Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E621C70ABDEF11EFA03DEE96762E951A.roa
File: E621C70ABDEF11EFA03DEE96762E951A.roa (raw, json)
Hash identifier: tPZ0jXJ83/wzrzjPOxx51QwHM9Qv4etuXFZhp6Hy+kU=
Subject key identifier: EB:EF:3A:DC:DD:76:8C:8C:AB:AD:C9:00:F7:31:8C:99:F3:60:E2:74
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E5F1
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E621C70ABDEF11EFA03DEE96762E951A.roa
Signing time: Thu 19 Dec 2024 09:59:13 +0000
ROA not before: Thu 19 Dec 2024 09:59:09 +0000
ROA not after: Wed 10 Dec 2025 09:59:09 +0000
asID: 984
IP address blocks: 45.206.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58865 (0xe5f1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 19 09:59:09 2024 GMT
Not After : Dec 10 09:59:09 2025 GMT
Subject: CN=6763ee71-afba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:48:16:15:27:10:56:df:bf:0c:9a:9a:99:f3:
02:c5:93:b2:fc:75:ca:21:7c:d1:49:8b:34:28:2d:
02:37:f9:95:0c:2a:3e:54:d6:e2:a2:02:16:6c:8d:
d9:e7:ef:89:3c:94:c7:ca:20:53:bd:60:26:ee:f6:
5c:b5:e9:8d:37:45:12:0b:d5:e4:d8:29:c8:6b:8a:
c9:bd:07:73:f4:a0:c9:26:a5:70:77:71:cc:ea:0a:
f1:5e:5b:67:f9:1c:36:67:57:7d:c7:b1:39:17:a0:
54:bc:91:c5:22:87:90:ae:6d:6b:49:95:32:3b:00:
cd:02:22:93:4a:c3:14:35:5e:40:9a:2a:aa:0a:fa:
44:c7:53:c4:9c:ef:25:2b:8c:76:f7:d3:15:03:72:
a3:84:75:d7:a3:c0:c2:d5:e9:00:6b:e5:ba:f3:26:
4d:6f:b3:78:26:5d:81:af:3e:d3:db:a5:0d:45:ce:
90:3a:76:2b:9c:67:ad:fc:97:14:e2:91:ac:0c:c0:
d1:ce:48:fe:0a:d9:3b:1c:ef:77:de:5b:de:ce:3e:
2b:f1:f9:ed:18:e5:8c:15:20:e9:79:83:bb:9b:fa:
34:fb:47:4f:64:2d:0e:d6:38:06:79:7c:5a:c7:ab:
81:da:35:55:a1:fe:00:87:35:e2:c8:70:7d:2a:99:
a1:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:EF:3A:DC:DD:76:8C:8C:AB:AD:C9:00:F7:31:8C:99:F3:60:E2:74
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E621C70ABDEF11EFA03DEE96762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.206.121.0/24
Signature Algorithm: sha256WithRSAEncryption
22:d8:ee:81:d2:1f:3d:97:34:8e:9e:dd:e4:8b:84:af:42:ce:
b8:37:79:75:5c:77:ec:83:f6:ed:1a:5d:eb:96:17:31:6f:f6:
ec:30:1e:94:cd:5a:5e:27:f0:e7:d2:69:24:6d:6e:3b:d8:d5:
1d:35:94:74:d4:05:e8:9c:90:a4:f1:f8:d3:4e:67:59:de:7f:
fe:b6:75:b8:a9:42:31:63:80:51:55:52:3c:83:2d:1a:16:d0:
19:82:87:1e:9b:c9:86:1b:44:37:3e:f7:74:02:2e:ac:11:4d:
04:0f:c0:c1:04:2a:26:ea:18:e2:59:bb:29:c9:8b:ee:ea:22:
ba:3a:29:a8:02:86:34:72:66:bc:86:d9:28:f5:6e:61:f9:87:
88:2f:e0:40:a2:0f:fa:33:5b:98:50:60:f1:98:59:10:7e:29:
8a:44:24:15:4c:3b:40:65:a7:ae:c4:d8:e8:b1:42:4c:ae:a9:
15:34:ca:23:80:45:c6:38:d4:8b:f0:b6:d6:80:bf:fa:91:1b:
98:e3:59:dc:82:ef:46:14:8f:4a:11:e7:06:08:1d:df:e9:c1:
d1:0b:0a:c8:2c:76:c6:da:d5:89:b5:a8:bc:e2:5a:59:d6:26:
f1:42:56:86:4e:6f:05:a3:f5:e3:a3:d3:9a:22:e0:68:5c:68:
17:39:83:f1
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOXxMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjE5MDk1OTA5WhcNMjUxMjEwMDk1OTA5WjAYMRYw
FAYDVQQDEw02NzYzZWU3MS1hZmJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtkgWFScQVt+/DJqamfMCxZOy/HXKIXzRSYs0KC0CN/mVDCo+VNbiogIW
bI3Z5++JPJTHyiBTvWAm7vZctemNN0USC9Xk2CnIa4rJvQdz9KDJJqVwd3HM6grx
Xltn+Rw2Z1d9x7E5F6BUvJHFIoeQrm1rSZUyOwDNAiKTSsMUNV5AmiqqCvpEx1PE
nO8lK4x299MVA3KjhHXXo8DC1ekAa+W68yZNb7N4Jl2Brz7T26UNRc6QOnYrnGet
/JcU4pGsDMDRzkj+Ctk7HO933lvezj4r8fntGOWMFSDpeYO7m/o0+0dPZC0O1jgG
eXxax6uB2jVVof4AhzXiyHB9KpmhRwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOvv
OtzddoyMq63JAPcxjJnzYOJ0MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FNjIxQzcwQUJERUYxMUVGQTAzREVFOTY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc55MA0GCSqGSIb3DQEBCwUA
A4IBAQAi2O6B0h89lzSOnt3ki4SvQs64N3l1XHfsg/btGl3rlhcxb/bsMB6UzVpe
J/Dn0mkkbW472NUdNZR01AXonJCk8fjTTmdZ3n/+tnW4qUIxY4BRVVI8gy0aFtAZ
gocem8mGG0Q3Pvd0Ai6sEU0ED8DBBCom6hjiWbspyYvu6iK6OimoAoY0cma8htko
9W5h+YeIL+BAog/6M1uYUGDxmFkQfimKRCQVTDtAZaeuxNjosUJMrqkVNMojgEXG
ONSL8LbWgL/6kRuY41ncgu9GFI9KEecGCB3f6cHRCwrILHbG2tWJtai84lpZ1ibx
QlaGTm8Fo/Xjo9OaIuBoXGgXOYPx
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:56:21 2025 by rpki-client