Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E57FFBC8B21411EF84AA5F89762E951A.roa
File: E57FFBC8B21411EF84AA5F89762E951A.roa (raw, json)
Hash identifier: JE6zU8l2iJW6yNDWA7jPXKqX+NKWdnlOuA26NLyCrpU=
Subject key identifier: 34:3C:5B:53:3F:E3:EF:75:90:85:3C:3F:A8:2E:3E:9E:D5:71:84:ED
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: DF42
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E57FFBC8B21411EF84AA5F89762E951A.roa
Signing time: Wed 04 Dec 2024 07:53:49 +0000
ROA not before: Wed 04 Dec 2024 07:53:45 +0000
ROA not after: Fri 24 Oct 2025 07:53:45 +0000
asID: 216183
IP address blocks: 45.206.9.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57154 (0xdf42)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 4 07:53:45 2024 GMT
Not After : Oct 24 07:53:45 2025 GMT
Subject: CN=67500a8d-c051
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:09:93:98:82:11:51:d2:89:5f:5d:3d:f2:92:
0c:2d:ef:e3:e2:52:6a:bf:eb:4e:2b:b9:46:3d:d1:
07:ee:57:05:83:14:bd:4c:79:58:71:66:ac:51:bd:
e5:9c:4f:84:a2:f0:aa:b0:0d:4e:c6:db:84:07:9d:
5d:10:9f:b8:3a:d3:d9:50:00:4e:4d:df:30:2d:59:
d2:10:eb:64:b6:15:e1:84:bf:60:0b:a4:df:8a:77:
94:8b:6d:71:48:55:47:31:bd:9c:d1:19:45:5e:71:
fb:46:a1:3a:43:f8:9e:e1:19:a3:65:17:e5:9d:ab:
eb:1d:32:f1:2c:ee:d4:23:3c:75:5f:fe:90:a1:49:
75:1d:30:6d:ca:6f:a9:e9:f2:13:c2:84:8f:d0:d7:
ae:37:bd:40:9a:19:f1:e0:95:b7:5e:e5:32:5c:e8:
d7:7e:10:a3:c1:1e:3f:7c:7a:f0:ad:fd:a4:f8:0b:
21:4a:b1:ab:cc:76:01:c3:e0:5c:16:b4:be:e0:cd:
4c:32:db:f6:1d:32:d0:62:83:4d:47:8d:b9:e4:08:
25:61:1f:3a:a4:c1:0d:39:af:ce:18:e9:79:f1:53:
d0:2d:1c:bd:8f:df:1d:8b:37:f0:5d:ca:44:e8:af:
11:77:d8:72:db:79:cc:b0:f6:d2:ca:83:a8:11:e6:
9b:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:3C:5B:53:3F:E3:EF:75:90:85:3C:3F:A8:2E:3E:9E:D5:71:84:ED
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E57FFBC8B21411EF84AA5F89762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.206.9.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:19:50:18:ac:ae:6a:da:3b:29:26:6f:d2:dc:11:45:ae:8d:
95:f9:28:7c:98:ec:00:ef:db:f9:48:fa:18:c3:51:e2:97:1a:
22:06:80:54:39:e9:a2:b3:eb:72:4e:a0:be:0d:0e:d5:99:8f:
a0:51:c9:2f:cf:48:f6:fd:d4:cf:b4:88:af:56:3a:41:8c:41:
03:c9:14:62:98:e7:a0:42:e0:a4:cc:af:c8:dc:a5:1d:ce:dd:
a8:3f:1a:a0:e9:9d:83:9a:90:6f:ee:03:bc:a9:01:e2:f9:8c:
a3:75:16:a7:9a:e0:9b:cb:97:50:52:a5:a0:ec:31:dc:76:7d:
57:56:21:1a:62:5a:4c:6b:1b:65:81:25:ec:0a:94:dd:87:01:
4c:c0:78:fc:32:70:db:9b:03:10:bd:43:12:7d:26:af:66:47:
a1:e2:38:bb:2b:3d:73:d5:2b:f1:29:29:60:56:fb:9e:3b:23:
5d:7b:63:13:28:93:4a:0b:b8:d4:d7:60:9d:32:19:da:de:a1:
95:56:26:3e:ca:7f:db:14:39:96:f0:12:e5:70:48:77:ca:46:
f3:14:46:fa:d4:7d:b7:0b:18:7f:e5:09:02:0a:4e:ea:84:cd:
4d:25:ba:74:c8:07:ee:27:03:1b:99:09:f2:2b:7e:86:cb:10:
ef:21:be:f0
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAN9CMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjA0MDc1MzQ1WhcNMjUxMDI0MDc1MzQ1WjAYMRYw
FAYDVQQDEw02NzUwMGE4ZC1jMDUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvwmTmIIRUdKJX1098pIMLe/j4lJqv+tOK7lGPdEH7lcFgxS9THlYcWas
Ub3lnE+EovCqsA1OxtuEB51dEJ+4OtPZUABOTd8wLVnSEOtkthXhhL9gC6TfineU
i21xSFVHMb2c0RlFXnH7RqE6Q/ie4RmjZRflnavrHTLxLO7UIzx1X/6QoUl1HTBt
ym+p6fITwoSP0NeuN71Amhnx4JW3XuUyXOjXfhCjwR4/fHrwrf2k+AshSrGrzHYB
w+BcFrS+4M1MMtv2HTLQYoNNR4255AglYR86pMENOa/OGOl58VPQLRy9j98dizfw
XcpE6K8Rd9hy23nMsPbSyoOoEeablQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDQ8
W1M/4+91kIU8P6guPp7VcYTtMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FNTdGRkJDOEIyMTQxMUVGODRBQTVGODk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc4JMA0GCSqGSIb3DQEBCwUA
A4IBAQBsGVAYrK5q2jspJm/S3BFFro2V+Sh8mOwA79v5SPoYw1HilxoiBoBUOemi
s+tyTqC+DQ7VmY+gUckvz0j2/dTPtIivVjpBjEEDyRRimOegQuCkzK/I3KUdzt2o
Pxqg6Z2DmpBv7gO8qQHi+YyjdRanmuCby5dQUqWg7DHcdn1XViEaYlpMaxtlgSXs
CpTdhwFMwHj8MnDbmwMQvUMSfSavZkeh4ji7Kz1z1SvxKSlgVvueOyNde2MTKJNK
C7jU12CdMhna3qGVViY+yn/bFDmW8BLlcEh3ykbzFEb61H23Cxh/5QkCCk7qhM1N
Jbp0yAfuJwMbmQnyK36GyxDvIb7w
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:00:46 2025 by rpki-client