Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E9104F2CBE8511EFB8BCC44C762E951A.roa
File: E9104F2CBE8511EFB8BCC44C762E951A.roa (raw, json)
Hash identifier: 7UdHEW0Q68lJ2IFpBwj/DCFt821craBt+ywfaxD39VA=
Subject key identifier: 8F:CA:2E:DB:D7:45:8D:82:4E:49:1D:59:EC:06:37:3A:A2:86:63:18
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E686
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E9104F2CBE8511EFB8BCC44C762E951A.roa
Signing time: Fri 20 Dec 2024 03:53:02 +0000
ROA not before: Fri 20 Dec 2024 03:52:59 +0000
ROA not after: Wed 10 Dec 2025 03:52:59 +0000
asID: 984
IP address blocks: 45.206.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59014 (0xe686)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 20 03:52:59 2024 GMT
Not After : Dec 10 03:52:59 2025 GMT
Subject: CN=6764ea1e-62f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:bd:24:3f:58:e4:7f:5a:79:8c:41:79:d1:a3:
82:4c:20:a7:c4:54:f4:91:cc:72:10:3e:40:e5:3c:
11:60:65:26:1c:0f:0f:db:95:2f:75:2f:a5:f8:b4:
99:e6:38:2e:7c:3a:7b:68:ff:69:08:11:cf:07:38:
d3:39:8f:ec:da:83:cd:5f:71:e0:e9:4e:0c:f5:5e:
aa:16:b9:4a:1c:5e:db:e0:70:4f:d3:34:b2:82:48:
71:9b:56:23:13:29:94:05:00:37:0b:58:0b:25:68:
f0:9f:68:52:5d:78:b5:0d:4c:f5:17:01:74:5e:6d:
b5:7a:41:7f:99:c3:67:28:78:25:b0:0d:11:20:98:
b4:1c:49:b2:1b:d6:a8:ef:ea:db:1e:1e:77:9f:c9:
73:b6:de:fa:9c:89:3d:65:85:5a:59:73:60:d9:6d:
1e:db:bf:d8:2f:76:8e:1f:ba:63:d9:6b:f9:f2:d9:
b3:f5:a6:c3:fb:e5:8b:d7:8c:18:e6:6c:ef:10:4f:
2d:7f:c8:18:cf:5a:bc:79:a1:68:78:4a:c8:41:24:
a9:6c:ed:11:49:aa:2d:35:17:4a:95:dd:da:1a:88:
db:cb:2b:63:15:b1:7f:c5:56:3b:fc:f9:c0:e4:12:
ff:d0:67:85:7c:f8:54:7a:74:a5:9f:63:e1:ec:62:
87:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:CA:2E:DB:D7:45:8D:82:4E:49:1D:59:EC:06:37:3A:A2:86:63:18
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E9104F2CBE8511EFB8BCC44C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.206.198.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:10:84:7f:25:c6:e9:87:07:0b:48:b9:5a:69:70:64:d1:bc:
c6:9b:7f:52:31:18:7a:6a:b1:7d:ea:c0:36:80:b6:1c:49:1f:
68:d4:e4:9d:e9:03:70:e6:d8:6d:41:ec:e6:6f:d2:1f:55:a3:
44:bc:f2:a9:79:46:2f:ad:81:ad:7a:05:9e:84:9f:13:3b:c2:
7c:77:0e:45:d7:8c:be:b0:10:1d:f0:06:22:93:04:c8:17:33:
1c:16:ec:a5:69:53:93:82:65:1c:50:00:39:3b:6b:78:57:bb:
32:17:eb:3f:e6:64:7c:d2:2d:9d:46:e4:84:be:b1:3e:ad:c4:
21:04:4a:36:ab:13:59:c6:80:9f:79:0b:09:4a:1f:f2:16:c3:
ab:e4:10:53:89:76:3d:c2:b5:5a:fd:f2:fb:c7:b3:a1:0a:f1:
91:4e:23:75:e9:b0:6f:44:59:d0:25:c2:09:22:35:c9:7c:3c:
d1:cf:da:fc:7c:38:e8:11:ec:cd:6f:8f:91:3d:72:31:e3:28:
37:fa:af:94:1d:33:3f:dc:0e:34:d7:b2:58:ec:53:7c:f3:f3:
ad:01:64:1a:ee:16:cd:3a:69:fe:3b:05:6a:2b:d7:4a:51:3d:
c8:fd:ea:d5:ef:98:cb:d2:06:64:f8:49:5a:65:0d:0c:6a:2d:
ad:f9:d3:ad
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOaGMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjIwMDM1MjU5WhcNMjUxMjEwMDM1MjU5WjAYMRYw
FAYDVQQDEw02NzY0ZWExZS02MmY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnb0kP1jkf1p5jEF50aOCTCCnxFT0kcxyED5A5TwRYGUmHA8P25UvdS+l
+LSZ5jgufDp7aP9pCBHPBzjTOY/s2oPNX3Hg6U4M9V6qFrlKHF7b4HBP0zSygkhx
m1YjEymUBQA3C1gLJWjwn2hSXXi1DUz1FwF0Xm21ekF/mcNnKHglsA0RIJi0HEmy
G9ao7+rbHh53n8lztt76nIk9ZYVaWXNg2W0e27/YL3aOH7pj2Wv58tmz9abD++WL
14wY5mzvEE8tf8gYz1q8eaFoeErIQSSpbO0RSaotNRdKld3aGojbyytjFbF/xVY7
/PnA5BL/0GeFfPhUenSln2Ph7GKHTwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFI/K
LtvXRY2CTkkdWewGNzqihmMYMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FOTEwNEYyQ0JFODUxMUVGQjhCQ0M0NEM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc7GMA0GCSqGSIb3DQEBCwUA
A4IBAQCdEIR/JcbphwcLSLlaaXBk0bzGm39SMRh6arF96sA2gLYcSR9o1OSd6QNw
5thtQezmb9IfVaNEvPKpeUYvrYGtegWehJ8TO8J8dw5F14y+sBAd8AYikwTIFzMc
FuylaVOTgmUcUAA5O2t4V7syF+s/5mR80i2dRuSEvrE+rcQhBEo2qxNZxoCfeQsJ
Sh/yFsOr5BBTiXY9wrVa/fL7x7OhCvGRTiN16bBvRFnQJcIJIjXJfDzRz9r8fDjo
EezNb4+RPXIx4yg3+q+UHTM/3A4017JY7FN88/OtAWQa7hbNOmn+OwVqK9dKUT3I
/erV75jL0gZk+ElaZQ0Mai2t+dOt
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:01:18 2025 by rpki-client