Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DABBE72ACF5A11EFB750E0B1762E951A.roa
File: DABBE72ACF5A11EFB750E0B1762E951A.roa (raw, json)
Hash identifier: cXqpOdAs8HP0P43SBrBtVmweUUD3/QvrZUO9dmKpaDM=
Subject key identifier: CF:72:2A:62:3B:85:EC:B3:BA:3D:8A:68:B4:5D:F7:60:C9:20:82:F2
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010547
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DABBE72ACF5A11EFB750E0B1762E951A.roa
Signing time: Fri 10 Jan 2025 13:57:40 +0000
ROA not before: Fri 10 Jan 2025 13:57:36 +0000
ROA not after: Wed 10 Dec 2025 13:57:36 +0000
asID: 984
IP address blocks: 45.206.160.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66887 (0x10547)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 10 13:57:36 2025 GMT
Not After : Dec 10 13:57:36 2025 GMT
Subject: CN=67812753-cd31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:bc:d3:44:8d:7a:d6:56:7b:01:10:93:20:3c:
76:f1:0d:c7:82:39:ed:7d:aa:a9:93:35:42:e3:e6:
21:b5:ed:e8:68:e6:fa:50:06:d2:62:57:cc:b6:db:
c7:e4:ed:52:ff:34:6a:1b:1c:f3:af:9a:86:e9:e0:
49:b9:ef:6e:c6:8a:52:99:74:d7:db:47:26:3b:37:
84:f8:d9:3a:43:7b:9e:b4:1a:74:94:18:ef:87:4f:
5b:83:92:3e:0e:41:e1:b2:6d:48:0b:ce:4e:f3:f9:
6a:ab:e2:6e:a2:08:b8:c2:64:fb:9a:5e:f3:79:15:
39:af:fe:77:59:10:c1:0b:8b:7d:1a:dc:93:e7:97:
d9:f7:1f:b5:18:44:05:7e:a9:b0:ca:1c:80:39:ad:
6e:6c:b4:cb:04:40:f2:b7:8f:a7:04:6b:53:69:46:
12:fa:da:f0:88:c4:e9:42:f8:ef:32:f2:2b:fe:c3:
0a:f3:9f:56:f1:02:c7:33:94:70:ec:3e:6d:cb:19:
7a:7d:44:fa:c6:e8:36:b0:26:01:f1:d1:84:de:73:
a0:87:48:cd:50:e9:05:45:e9:ca:d7:5d:7e:8c:31:
94:1a:e9:33:f2:bf:0e:40:98:c6:b9:d6:1a:8e:56:
76:1c:51:ac:cf:d4:3d:6f:e9:4e:1f:3e:1a:73:88:
bc:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:72:2A:62:3B:85:EC:B3:BA:3D:8A:68:B4:5D:F7:60:C9:20:82:F2
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DABBE72ACF5A11EFB750E0B1762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.206.160.0/24
Signature Algorithm: sha256WithRSAEncryption
91:32:92:f6:14:a2:b3:b0:ee:0e:2a:77:5e:a5:64:3c:07:1b:
88:f5:01:1d:02:1e:39:e6:29:f4:ff:a8:7a:08:99:d6:ab:e7:
48:f4:63:3c:44:7b:a3:73:c2:3a:f3:aa:97:a5:5b:ce:94:1a:
19:7d:54:1b:3b:68:14:3e:73:2e:03:ac:50:c9:3f:52:8a:f7:
b8:2d:8a:43:4f:9f:d2:f9:88:97:57:37:4b:b0:d5:fc:39:22:
d6:bf:e7:b2:9c:2c:34:d7:72:f6:66:dc:05:19:b5:8f:f3:ef:
05:07:35:59:b0:13:8c:a0:59:26:db:59:3e:10:b4:95:03:5a:
20:9c:5d:41:c9:75:d4:7e:fb:74:0b:e0:1c:05:7e:0e:eb:e2:
07:50:69:87:0d:08:80:c6:95:28:5c:a5:ac:ca:ef:ac:e5:b3:
e2:a5:c5:c3:5e:1f:71:50:ba:4b:5b:20:91:97:ea:a6:17:0a:
6f:ac:3d:83:30:b2:4f:df:97:ca:10:84:80:b5:8e:83:90:c1:
2c:d3:35:fc:1b:88:87:75:68:36:f5:5e:d8:0c:49:fb:95:bc:
51:c4:4a:2c:ab:1e:45:d6:34:1a:18:06:3d:a1:78:d9:f5:35:
d2:be:d0:b3:8f:f5:cc:c4:a4:df:f5:38:39:8b:18:17:cc:e8:
68:61:01:4c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQVHMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTEwMTM1NzM2WhcNMjUxMjEwMTM1NzM2WjAYMRYw
FAYDVQQDEw02NzgxMjc1My1jZDMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzrzTRI161lZ7ARCTIDx28Q3HgjntfaqpkzVC4+Yhte3oaOb6UAbSYlfM
ttvH5O1S/zRqGxzzr5qG6eBJue9uxopSmXTX20cmOzeE+Nk6Q3uetBp0lBjvh09b
g5I+DkHhsm1IC85O8/lqq+Juogi4wmT7ml7zeRU5r/53WRDBC4t9GtyT55fZ9x+1
GEQFfqmwyhyAOa1ubLTLBEDyt4+nBGtTaUYS+trwiMTpQvjvMvIr/sMK859W8QLH
M5Rw7D5tyxl6fUT6xug2sCYB8dGE3nOgh0jNUOkFRenK111+jDGUGukz8r8OQJjG
udYajlZ2HFGsz9Q9b+lOHz4ac4i8IwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFM9y
KmI7heyzuj2KaLRd92DJIILyMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EQUJCRTcyQUNGNUExMUVGQjc1MEUwQjE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc6gMA0GCSqGSIb3DQEBCwUA
A4IBAQCRMpL2FKKzsO4OKndepWQ8BxuI9QEdAh455in0/6h6CJnWq+dI9GM8RHuj
c8I686qXpVvOlBoZfVQbO2gUPnMuA6xQyT9Sive4LYpDT5/S+YiXVzdLsNX8OSLW
v+eynCw013L2ZtwFGbWP8+8FBzVZsBOMoFkm21k+ELSVA1ognF1ByXXUfvt0C+Ac
BX4O6+IHUGmHDQiAxpUoXKWsyu+s5bPipcXDXh9xULpLWyCRl+qmFwpvrD2DMLJP
35fKEISAtY6DkMEs0zX8G4iHdWg29V7YDEn7lbxRxEosqx5F1jQaGAY9oXjZ9TXS
vtCzj/XMxKTf9Tg5ixgXzOhoYQFM
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:42:00 2025 by rpki-client