Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B475DA4EBE8E11EFBCDC7F83762E951A.roa
File: B475DA4EBE8E11EFBCDC7F83762E951A.roa (raw, json)
Hash identifier: HcDzVnZ3y6cuIjzJorpnxsjPPmzS60VqM+XtdiPcQXc=
Subject key identifier: 3F:F9:0B:A5:E0:4D:6C:E8:B7:11:A6:7E:BE:AB:B0:78:15:13:02:70
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E6F0
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B475DA4EBE8E11EFBCDC7F83762E951A.roa
Signing time: Fri 20 Dec 2024 04:56:00 +0000
ROA not before: Fri 20 Dec 2024 04:55:56 +0000
ROA not after: Wed 10 Dec 2025 04:55:56 +0000
asID: 984
IP address blocks: 45.206.251.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59120 (0xe6f0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 20 04:55:56 2024 GMT
Not After : Dec 10 04:55:56 2025 GMT
Subject: CN=6764f8df-2501
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:41:b2:00:b2:4c:f0:8a:de:a2:a6:98:44:fc:
f0:d8:77:2a:bc:a7:56:67:fe:f1:9c:a3:34:7c:33:
b0:35:b0:51:9f:b1:cc:87:c5:97:cd:29:6b:99:b2:
2f:25:4d:01:06:04:18:8c:54:4f:46:f8:56:96:26:
43:65:28:39:ac:a7:51:80:15:06:ee:71:15:a2:26:
a1:db:5e:5e:02:91:aa:cb:09:63:b3:63:5a:e3:a5:
09:98:35:32:cb:fa:ef:02:02:eb:b3:d8:cf:36:72:
e2:4b:ad:5a:4c:6d:71:3e:27:50:3f:0e:8b:a8:81:
f7:27:df:fc:9b:fb:95:f1:0b:0d:01:4c:60:8a:df:
7a:6d:dc:a8:f7:36:71:5c:d9:03:04:c0:d4:a2:38:
1f:f5:a9:af:8f:38:ad:87:59:03:45:b0:9c:8e:df:
8f:3b:61:5b:68:52:dc:03:76:78:8c:e6:4d:c9:5e:
cf:46:57:9a:3f:f8:68:68:2d:11:f1:da:de:59:ca:
e3:31:72:87:72:81:9c:07:1c:84:a6:e3:90:ca:96:
de:61:1f:73:98:ac:ae:cc:2b:2d:a2:7f:4e:4f:e1:
f5:8a:97:24:0a:10:86:c0:54:7a:9a:96:81:79:b9:
11:e1:61:7e:bd:18:35:e7:79:fb:fc:17:d4:d5:ad:
5f:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:F9:0B:A5:E0:4D:6C:E8:B7:11:A6:7E:BE:AB:B0:78:15:13:02:70
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B475DA4EBE8E11EFBCDC7F83762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.206.251.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:19:15:58:2c:60:ae:d4:42:01:b7:ef:4e:35:1f:06:6e:0c:
ce:bd:3b:e6:57:62:cb:7d:66:ff:fc:a2:dc:a0:08:0a:af:79:
e3:f6:a3:20:ec:ed:48:ef:3d:26:7e:58:d8:43:86:56:b3:a9:
ee:d7:bf:2a:0b:e9:36:cf:c9:0c:20:2e:2f:8c:b0:cd:e7:bd:
d4:fc:2c:75:14:99:c2:f7:91:59:9a:8e:ec:56:27:27:9a:f2:
64:29:a6:1f:5a:e7:01:23:ac:4a:9e:0b:0b:8d:22:77:3b:11:
88:a8:50:13:61:d5:18:4d:3b:24:ce:87:c6:d2:93:9f:73:4b:
2a:4e:d0:dd:e2:76:6f:40:fc:c5:d2:2c:f4:85:fc:3d:cc:db:
14:37:cb:78:7d:14:f1:51:7e:a0:c4:5f:75:eb:74:52:b3:55:
7a:92:a4:3c:96:35:c7:32:72:9f:7c:bf:3e:a8:16:1c:ba:55:
fd:16:7c:8b:2c:6c:73:65:e8:4f:49:24:b6:c1:49:8d:c9:f2:
c8:21:1c:4a:6b:3c:3e:b4:ce:b4:8d:08:2c:1b:df:bb:e4:59:
4b:38:73:2d:ca:3b:19:97:73:aa:ee:a5:61:d5:d1:b6:77:7c:
4a:78:74:78:3d:6e:6a:b1:86:b5:67:e0:bb:6e:6f:2c:65:c6:
0d:ff:a9:dd
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAObwMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjIwMDQ1NTU2WhcNMjUxMjEwMDQ1NTU2WjAYMRYw
FAYDVQQDEw02NzY0ZjhkZi0yNTAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA50GyALJM8IreoqaYRPzw2HcqvKdWZ/7xnKM0fDOwNbBRn7HMh8WXzSlr
mbIvJU0BBgQYjFRPRvhWliZDZSg5rKdRgBUG7nEVoiah215eApGqywljs2Na46UJ
mDUyy/rvAgLrs9jPNnLiS61aTG1xPidQPw6LqIH3J9/8m/uV8QsNAUxgit96bdyo
9zZxXNkDBMDUojgf9amvjzith1kDRbCcjt+PO2FbaFLcA3Z4jOZNyV7PRleaP/ho
aC0R8dreWcrjMXKHcoGcBxyEpuOQypbeYR9zmKyuzCston9OT+H1ipckChCGwFR6
mpaBebkR4WF+vRg153n7/BfU1a1fuwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFD/5
C6XgTWzotxGmfr6rsHgVEwJwMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CNDc1REE0RUJFOEUxMUVGQkNEQzdGODM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc77MA0GCSqGSIb3DQEBCwUA
A4IBAQCKGRVYLGCu1EIBt+9ONR8GbgzOvTvmV2LLfWb//KLcoAgKr3nj9qMg7O1I
7z0mfljYQ4ZWs6nu178qC+k2z8kMIC4vjLDN573U/Cx1FJnC95FZmo7sVicnmvJk
KaYfWucBI6xKngsLjSJ3OxGIqFATYdUYTTskzofG0pOfc0sqTtDd4nZvQPzF0iz0
hfw9zNsUN8t4fRTxUX6gxF9163RSs1V6kqQ8ljXHMnKffL8+qBYculX9FnyLLGxz
ZehPSSS2wUmNyfLIIRxKazw+tM60jQgsG9+75FlLOHMtyjsZl3Oq7qVh1dG2d3xK
eHR4PW5qsYa1Z+C7bm8sZcYN/6nd
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:38:21 2025 by rpki-client