:dc:5f:c6:5e:1d:7a:
73:9a:ed:a0:f5:70:f8:80:d4:85:7e:a5:a3:9a:4c:
6b:34:ad:60:e5:7a:be:cc:e7:5a:87:35:04:b1:02:
77:31:3c:ee:a0:aa:03:4c:fd:3e:60:8a:60:60:40:
76:c1:8f:82:e4:ee:4c:d8:cb:e4:18:f4:be:d1:71:
64:75:10:f6:e7:c6:b5:1e:86:54:c3:7e:d8:7a:49:
6a:32:5a:58:66:53:59:da:fb:31:93:b4:2d:aa:00:
d3:e8:88:68:4d:b2:d1:07:15:1f:83:51:b2:30:7b:
6b:bb:3d:3b:08:d7:e5:93:4f:6e:47:22:9a:71:25:
9c:84:3d:72:45:0c:97:1d:b6:7e:53:8f:5f:40:fb:
91:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:6A:C0:0B:43:9E:BA:86:09:FC:CA:36:6D:C8:11:C2:EB:D7:D1:AA
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9FD5AA36BE7211EFB799F843762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.206.126.0/24
Signature Algorithm: sha256WithRSAEncryption
73:51:9b:db:d5:2f:1d:1c:96:a1:1b:d5:80:0e:12:b3:8f:70:
8d:85:09:2c:dd:cc:5d:ca:8a:7b:6e:56:75:31:ed:00:a2:ad:
c2:67:57:c0:47:29:20:72:71:bc:73:7f:cd:15:a6:23:f5:95:
87:ac:6f:3a:3f:68:8f:74:45:d2:5e:76:c9:91:85:af:df:9b:
01:b2:83:5e:6e:6f:e2:d8:d3:de:7d:7a:2d:4d:52:0a:21:55:
e2:31:83:55:b7:c0:50:bb:3b:57:c7:5a:b4:41:32:8d:69:17:
bc:70:0b:66:d1:54:ea:f5:f2:f7:34:a6:31:c4:6d:45:cc:86:
91:27:a1:47:78:f8:10:63:0f:9f:9c:98:b8:ca:fe:5b:e9:a9:
95:04:11:9a:23:54:18:34:d9:86:75:6a:e4:1f:d3:25:10:dd:
12:f2:39:4f:f9:ce:40:7c:5b:62:27:c7:f7:8f:7f:0e:6e:d7:
c9:c5:9e:a3:3f:47:00:e4:0a:0c:b1:9d:bf:bf:27:a9:a7:e8:
d8:e1:10:fe:5b:ff:0f:51:81:39:9c:f7:95:e9:36:d9:30:ca:
2a:c6:b0:99:12:be:3d:92:19:72:21:84:b8:eb:32:36:95:4d:
84:9e:32:48:ca:15:c3:51:1e:5a:9b:09:1c:d3:e3:96:17:98:
af:33:2b:f1
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOX+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjIwMDEzNDU1WhcNMjUxMjEwMDEzNDU1WjAYMRYw
FAYDVQQDEw02NzY0YzljMy1lYThiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtzbmxFcEOZeGlHwVD5TAFk/yeCuOZ6/fanAXklBeL4OPRwLR2oNrPeJl
DzdWakUMhU6uc2Y4CE6JAV5eXvCuIBbwEONebsmEvIBNT5BTRmYOY0aoxuDvJbC2
eB3wV51wPdx0XHWyG6E8MarfTZHQwV7cX8ZeHXpzmu2g9XD4gNSFfqWjmkxrNK1g
5Xq+zOdahzUEsQJ3MTzuoKoDTP0+YIpgYEB2wY+C5O5M2MvkGPS+0XFkdRD258a1
HoZUw37YeklqMlpYZlNZ2vsxk7QtqgDT6IhoTbLRBxUfg1GyMHtruz07CNflk09u
RyKacSWchD1yRQyXHbZ+U49fQPuRlQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBNq
wAtDnrqGCfzKNm3IEcLr19GqMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85RkQ1QUEzNkJFNzIxMUVGQjc5OUY4NDM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc5+MA0GCSqGSIb3DQEBCwUA
A4IBAQBzUZvb1S8dHJahG9WADhKzj3CNhQks3cxdyop7blZ1Me0Aoq3CZ1fARykg
cnG8c3/NFaYj9ZWHrG86P2iPdEXSXnbJkYWv35sBsoNebm/i2NPefXotTVIKIVXi
MYNVt8BQuztXx1q0QTKNaRe8cAtm0VTq9fL3NKYxxG1FzIaRJ6FHePgQYw+fnJi4
yv5b6amVBBGaI1QYNNmGdWrkH9MlEN0S8jlP+c5AfFtiJ8f3j38ObtfJxZ6jP0cA
5AoMsZ2/vyepp+jY4RD+W/8PUYE5nPeV6TbZMMoqxrCZEr49khlyIYS46zI2lU2E
njJIyhXDUR5amwkc0+OWF5ivMyvx
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:45:07 2025 by rpki-client