Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B83F3696BE8611EFB2F71651762E951A.roa
File: B83F3696BE8611EFB2F71651762E951A.roa (raw, json)
Hash identifier: BGtxAL05LxOPN8XBE+9eveUoZpDpW1wBliNVOLlMChY=
Subject key identifier: 03:34:6B:DA:45:70:3D:95:ED:79:4F:DD:4B:54:69:B3:FA:53:CF:83
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E690
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B83F3696BE8611EFB2F71651762E951A.roa
Signing time: Fri 20 Dec 2024 03:58:50 +0000
ROA not before: Fri 20 Dec 2024 03:58:46 +0000
ROA not after: Wed 10 Dec 2025 03:58:46 +0000
asID: 984
IP address blocks: 45.206.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59024 (0xe690)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 20 03:58:46 2024 GMT
Not After : Dec 10 03:58:46 2025 GMT
Subject: CN=6764eb7a-1b58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:34:4a:82:37:3f:bc:f8:84:2d:0c:20:33:91:
24:bc:ba:f5:69:90:80:fa:98:19:db:a1:e6:9e:27:
6a:1a:21:2a:3f:97:59:37:69:cd:43:69:17:d9:dd:
f9:30:89:58:af:ef:5f:f7:05:4f:75:fd:8f:43:63:
cd:e4:33:31:6c:9e:58:85:4e:02:55:04:7a:d9:85:
8e:7c:f3:ff:19:1c:e4:c4:39:81:4f:83:b1:1a:5a:
e3:70:e5:57:52:3d:ff:f2:5b:c7:c8:8c:24:71:90:
f3:dd:e9:43:bf:dc:98:f9:f7:31:bf:df:4d:28:92:
ed:a8:00:67:34:be:37:f6:31:60:d0:43:a9:9b:6d:
38:6a:4e:ac:05:4b:a6:58:ef:22:0d:17:7a:79:3e:
a6:23:6e:6f:9d:50:f4:94:8e:bd:1c:14:72:88:5d:
03:21:6b:4b:4e:62:17:be:cd:95:48:31:9a:dd:b1:
22:0d:20:aa:0b:ea:12:a6:47:98:a3:8e:27:4a:74:
eb:99:84:ce:e5:21:49:ef:58:3b:a3:aa:c8:73:4c:
db:f8:db:88:fe:b5:80:c2:3f:50:85:68:a4:64:6a:
34:36:f8:75:8d:1b:0c:d5:95:3e:e5:29:19:fa:b1:
f1:d2:90:c8:27:08:6e:14:92:86:c4:0c:79:76:cb:
fa:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:34:6B:DA:45:70:3D:95:ED:79:4F:DD:4B:54:69:B3:FA:53:CF:83
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B83F3696BE8611EFB2F71651762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.206.203.0/24
Signature Algorithm: sha256WithRSAEncryption
23:2d:92:c1:fe:af:5a:50:54:56:ec:7d:77:99:af:fa:ef:01:
51:95:70:a2:a3:0f:ed:0a:a6:b4:70:0d:67:8e:5e:8c:cf:1d:
1a:69:f4:e2:ef:77:cd:28:47:da:b4:a8:e7:40:60:c9:43:ad:
42:c4:82:69:6f:ad:32:1c:96:92:3e:7e:69:9b:e1:c6:64:af:
e5:17:32:2b:4e:b1:4e:39:1e:c9:0b:57:46:78:d9:08:ca:21:
7e:22:b6:fc:ec:68:18:cd:64:07:bc:37:b0:83:50:45:31:78:
c2:50:c0:8c:e8:e0:e7:db:67:7b:d1:b3:97:8b:62:59:b8:95:
b1:b4:57:0b:af:6a:2b:3d:39:04:9f:1c:ca:6f:69:ce:3d:f1:
8f:24:28:0e:09:c4:b4:7b:3a:4e:ab:f0:55:46:21:ae:c3:14:
ed:d5:c1:35:bb:8b:83:ac:f4:d4:98:79:7e:4d:64:2a:a6:3d:
94:53:15:1f:99:5d:6c:40:69:68:d5:1d:a9:ff:22:21:90:b7:
f9:df:2f:54:26:f3:bd:7e:d3:8a:65:3b:16:f8:ae:3a:11:cf:
ee:5a:33:9f:56:be:c5:f1:5c:4e:56:43:69:4f:ea:d3:25:7b:
27:b3:b5:60:ef:4e:2f:6f:56:85:05:f0:a8:96:5a:59:d6:2e:
49:d3:69:8b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOaQMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjIwMDM1ODQ2WhcNMjUxMjEwMDM1ODQ2WjAYMRYw
FAYDVQQDEw02NzY0ZWI3YS0xYjU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqjRKgjc/vPiELQwgM5EkvLr1aZCA+pgZ26HmnidqGiEqP5dZN2nNQ2kX
2d35MIlYr+9f9wVPdf2PQ2PN5DMxbJ5YhU4CVQR62YWOfPP/GRzkxDmBT4OxGlrj
cOVXUj3/8lvHyIwkcZDz3elDv9yY+fcxv99NKJLtqABnNL439jFg0EOpm204ak6s
BUumWO8iDRd6eT6mI25vnVD0lI69HBRyiF0DIWtLTmIXvs2VSDGa3bEiDSCqC+oS
pkeYo44nSnTrmYTO5SFJ71g7o6rIc0zb+NuI/rWAwj9QhWikZGo0Nvh1jRsM1ZU+
5SkZ+rHx0pDIJwhuFJKGxAx5dsv6yQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAM0
a9pFcD2V7XlP3UtUabP6U8+DMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CODNGMzY5NkJFODYxMUVGQjJGNzE2NTE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc7LMA0GCSqGSIb3DQEBCwUA
A4IBAQAjLZLB/q9aUFRW7H13ma/67wFRlXCiow/tCqa0cA1njl6Mzx0aafTi73fN
KEfatKjnQGDJQ61CxIJpb60yHJaSPn5pm+HGZK/lFzIrTrFOOR7JC1dGeNkIyiF+
Irb87GgYzWQHvDewg1BFMXjCUMCM6ODn22d70bOXi2JZuJWxtFcLr2orPTkEnxzK
b2nOPfGPJCgOCcS0ezpOq/BVRiGuwxTt1cE1u4uDrPTUmHl+TWQqpj2UUxUfmV1s
QGlo1R2p/yIhkLf53y9UJvO9ftOKZTsW+K46Ec/uWjOfVr7F8VxOVkNpT+rTJXsn
s7Vg704vb1aFBfCollpZ1i5J02mL
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:58:19 2025 by rpki-client