Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E22B46AABE8811EFAA2D0D5E762E951A.roa
File: E22B46AABE8811EFAA2D0D5E762E951A.roa (raw, json)
Hash identifier: bw0fOdxOt4b5pt0X2TBLHbxJOPw9hxGJCdVvuOrZzO4=
Subject key identifier: 0E:99:E2:F8:16:32:4F:ED:F6:85:4C:03:BB:63:A7:66:E2:9E:CF:CA
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E6AA
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E22B46AABE8811EFAA2D0D5E762E951A.roa
Signing time: Fri 20 Dec 2024 04:14:19 +0000
ROA not before: Fri 20 Dec 2024 04:14:16 +0000
ROA not after: Wed 10 Dec 2025 04:14:16 +0000
asID: 984
IP address blocks: 45.206.216.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59050 (0xe6aa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 20 04:14:16 2024 GMT
Not After : Dec 10 04:14:16 2025 GMT
Subject: CN=6764ef1b-92bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:63:1d:d3:46:41:06:44:2b:14:5f:7a:10:9e:
d5:59:8f:73:d9:c0:12:d4:3f:43:c7:71:13:ee:60:
35:53:1e:9d:35:f2:36:64:e0:c5:90:ba:57:32:7c:
0c:71:81:3a:d8:8e:7f:e7:d7:96:39:35:d5:33:ce:
c0:ec:7a:7c:60:7e:f9:53:76:92:ab:6d:39:19:3a:
d5:0b:43:7b:95:e6:8c:ec:80:e9:43:09:3c:e4:d2:
cc:2b:cc:ee:9b:90:d5:63:32:58:75:6c:d7:3a:28:
91:29:c0:34:64:23:65:6c:66:00:bb:bc:05:c0:93:
4a:d0:8a:02:ae:ba:66:ef:bc:5a:e8:f8:b6:cf:30:
3f:2c:f8:de:12:79:00:57:8a:b5:db:bc:da:47:78:
50:b4:4e:6b:46:c6:3c:24:66:ee:9b:17:24:9a:1f:
d1:bb:cb:e3:73:8c:e2:aa:71:29:ae:66:20:f5:71:
5b:5d:62:b1:72:2b:d0:14:74:0e:17:55:6d:bb:3c:
68:51:53:63:c2:8b:e2:f6:2a:e2:23:a3:51:19:3f:
54:dc:dd:a1:b4:fd:45:57:8b:5f:61:5c:39:31:c7:
de:70:75:8e:c5:29:43:90:78:f4:02:91:e5:9a:8d:
c4:88:93:08:36:fe:da:4b:af:0f:78:c3:ae:7e:0a:
7c:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:99:E2:F8:16:32:4F:ED:F6:85:4C:03:BB:63:A7:66:E2:9E:CF:CA
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E22B46AABE8811EFAA2D0D5E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.206.216.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:3b:fa:68:22:49:e5:50:d1:6e:99:46:9e:47:8e:cc:71:98:
94:89:0a:1f:28:2d:4b:3e:33:eb:98:21:40:97:87:c0:e5:57:
41:e5:1d:aa:29:b9:e5:b8:d9:9d:2a:06:b5:dd:8b:2c:57:a1:
b4:74:65:1b:a4:00:84:32:72:0e:e5:5a:b8:c0:61:94:00:35:
f5:73:3f:74:04:9a:2b:67:5c:a6:e0:c9:65:88:42:ec:d8:5f:
e7:f6:3b:5b:ce:27:a8:75:89:e6:18:f7:bf:7a:1a:af:a7:56:
86:09:69:2d:4e:51:df:29:5e:aa:19:66:d6:c2:48:aa:9b:12:
f0:73:af:50:2d:b0:8c:94:df:7a:57:6e:c9:b0:71:f3:1a:3f:
f0:ce:01:8e:75:20:28:16:e7:ce:20:bd:d7:60:41:79:e5:cf:
ed:28:1c:d5:ec:3c:cd:2c:d0:1d:24:2d:6f:21:ad:bc:3c:72:
7e:cf:7c:48:63:2e:30:d9:80:76:78:18:60:c2:57:a3:2d:ed:
a1:f2:6d:ad:45:a2:d1:5d:f3:32:2f:3a:e3:f9:e8:f9:27:18:
4a:da:49:3a:ee:c2:98:0e:4d:50:20:27:6f:b7:06:98:84:a5:
48:4f:64:86:ea:4a:85:03:37:63:9e:1a:f6:5a:d8:fc:a4:e6:
25:cc:28:1c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOaqMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjIwMDQxNDE2WhcNMjUxMjEwMDQxNDE2WjAYMRYw
FAYDVQQDEw02NzY0ZWYxYi05MmJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuWMd00ZBBkQrFF96EJ7VWY9z2cAS1D9Dx3ET7mA1Ux6dNfI2ZODFkLpX
MnwMcYE62I5/59eWOTXVM87A7Hp8YH75U3aSq205GTrVC0N7leaM7IDpQwk85NLM
K8zum5DVYzJYdWzXOiiRKcA0ZCNlbGYAu7wFwJNK0IoCrrpm77xa6Pi2zzA/LPje
EnkAV4q127zaR3hQtE5rRsY8JGbumxckmh/Ru8vjc4ziqnEprmYg9XFbXWKxcivQ
FHQOF1VtuzxoUVNjwovi9iriI6NRGT9U3N2htP1FV4tfYVw5McfecHWOxSlDkHj0
ApHlmo3EiJMINv7aS68PeMOufgp8AwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFA6Z
4vgWMk/t9oVMA7tjp2bins/KMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FMjJCNDZBQUJFODgxMUVGQUEyRDBENUU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc7YMA0GCSqGSIb3DQEBCwUA
A4IBAQA7O/poIknlUNFumUaeR47McZiUiQofKC1LPjPrmCFAl4fA5VdB5R2qKbnl
uNmdKga13YssV6G0dGUbpACEMnIO5Vq4wGGUADX1cz90BJorZ1ym4MlliELs2F/n
9jtbzieodYnmGPe/ehqvp1aGCWktTlHfKV6qGWbWwkiqmxLwc69QLbCMlN96V27J
sHHzGj/wzgGOdSAoFufOIL3XYEF55c/tKBzV7DzNLNAdJC1vIa28PHJ+z3xIYy4w
2YB2eBhgwlejLe2h8m2tRaLRXfMyLzrj+ej5JxhK2kk67sKYDk1QICdvtwaYhKVI
T2SG6kqFAzdjnhr2Wtj8pOYlzCgc
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:54:28 2025 by rpki-client