Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E4AD1844BE8E11EF8A40B083762E951A.roa
File: E4AD1844BE8E11EF8A40B083762E951A.roa (raw, json)
Hash identifier: weGygMGaFeaqDEGpa6wWIhy6S7+M4kY4vC8hzLB7nrU=
Subject key identifier: 6D:74:34:1D:1B:27:80:77:BC:4E:27:90:88:2A:3A:7D:38:A2:F9:05
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E6F2
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E4AD1844BE8E11EF8A40B083762E951A.roa
Signing time: Fri 20 Dec 2024 04:57:20 +0000
ROA not before: Fri 20 Dec 2024 04:57:17 +0000
ROA not after: Wed 10 Dec 2025 04:57:17 +0000
asID: 984
IP address blocks: 45.206.252.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59122 (0xe6f2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 20 04:57:17 2024 GMT
Not After : Dec 10 04:57:17 2025 GMT
Subject: CN=6764f930-ccef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:1a:53:ad:4a:22:8d:8e:e2:d3:79:72:53:dd:
7e:cb:ad:3b:ec:8e:df:d3:31:54:fa:97:c3:7b:fb:
e0:a1:3c:3d:56:8d:30:13:27:a2:9a:42:a7:f5:06:
d4:0a:3b:14:f2:8b:34:f3:71:22:4a:2f:c2:76:a6:
4e:c0:10:b9:9e:cd:65:61:02:d5:14:38:b3:9a:50:
fe:a0:dd:b7:f8:7f:3e:7c:8d:6a:74:76:4d:1a:e5:
d1:d1:ac:7f:0e:4c:fc:72:fb:ae:1f:ef:99:c6:9e:
04:57:72:9a:84:11:86:1f:f9:ff:4d:f1:35:56:a3:
ab:12:bb:2e:71:4f:72:24:d1:8c:b3:61:4e:ea:a6:
8c:03:67:c9:81:bf:d6:1e:02:d1:97:7b:77:1b:e8:
62:40:f3:5c:77:cd:74:35:a5:e7:a3:33:11:41:43:
fb:bc:8b:46:14:82:ea:3f:3c:bd:27:02:38:1d:78:
cd:e5:5f:ec:b3:5c:55:d9:8a:ec:f4:48:84:58:fe:
ab:7c:56:bf:f1:f4:e0:82:71:a5:0e:e5:27:aa:8c:
85:8f:70:c7:3d:27:2c:bd:f6:a8:13:cd:43:38:a5:
57:33:e4:7d:02:e4:54:39:e4:bf:e0:b3:c9:6c:25:
31:c7:44:76:8c:4a:ec:aa:e0:5d:20:ce:8b:69:6a:
58:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:74:34:1D:1B:27:80:77:BC:4E:27:90:88:2A:3A:7D:38:A2:F9:05
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E4AD1844BE8E11EF8A40B083762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.206.252.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:55:f6:11:b9:d1:0f:bb:2a:95:97:a1:5b:18:cd:3f:81:3d:
66:1d:46:64:1b:94:ff:ef:ba:e6:8a:5c:14:ec:40:ef:06:cd:
16:4c:d4:23:d1:00:e9:6d:cc:1b:b9:2c:4e:3b:67:ff:a1:df:
9a:bc:88:d3:a8:2c:e8:53:3e:f6:9d:ee:88:3e:20:26:f1:cb:
11:a0:24:de:8c:5e:84:81:af:a0:f4:1d:12:94:9e:78:23:87:
1b:75:17:69:b9:c5:62:59:3c:da:59:c1:dd:0d:01:17:ff:09:
96:38:a8:e2:fb:87:c5:33:66:2e:76:1f:ac:f9:91:c4:a4:1d:
0d:ad:18:90:cf:42:fb:95:21:11:4f:1e:91:49:33:54:94:6e:
d2:63:4d:4b:5d:c8:f1:4b:02:8d:3e:da:75:51:8d:9b:5c:49:
a1:a3:45:90:7a:ed:91:ff:06:81:38:8b:fc:ec:38:c0:5b:b5:
14:b2:61:07:20:b2:bb:34:c3:73:03:11:24:92:b8:d4:4b:dc:
80:d7:34:21:2a:82:d7:a2:ce:31:23:c7:93:04:d9:d5:f2:8c:
34:fa:7b:46:eb:0c:da:e2:fc:8c:a2:52:df:9b:63:bc:d5:80:
a6:4c:6b:1c:13:e2:e7:de:89:e5:c0:58:af:92:11:71:0c:d3:
a3:30:7b:d5
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAObyMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjIwMDQ1NzE3WhcNMjUxMjEwMDQ1NzE3WjAYMRYw
FAYDVQQDEw02NzY0ZjkzMC1jY2VmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3RpTrUoijY7i03lyU91+y6077I7f0zFU+pfDe/vgoTw9Vo0wEyeimkKn
9QbUCjsU8os083EiSi/CdqZOwBC5ns1lYQLVFDizmlD+oN23+H8+fI1qdHZNGuXR
0ax/Dkz8cvuuH++Zxp4EV3KahBGGH/n/TfE1VqOrErsucU9yJNGMs2FO6qaMA2fJ
gb/WHgLRl3t3G+hiQPNcd810NaXnozMRQUP7vItGFILqPzy9JwI4HXjN5V/ss1xV
2Yrs9EiEWP6rfFa/8fTggnGlDuUnqoyFj3DHPScsvfaoE81DOKVXM+R9AuRUOeS/
4LPJbCUxx0R2jErsquBdIM6LaWpYEQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFG10
NB0bJ4B3vE4nkIgqOn04ovkFMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FNEFEMTg0NEJFOEUxMUVGOEE0MEIwODM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc78MA0GCSqGSIb3DQEBCwUA
A4IBAQAtVfYRudEPuyqVl6FbGM0/gT1mHUZkG5T/77rmilwU7EDvBs0WTNQj0QDp
bcwbuSxOO2f/od+avIjTqCzoUz72ne6IPiAm8csRoCTejF6Ega+g9B0SlJ54I4cb
dRdpucViWTzaWcHdDQEX/wmWOKji+4fFM2Yudh+s+ZHEpB0NrRiQz0L7lSERTx6R
STNUlG7SY01LXcjxSwKNPtp1UY2bXEmho0WQeu2R/waBOIv87DjAW7UUsmEHILK7
NMNzAxEkkrjUS9yA1zQhKoLXos4xI8eTBNnV8ow0+ntG6wza4vyMolLfm2O81YCm
TGscE+Ln3onlwFivkhFxDNOjMHvV
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:53:46 2025 by rpki-client