Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B6908816BE8811EFA8FCF35D762E951A.roa
File: B6908816BE8811EFA8FCF35D762E951A.roa (raw, json)
Hash identifier: ncnqCd/4/ubH7m6BSCpQ58P2ekk7Bn4xQOcujS9xa/Q=
Subject key identifier: 52:0F:2F:6A:4A:5D:E1:88:EB:E8:F5:D9:67:2A:AC:5C:2A:EA:A0:CC
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E6A8
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B6908816BE8811EFA8FCF35D762E951A.roa
Signing time: Fri 20 Dec 2024 04:13:06 +0000
ROA not before: Fri 20 Dec 2024 04:13:02 +0000
ROA not after: Wed 10 Dec 2025 04:13:02 +0000
asID: 984
IP address blocks: 45.206.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59048 (0xe6a8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 20 04:13:02 2024 GMT
Not After : Dec 10 04:13:02 2025 GMT
Subject: CN=6764eed2-5def
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:df:76:fc:85:b8:72:ff:50:23:d9:15:67:2a:
bf:5a:e2:6a:4a:4c:20:77:a0:a2:fb:30:2a:74:aa:
8c:f3:4b:b5:01:e9:95:75:65:03:9c:cb:33:6d:11:
6b:38:b7:56:a7:46:49:e5:67:01:4e:cb:31:d3:df:
01:57:60:37:81:4f:e7:5d:31:84:13:3e:4c:b6:15:
e3:fe:24:23:ce:d7:2f:82:d7:2d:42:e0:57:59:30:
44:69:a5:81:4b:7c:e4:ff:70:9c:92:de:78:85:26:
2c:e6:74:cc:8b:0a:56:4f:28:c1:23:12:73:92:61:
20:b5:4b:f2:da:d0:a3:05:16:cf:d3:44:56:0a:0c:
9d:d9:a4:ff:b6:0b:ec:2e:0d:68:f6:95:3f:b3:90:
a8:88:96:69:7a:b1:64:98:4d:df:b0:5d:20:ee:f2:
50:0f:ad:05:53:8b:0c:c4:84:42:da:2d:84:b6:72:
6d:64:8d:e0:a2:86:49:ea:84:8e:a7:83:63:9e:91:
10:ba:d0:ad:3a:e1:7f:6e:1e:3c:be:70:b6:d2:39:
dc:f1:1a:bb:d5:04:42:64:6d:17:eb:06:8a:aa:9c:
69:08:4b:cb:e1:00:a9:ed:68:57:66:20:b0:65:9e:
82:19:b5:c3:72:34:e1:f0:d8:37:82:58:37:a6:45:
d7:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:0F:2F:6A:4A:5D:E1:88:EB:E8:F5:D9:67:2A:AC:5C:2A:EA:A0:CC
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B6908816BE8811EFA8FCF35D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.206.215.0/24
Signature Algorithm: sha256WithRSAEncryption
24:b6:89:a7:f9:ca:eb:5c:69:33:4b:ea:91:87:e9:20:34:76:
a2:8d:b3:f4:18:9b:5d:62:3d:a5:e5:d0:17:7e:a9:37:63:1d:
e4:42:7f:61:b6:67:7a:91:06:24:5d:c6:61:43:42:02:20:89:
f8:35:8d:7d:61:39:ff:c0:f7:53:6d:6a:b1:25:da:ce:49:5a:
d9:ca:55:12:30:ae:b9:df:27:d0:81:f8:ac:b4:f0:ac:84:41:
10:39:04:4a:99:39:e8:8b:1e:f6:67:64:80:a1:2d:cd:52:b2:
a3:ec:bd:51:a6:c5:c2:fc:92:c1:4f:b3:ee:ec:57:a4:be:1f:
79:41:4f:30:54:90:87:ea:e7:61:14:14:c6:0c:2f:86:bb:9b:
64:52:0c:14:90:5d:19:ad:04:2b:aa:78:e1:a6:f8:07:cf:a6:
b0:75:67:33:81:ef:5e:d7:48:71:b9:de:49:a9:47:6a:61:ae:
7f:ab:f6:ad:17:2a:42:fd:1f:ff:f6:22:5a:00:48:b2:2f:a6:
8c:bf:82:e3:8c:64:35:da:dc:d2:b9:55:1f:7b:62:b5:0e:3c:
68:3a:16:2f:f5:30:33:c0:fe:86:27:c9:9d:64:aa:f4:85:06:
4b:b8:3f:63:59:8b:00:1f:da:fc:6a:f6:ed:9d:92:c7:e1:c6:
fb:17:6a:24
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOaoMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjIwMDQxMzAyWhcNMjUxMjEwMDQxMzAyWjAYMRYw
FAYDVQQDEw02NzY0ZWVkMi01ZGVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAu992/IW4cv9QI9kVZyq/WuJqSkwgd6Ci+zAqdKqM80u1AemVdWUDnMsz
bRFrOLdWp0ZJ5WcBTssx098BV2A3gU/nXTGEEz5MthXj/iQjztcvgtctQuBXWTBE
aaWBS3zk/3Cckt54hSYs5nTMiwpWTyjBIxJzkmEgtUvy2tCjBRbP00RWCgyd2aT/
tgvsLg1o9pU/s5CoiJZperFkmE3fsF0g7vJQD60FU4sMxIRC2i2EtnJtZI3gooZJ
6oSOp4NjnpEQutCtOuF/bh48vnC20jnc8Rq71QRCZG0X6waKqpxpCEvL4QCp7WhX
ZiCwZZ6CGbXDcjTh8Ng3glg3pkXXpwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFIP
L2pKXeGI6+j12WcqrFwq6qDMMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CNjkwODgxNkJFODgxMUVGQThGQ0YzNUQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc7XMA0GCSqGSIb3DQEBCwUA
A4IBAQAktomn+crrXGkzS+qRh+kgNHaijbP0GJtdYj2l5dAXfqk3Yx3kQn9htmd6
kQYkXcZhQ0ICIIn4NY19YTn/wPdTbWqxJdrOSVrZylUSMK653yfQgfistPCshEEQ
OQRKmTnoix72Z2SAoS3NUrKj7L1RpsXC/JLBT7Pu7Fekvh95QU8wVJCH6udhFBTG
DC+Gu5tkUgwUkF0ZrQQrqnjhpvgHz6awdWczge9e10hxud5JqUdqYa5/q/atFypC
/R//9iJaAEiyL6aMv4LjjGQ12tzSuVUfe2K1DjxoOhYv9TAzwP6GJ8mdZKr0hQZL
uD9jWYsAH9r8avbtnZLH4cb7F2ok
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:38:01 2025 by rpki-client