Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DE3A9C04BE8711EFAE4DD857762E951A.roa
File: DE3A9C04BE8711EFAE4DD857762E951A.roa (raw, json)
Hash identifier: OsJuSSMW3iEl1vrr2v445+jMj87KtxWgJpl1cWP23Ps=
Subject key identifier: 9A:2C:71:28:B2:6B:04:96:74:B6:4A:90:21:18:47:CA:8B:53:74:AE
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E69E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DE3A9C04BE8711EFAE4DD857762E951A.roa
Signing time: Fri 20 Dec 2024 04:07:03 +0000
ROA not before: Fri 20 Dec 2024 04:06:59 +0000
ROA not after: Wed 10 Dec 2025 04:06:59 +0000
asID: 984
IP address blocks: 45.206.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59038 (0xe69e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 20 04:06:59 2024 GMT
Not After : Dec 10 04:06:59 2025 GMT
Subject: CN=6764ed67-bd18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:26:6d:e4:fb:d1:b0:57:7e:59:68:75:68:32:
89:88:4a:3f:1e:2e:cb:e7:47:a0:ef:45:46:d9:50:
66:84:d4:8d:dd:82:13:4d:fb:02:8c:51:d7:ba:7b:
9f:01:49:5e:11:1c:74:e9:43:8f:c9:43:21:3e:f9:
7e:f9:4a:1c:ed:ef:67:c8:6b:12:fe:87:a2:f4:01:
3b:ea:39:4d:03:69:32:f3:dc:20:44:6c:67:b1:fe:
82:fe:a5:22:50:1d:c8:fd:17:7d:3b:1a:c2:90:6a:
16:58:89:d7:46:59:4e:07:f3:b8:c6:dd:06:7d:60:
a1:9f:87:ea:c5:8d:07:14:ff:8e:47:43:e8:4b:33:
04:65:b1:f1:86:22:4b:0a:dc:b4:5f:76:14:89:38:
b0:ff:75:1d:f9:24:25:5b:6d:79:fc:28:67:52:15:
61:15:5f:13:08:f5:8d:63:6a:71:50:e1:c9:70:61:
66:8b:08:5d:73:c0:77:ac:fb:04:fb:fc:67:22:65:
c5:37:bd:1c:b6:c9:8d:58:be:ad:f0:f9:67:c6:53:
f2:83:08:97:c3:3f:86:03:c2:87:fe:26:43:74:d3:
98:3d:3e:b2:1b:88:96:fb:6d:36:18:c7:ea:19:e3:
78:c6:c2:60:30:cd:aa:fc:5b:4f:64:eb:c5:2f:af:
18:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:2C:71:28:B2:6B:04:96:74:B6:4A:90:21:18:47:CA:8B:53:74:AE
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DE3A9C04BE8711EFAE4DD857762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.206.210.0/24
Signature Algorithm: sha256WithRSAEncryption
53:82:74:e7:88:ee:7b:49:3b:82:5a:34:d1:d0:ed:d8:75:81:
d8:9e:70:f9:a1:f3:ba:c6:d7:15:83:d5:2b:bf:9d:f8:85:b4:
84:70:c7:bd:6c:59:a9:c1:f1:b4:dd:ea:2b:06:2f:10:be:26:
10:31:ce:8c:8c:1a:f9:24:11:61:b3:d1:c6:20:ef:d7:b5:3f:
76:23:d3:b1:2b:70:ae:ed:bd:fe:3f:a8:d7:37:e0:95:10:f1:
54:7e:c5:c3:e2:c8:06:b7:24:d7:16:c1:ac:f6:cf:2b:7e:fd:
e4:2d:a1:cf:3f:d0:9e:41:5d:98:3e:8e:7b:c6:9c:5a:19:ae:
f4:36:e8:9c:e8:28:3e:10:9f:f7:d1:ee:ee:ff:58:f6:a6:8a:
76:95:9b:d3:6b:13:22:a4:81:58:5e:e7:b1:08:de:0d:c8:af:
4b:eb:b7:a6:4c:9b:ba:c3:3c:89:4b:e8:e9:cd:1e:89:6a:fd:
d4:05:bc:2a:de:ac:c4:e4:a2:18:a0:8a:9f:d5:5b:a4:f0:7e:
cd:3d:a1:a8:86:bc:0d:cd:32:3d:45:e1:33:52:de:8f:7f:cb:
f8:a6:b7:d8:09:35:17:d3:fd:f7:91:29:1d:72:8f:ea:3f:85:
d5:80:83:1f:86:a9:ab:80:31:43:40:7a:06:c9:e1:4f:38:9b:
d8:5d:d2:4e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOaeMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjIwMDQwNjU5WhcNMjUxMjEwMDQwNjU5WjAYMRYw
FAYDVQQDEw02NzY0ZWQ2Ny1iZDE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAziZt5PvRsFd+WWh1aDKJiEo/Hi7L50eg70VG2VBmhNSN3YITTfsCjFHX
unufAUleERx06UOPyUMhPvl++Uoc7e9nyGsS/oei9AE76jlNA2ky89wgRGxnsf6C
/qUiUB3I/Rd9OxrCkGoWWInXRllOB/O4xt0GfWChn4fqxY0HFP+OR0PoSzMEZbHx
hiJLCty0X3YUiTiw/3Ud+SQlW215/ChnUhVhFV8TCPWNY2pxUOHJcGFmiwhdc8B3
rPsE+/xnImXFN70ctsmNWL6t8PlnxlPygwiXwz+GA8KH/iZDdNOYPT6yG4iW+202
GMfqGeN4xsJgMM2q/FtPZOvFL68YSwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJos
cSiyawSWdLZKkCEYR8qLU3SuMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9ERTNBOUMwNEJFODcxMUVGQUU0REQ4NTc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc7SMA0GCSqGSIb3DQEBCwUA
A4IBAQBTgnTniO57STuCWjTR0O3YdYHYnnD5ofO6xtcVg9Urv534hbSEcMe9bFmp
wfG03eorBi8QviYQMc6MjBr5JBFhs9HGIO/XtT92I9OxK3Cu7b3+P6jXN+CVEPFU
fsXD4sgGtyTXFsGs9s8rfv3kLaHPP9CeQV2YPo57xpxaGa70Nuic6Cg+EJ/30e7u
/1j2pop2lZvTaxMipIFYXuexCN4NyK9L67emTJu6wzyJS+jpzR6Jav3UBbwq3qzE
5KIYoIqf1Vuk8H7NPaGohrwNzTI9ReEzUt6Pf8v4prfYCTUX0/33kSkdco/qP4XV
gIMfhqmrgDFDQHoGyeFPOJvYXdJO
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:47:59 2025 by rpki-client