Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A34E6026BE7311EFAA5D1A4A762E951A.roa
File: A34E6026BE7311EFAA5D1A4A762E951A.roa (raw, json)
Hash identifier: 87l66e9RVdcNCu03LGp2FKCCDBMVcNAt5TXaLEwMVew=
Subject key identifier: 6E:39:43:A6:1C:FB:D4:03:B4:4E:1A:4B:7D:E4:9A:18:58:6F:4D:2C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E60A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A34E6026BE7311EFAA5D1A4A762E951A.roa
Signing time: Fri 20 Dec 2024 01:42:14 +0000
ROA not before: Fri 20 Dec 2024 01:42:11 +0000
ROA not after: Wed 10 Dec 2025 01:42:11 +0000
asID: 984
IP address blocks: 45.206.132.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58890 (0xe60a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 20 01:42:11 2024 GMT
Not After : Dec 10 01:42:11 2025 GMT
Subject: CN=6764cb76-07fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:da:d6:27:0b:3d:54:28:93:8d:27:64:2d:ef:
17:a7:ab:be:5b:1f:07:1b:a2:08:2a:4d:56:30:77:
eb:8a:f5:05:8f:08:78:c2:89:dd:4d:7c:88:d4:b2:
80:98:ef:5d:fc:1e:2e:65:83:ab:47:b7:06:41:83:
ee:f8:68:45:2a:b6:8f:61:b1:24:d6:98:75:6d:f5:
d6:f3:2a:e3:3d:84:9c:ae:4f:5e:c2:1f:12:2a:c5:
55:33:25:c1:d2:bf:8d:a3:8f:06:aa:32:1a:e7:3b:
59:75:99:53:6b:91:c9:52:e1:58:6f:ac:71:0c:8e:
43:98:c7:a3:3b:06:7a:78:db:3d:06:57:8a:7f:6a:
e4:e3:cb:a4:d0:94:99:ab:29:a6:bd:74:6c:3e:ce:
75:ed:f4:49:55:aa:b9:50:7b:b9:6a:88:90:e4:e2:
d0:ed:13:c4:7d:cd:f8:3e:49:75:88:02:10:ea:48:
87:0b:26:48:57:8e:9c:03:de:65:68:44:68:05:ed:
e6:e2:ca:67:e9:a1:73:3e:ff:29:bb:40:5b:ae:fc:
01:12:2c:21:35:a3:f2:80:bc:f8:ff:4a:84:f5:0d:
54:ae:18:23:27:30:b4:8d:45:8b:22:d6:20:ca:5f:
83:3d:4c:04:3d:a4:5e:74:5a:f3:80:92:03:27:1b:
f5:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:39:43:A6:1C:FB:D4:03:B4:4E:1A:4B:7D:E4:9A:18:58:6F:4D:2C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A34E6026BE7311EFAA5D1A4A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.206.132.0/24
Signature Algorithm: sha256WithRSAEncryption
30:9a:a7:5c:ce:36:5c:b5:e0:1c:6b:47:03:2b:72:86:a3:8e:
da:18:b8:f3:43:dc:b6:92:80:56:ba:4e:2e:d7:dc:db:93:e2:
b8:18:49:20:dc:16:5c:31:00:c7:2b:a4:1b:cc:b7:5c:41:fe:
8d:9a:71:92:f7:ef:9c:22:02:cc:04:fb:6c:10:69:ee:d2:72:
f4:da:77:5a:58:91:47:92:4c:0e:c5:2a:7f:ad:e8:d4:58:1e:
b8:90:08:d0:30:dd:89:38:fd:46:75:ca:7f:c1:41:67:45:90:
92:63:c3:27:32:8b:9f:04:e4:60:e0:8f:06:75:fd:0e:aa:2e:
a8:26:14:73:87:f5:a1:cd:1f:88:08:31:bf:97:ac:65:a1:91:
26:b5:2e:92:65:9a:6d:48:79:d1:26:e1:06:d3:49:58:9f:da:
d8:87:81:4c:e9:71:82:b1:3f:fd:8b:a7:17:fd:8f:9f:60:c6:
54:ee:7b:7e:9f:ff:53:e3:49:b6:ff:14:7a:63:32:ff:1d:b0:
a2:5c:26:cb:6e:c0:0e:71:c2:16:cb:b4:14:cd:03:35:d7:0c:
a9:7d:41:e4:d8:54:79:ef:53:c3:87:b5:ba:ed:e8:52:e9:81:
de:b2:91:2c:25:88:cd:e7:e8:05:31:45:bf:32:45:2b:2d:49:
ce:23:8b:ad
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOYKMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjIwMDE0MjExWhcNMjUxMjEwMDE0MjExWjAYMRYw
FAYDVQQDEw02NzY0Y2I3Ni0wN2ZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqNrWJws9VCiTjSdkLe8Xp6u+Wx8HG6IIKk1WMHfrivUFjwh4wondTXyI
1LKAmO9d/B4uZYOrR7cGQYPu+GhFKraPYbEk1ph1bfXW8yrjPYScrk9ewh8SKsVV
MyXB0r+No48GqjIa5ztZdZlTa5HJUuFYb6xxDI5DmMejOwZ6eNs9BleKf2rk48uk
0JSZqymmvXRsPs517fRJVaq5UHu5aoiQ5OLQ7RPEfc34Pkl1iAIQ6kiHCyZIV46c
A95laERoBe3m4spn6aFzPv8pu0BbrvwBEiwhNaPygLz4/0qE9Q1UrhgjJzC0jUWL
ItYgyl+DPUwEPaRedFrzgJIDJxv1dwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFG45
Q6Yc+9QDtE4aS33kmhhYb00sMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BMzRFNjAyNkJFNzMxMUVGQUE1RDFBNEE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc6EMA0GCSqGSIb3DQEBCwUA
A4IBAQAwmqdczjZcteAca0cDK3KGo47aGLjzQ9y2koBWuk4u19zbk+K4GEkg3BZc
MQDHK6QbzLdcQf6NmnGS9++cIgLMBPtsEGnu0nL02ndaWJFHkkwOxSp/rejUWB64
kAjQMN2JOP1Gdcp/wUFnRZCSY8MnMoufBORg4I8Gdf0Oqi6oJhRzh/WhzR+ICDG/
l6xloZEmtS6SZZptSHnRJuEG00lYn9rYh4FM6XGCsT/9i6cX/Y+fYMZU7nt+n/9T
40m2/xR6YzL/HbCiXCbLbsAOccIWy7QUzQM11wypfUHk2FR571PDh7W67ehS6YHe
spEsJYjN5+gFMUW/MkUrLUnOI4ut
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:56:40 2025 by rpki-client