Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A9BC68DEBDBC11EFA3EE715A762E951A.roa
File: A9BC68DEBDBC11EFA3EE715A762E951A.roa (raw, json)
Hash identifier: Lgdlf2Whmtf/zc+uK3FivqZKYmGDl3AUR/p4bt+Q/GM=
Subject key identifier: A0:FE:60:8B:F7:1F:74:BF:ED:48:2E:58:19:E6:6C:63:3C:2A:91:C6
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E545
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A9BC68DEBDBC11EFA3EE715A762E951A.roa
Signing time: Thu 19 Dec 2024 03:52:27 +0000
ROA not before: Thu 19 Dec 2024 03:52:23 +0000
ROA not after: Wed 10 Dec 2025 03:52:23 +0000
asID: 984
IP address blocks: 45.206.69.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58693 (0xe545)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 19 03:52:23 2024 GMT
Not After : Dec 10 03:52:23 2025 GMT
Subject: CN=6763987b-e8ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:30:d7:f9:5c:61:a9:2c:74:d2:b2:f9:83:fe:
57:3e:cf:a2:35:e2:f0:bc:0b:16:67:3c:25:89:73:
e4:c8:a6:91:77:0d:dc:c6:3d:bf:79:6f:aa:b1:ea:
12:89:4e:45:50:11:e4:3d:04:3b:f3:7a:88:7a:65:
43:7e:d5:6c:6e:33:fd:7f:48:b3:49:a0:b2:18:0a:
6c:98:3c:cd:9e:02:bf:20:bb:f7:74:ef:44:99:4c:
21:59:4a:f3:8a:a3:4b:9d:b3:86:45:fa:68:9f:9f:
43:bb:1d:55:51:ae:0a:32:e0:18:34:c2:9c:ff:87:
7c:18:56:ce:57:ee:17:ed:fb:2e:76:f4:64:6c:0b:
99:de:23:cc:ef:9f:12:66:83:90:72:d3:ef:f2:a1:
4c:2f:dc:5b:ab:bd:11:27:a9:c1:aa:4d:e5:fc:8f:
6d:6c:81:54:7d:8f:8a:62:65:72:1f:eb:fd:5d:47:
33:a7:bc:d0:81:ba:bd:39:6b:1d:77:a7:9a:26:a1:
e4:35:36:3f:86:0c:55:e6:52:ab:e5:fe:e8:4d:fa:
de:b6:c6:68:3f:48:6b:9c:1c:6a:56:62:f1:2b:76:
76:99:c4:e5:c9:7a:cd:fe:9f:63:b2:16:8e:c3:bb:
b8:44:83:f6:bf:ab:a4:af:3d:6d:25:1e:82:e1:14:
39:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:FE:60:8B:F7:1F:74:BF:ED:48:2E:58:19:E6:6C:63:3C:2A:91:C6
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A9BC68DEBDBC11EFA3EE715A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.206.69.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:43:17:3b:92:6a:96:1a:fa:66:b3:6d:36:52:38:c6:c7:b5:
a8:89:74:a7:16:81:f2:31:0c:00:ae:4a:a0:e4:cd:4f:7b:0e:
b0:0a:17:97:5a:3e:16:3f:ea:e8:e5:31:84:51:75:37:40:de:
af:89:47:27:15:e9:6c:29:ff:d6:a0:46:13:a8:a1:89:9f:ac:
f7:4d:08:33:96:87:00:38:40:c2:96:aa:b4:7e:fa:38:e4:b5:
14:8b:92:95:9a:76:48:01:ee:3d:f9:a5:f2:9d:8a:41:19:4d:
64:9b:99:b0:57:88:fb:e0:a7:e0:40:a9:66:73:3b:c8:69:c3:
5b:61:0f:33:d5:b3:c7:cd:50:8e:c3:02:98:5a:e5:28:75:73:
51:ef:84:cd:a3:78:a3:09:9f:45:59:12:41:bb:e3:c4:c5:03:
5c:e3:f9:24:a7:b1:95:76:d6:8a:71:72:ac:30:ce:8a:8b:d1:
ba:7e:1f:ae:b4:48:e7:c6:ca:9e:78:c8:17:82:37:56:a0:b1:
8f:53:93:62:7e:08:a4:27:19:de:90:bf:bc:cd:eb:71:87:05:
a4:5c:18:af:4d:0f:38:c9:d3:72:23:45:2f:6d:36:09:d7:b4:
23:ad:46:74:cf:b5:c9:a8:f7:c7:bd:46:25:59:f4:a6:ea:1b:
73:21:48:a7
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOVFMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjE5MDM1MjIzWhcNMjUxMjEwMDM1MjIzWjAYMRYw
FAYDVQQDEw02NzYzOTg3Yi1lOGFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxjDX+VxhqSx00rL5g/5XPs+iNeLwvAsWZzwliXPkyKaRdw3cxj2/eW+q
seoSiU5FUBHkPQQ783qIemVDftVsbjP9f0izSaCyGApsmDzNngK/ILv3dO9EmUwh
WUrziqNLnbOGRfpon59Dux1VUa4KMuAYNMKc/4d8GFbOV+4X7fsudvRkbAuZ3iPM
758SZoOQctPv8qFML9xbq70RJ6nBqk3l/I9tbIFUfY+KYmVyH+v9XUczp7zQgbq9
OWsdd6eaJqHkNTY/hgxV5lKr5f7oTfretsZoP0hrnBxqVmLxK3Z2mcTlyXrN/p9j
shaOw7u4RIP2v6ukrz1tJR6C4RQ5qwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKD+
YIv3H3S/7UguWBnmbGM8KpHGMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BOUJDNjhERUJEQkMxMUVGQTNFRTcxNUE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc5FMA0GCSqGSIb3DQEBCwUA
A4IBAQB7Qxc7kmqWGvpms202UjjGx7WoiXSnFoHyMQwArkqg5M1Pew6wCheXWj4W
P+ro5TGEUXU3QN6viUcnFelsKf/WoEYTqKGJn6z3TQgzlocAOEDClqq0fvo45LUU
i5KVmnZIAe49+aXynYpBGU1km5mwV4j74KfgQKlmczvIacNbYQ8z1bPHzVCOwwKY
WuUodXNR74TNo3ijCZ9FWRJBu+PExQNc4/kkp7GVdtaKcXKsMM6Ki9G6fh+utEjn
xsqeeMgXgjdWoLGPU5NifgikJxnekL+8zetxhwWkXBivTQ84ydNyI0UvbTYJ17Qj
rUZ0z7XJqPfHvUYlWfSm6htzIUin
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:54:33 2025 by rpki-client