Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E86298AEBE8B11EFA81F5171762E951A.roa
File: E86298AEBE8B11EFA81F5171762E951A.roa (raw, json)
Hash identifier: YzJU0Me5ZMPRMaFLbhsJgoOCFBC4xGr3M0R6LjlcZ0Y=
Subject key identifier: 83:B1:D2:AA:B4:64:67:5C:A1:00:5F:EA:88:27:12:A6:AA:C6:9B:19
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E6CE
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E86298AEBE8B11EFA81F5171762E951A.roa
Signing time: Fri 20 Dec 2024 04:35:58 +0000
ROA not before: Fri 20 Dec 2024 04:35:55 +0000
ROA not after: Wed 10 Dec 2025 04:35:55 +0000
asID: 984
IP address blocks: 45.206.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59086 (0xe6ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 20 04:35:55 2024 GMT
Not After : Dec 10 04:35:55 2025 GMT
Subject: CN=6764f42e-4582
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:d2:ca:d8:ed:12:7d:84:46:5c:cf:91:bb:2b:
54:82:09:c0:45:37:37:ef:e4:49:a2:c4:63:51:37:
2f:db:6c:1a:4c:e3:a4:60:d6:61:f3:b1:ac:44:a9:
9c:91:e1:6b:13:eb:62:c1:0f:b0:6e:66:f1:d3:6d:
29:bd:4c:b8:6a:f1:09:ea:9f:46:0b:7a:e3:b8:1e:
1a:48:4b:13:26:6f:07:04:78:f5:95:4d:97:73:8d:
e3:2b:fb:41:bd:f6:01:a2:15:a5:63:bf:68:81:86:
13:96:b9:c2:4f:77:7f:b7:d5:52:c3:d1:03:46:40:
6f:84:07:35:ec:ab:8f:7b:fb:3f:c4:d7:ca:cb:50:
09:7b:73:b4:1f:21:fd:f5:13:0d:99:15:64:1e:ff:
f7:c0:bc:8b:81:e7:54:3b:dc:9f:c5:ae:9e:50:6d:
76:fb:cf:c7:86:a7:0c:29:77:da:aa:cc:38:1d:1a:
73:94:25:e2:2d:04:4d:d6:37:80:0f:b7:5c:b5:c9:
98:33:c7:44:fb:6a:d1:4f:cb:6f:2a:28:b0:cd:08:
f7:0b:98:fe:d4:03:c6:e7:b8:73:05:77:36:9f:49:
9a:f0:56:48:a4:ce:01:2e:7b:f1:c7:25:4c:5c:7f:
39:46:ec:d4:84:0b:9a:51:60:c0:de:78:42:66:39:
6c:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:B1:D2:AA:B4:64:67:5C:A1:00:5F:EA:88:27:12:A6:AA:C6:9B:19
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E86298AEBE8B11EFA81F5171762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.206.234.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:57:fb:69:5a:b4:08:d3:e5:77:c2:9c:88:e0:9c:d5:d7:d6:
26:e6:5c:64:37:3b:67:1e:87:47:97:ab:a3:b6:54:6f:b6:62:
89:72:32:3b:d2:12:7a:92:c3:7a:17:75:c9:82:eb:18:69:ee:
26:1e:5a:27:15:24:95:61:bd:f0:1f:57:f2:dd:88:3e:1c:4c:
a9:c3:fb:f2:96:d3:43:76:72:f0:6e:74:c9:7e:52:d5:2f:34:
6e:f3:f4:d5:bf:9b:f7:3b:1b:70:7a:6d:9b:2b:3f:8f:51:ff:
65:a4:58:bb:7a:6e:83:9a:3b:50:d6:ef:ee:a7:37:57:fd:49:
b5:f2:b4:c8:ce:3c:d1:64:63:40:48:eb:77:b9:30:5b:83:6d:
41:ef:7f:a7:70:76:61:70:68:da:13:14:7a:c9:69:c9:96:f2:
1c:77:97:be:f3:7d:58:22:93:90:7b:29:b7:bc:17:30:6c:1b:
aa:1e:12:4d:bb:97:d5:7a:3a:dd:97:44:d1:5a:8a:91:b6:13:
3a:f3:4c:77:59:ff:2c:0c:77:97:4a:bb:f4:fa:f1:31:8e:db:
7c:91:31:21:d8:06:bc:6c:1f:84:3f:1b:7e:5a:39:e1:7b:c1:
b1:bc:0f:b3:ec:b7:cb:7c:5e:44:e3:d6:ae:35:4c:86:72:9c:
72:79:a1:09
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAObOMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjIwMDQzNTU1WhcNMjUxMjEwMDQzNTU1WjAYMRYw
FAYDVQQDEw02NzY0ZjQyZS00NTgyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7dLK2O0SfYRGXM+RuytUggnARTc37+RJosRjUTcv22waTOOkYNZh87Gs
RKmckeFrE+tiwQ+wbmbx020pvUy4avEJ6p9GC3rjuB4aSEsTJm8HBHj1lU2Xc43j
K/tBvfYBohWlY79ogYYTlrnCT3d/t9VSw9EDRkBvhAc17KuPe/s/xNfKy1AJe3O0
HyH99RMNmRVkHv/3wLyLgedUO9yfxa6eUG12+8/HhqcMKXfaqsw4HRpzlCXiLQRN
1jeAD7dctcmYM8dE+2rRT8tvKiiwzQj3C5j+1APG57hzBXc2n0ma8FZIpM4BLnvx
xyVMXH85RuzUhAuaUWDA3nhCZjls/wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIOx
0qq0ZGdcoQBf6ognEqaqxpsZMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FODYyOThBRUJFOEIxMUVGQTgxRjUxNzE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc7qMA0GCSqGSIb3DQEBCwUA
A4IBAQCcV/tpWrQI0+V3wpyI4JzV19Ym5lxkNztnHodHl6ujtlRvtmKJcjI70hJ6
ksN6F3XJgusYae4mHlonFSSVYb3wH1fy3Yg+HEypw/vyltNDdnLwbnTJflLVLzRu
8/TVv5v3Oxtwem2bKz+PUf9lpFi7em6DmjtQ1u/upzdX/Um18rTIzjzRZGNASOt3
uTBbg21B73+ncHZhcGjaExR6yWnJlvIcd5e+831YIpOQeym3vBcwbBuqHhJNu5fV
ejrdl0TRWoqRthM680x3Wf8sDHeXSrv0+vExjtt8kTEh2Aa8bB+EPxt+Wjnhe8Gx
vA+z7LfLfF5E49auNUyGcpxyeaEJ
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:48:40 2025 by rpki-client