Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C78C90D0BE7711EFA7DC5968762E951A.roa
File: C78C90D0BE7711EFA7DC5968762E951A.roa (raw, json)
Hash identifier: 3mAN8ZG6QMF8At/iUB1lPlSLmxt9OFrgQVVV3nwWAK4=
Subject key identifier: BC:5F:8A:45:C4:75:0E:F9:90:31:88:5D:F9:D6:80:D2:56:B0:83:AE
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E63C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C78C90D0BE7711EFA7DC5968762E951A.roa
Signing time: Fri 20 Dec 2024 02:11:53 +0000
ROA not before: Fri 20 Dec 2024 02:11:49 +0000
ROA not after: Wed 10 Dec 2025 02:11:49 +0000
asID: 984
IP address blocks: 45.206.158.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58940 (0xe63c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 20 02:11:49 2024 GMT
Not After : Dec 10 02:11:49 2025 GMT
Subject: CN=6764d269-e177
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:e5:f4:ae:9a:1d:89:d3:be:f0:aa:e2:5b:86:
91:9f:d6:a9:d7:25:33:2a:08:d6:1f:cc:fb:27:9b:
8a:3a:04:2d:e4:9f:66:85:bf:19:99:68:98:07:5f:
74:41:de:73:6c:84:85:d0:4e:f5:9e:73:05:0a:ce:
92:0a:f4:4e:be:80:33:be:1d:fb:c6:69:f7:2f:91:
2f:f7:5c:17:17:c9:d7:8a:96:61:c0:13:5d:60:9d:
7d:e1:8e:43:2a:92:66:4a:7b:7e:20:60:ea:cf:68:
87:23:3c:c9:b5:16:8c:54:f5:67:6c:24:02:c4:b7:
15:18:d8:c7:58:65:84:db:4e:ce:44:5a:cd:32:dc:
51:e2:9e:54:9a:ed:63:20:49:db:8e:65:d6:a3:2b:
e3:ee:2f:d0:df:58:0c:1a:7f:b7:7f:e5:b4:60:6d:
a4:2d:d5:2a:c0:b4:f7:39:44:81:be:fd:f2:a1:b4:
8b:6f:54:23:6e:05:05:02:97:f6:2b:ab:1e:62:dc:
66:2c:2e:51:e7:60:d9:63:50:f7:96:29:51:ff:c7:
86:64:f6:51:36:56:0a:ef:70:82:99:67:07:36:0e:
75:f5:6e:1a:3d:4c:99:a2:31:95:30:42:cf:33:d4:
16:45:e9:68:f5:5a:77:a8:57:f0:b7:b7:45:ae:8a:
c5:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:5F:8A:45:C4:75:0E:F9:90:31:88:5D:F9:D6:80:D2:56:B0:83:AE
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C78C90D0BE7711EFA7DC5968762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.206.158.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:af:58:23:cd:a5:0c:38:1c:3d:bb:03:47:0b:d4:fe:81:33:
51:01:0b:7d:32:98:2e:0a:4a:d8:71:36:fe:6c:fe:40:d3:55:
1e:ec:9b:4d:75:9e:ce:d4:8f:26:52:08:07:13:13:42:dc:34:
1f:45:1b:58:3a:26:fc:dc:c7:06:20:ae:b4:d4:4f:71:a8:26:
17:fc:6f:5c:25:b1:ca:85:70:4a:54:34:e8:45:15:fc:2e:d1:
99:08:60:01:24:38:4e:6e:38:b6:25:52:b2:7d:a6:41:b9:e7:
09:6f:67:8e:01:6d:a5:a4:b6:2b:33:4a:ab:6b:48:aa:56:80:
31:d6:b7:61:58:24:ed:be:df:b0:3b:05:71:5b:e3:a6:5f:b6:
7e:bc:e8:e7:48:a7:a4:11:ae:4b:a6:48:9a:a7:60:68:3f:b0:
78:8d:e3:b1:4b:97:c9:9e:b7:8c:5b:97:24:98:47:51:c4:d7:
13:aa:0e:2d:0c:a5:07:c9:06:dd:88:3b:7c:dc:be:b7:b4:1a:
d7:cd:8f:79:b1:5d:81:cb:db:15:b4:11:c6:b6:9d:15:65:49:
5e:12:60:a6:fc:30:64:97:af:8e:23:fb:86:0c:71:0c:a2:8f:
02:9f:fa:69:e9:7d:d6:9a:ac:f8:cb:b3:92:ba:39:f8:15:c8:
de:24:e7:bf
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOY8MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjIwMDIxMTQ5WhcNMjUxMjEwMDIxMTQ5WjAYMRYw
FAYDVQQDEw02NzY0ZDI2OS1lMTc3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAweX0rpodidO+8KriW4aRn9ap1yUzKgjWH8z7J5uKOgQt5J9mhb8ZmWiY
B190Qd5zbISF0E71nnMFCs6SCvROvoAzvh37xmn3L5Ev91wXF8nXipZhwBNdYJ19
4Y5DKpJmSnt+IGDqz2iHIzzJtRaMVPVnbCQCxLcVGNjHWGWE207ORFrNMtxR4p5U
mu1jIEnbjmXWoyvj7i/Q31gMGn+3f+W0YG2kLdUqwLT3OUSBvv3yobSLb1QjbgUF
Apf2K6seYtxmLC5R52DZY1D3lilR/8eGZPZRNlYK73CCmWcHNg519W4aPUyZojGV
MELPM9QWRelo9Vp3qFfwt7dFrorF8QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLxf
ikXEdQ75kDGIXfnWgNJWsIOuMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DNzhDOTBEMEJFNzcxMUVGQTdEQzU5Njg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc6eMA0GCSqGSIb3DQEBCwUA
A4IBAQBar1gjzaUMOBw9uwNHC9T+gTNRAQt9MpguCkrYcTb+bP5A01Ue7JtNdZ7O
1I8mUggHExNC3DQfRRtYOib83McGIK601E9xqCYX/G9cJbHKhXBKVDToRRX8LtGZ
CGABJDhObji2JVKyfaZBuecJb2eOAW2lpLYrM0qra0iqVoAx1rdhWCTtvt+wOwVx
W+OmX7Z+vOjnSKekEa5Lpkiap2BoP7B4jeOxS5fJnreMW5ckmEdRxNcTqg4tDKUH
yQbdiDt83L63tBrXzY95sV2By9sVtBHGtp0VZUleEmCm/DBkl6+OI/uGDHEMoo8C
n/pp6X3Wmqz4y7OSujn4FcjeJOe/
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:58:46 2025 by rpki-client