Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F910E5B0BE7311EF94965F4C762E951A.roa
File: F910E5B0BE7311EF94965F4C762E951A.roa (raw, json)
Hash identifier: Ec7xXMJVOCb6qw1adbnNftXp9YImCTmLeTJeJuS17II=
Subject key identifier: 69:3F:A3:3F:0D:A7:8C:36:0E:9F:0B:ED:C6:72:12:F3:59:C3:48:93
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E60E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F910E5B0BE7311EF94965F4C762E951A.roa
Signing time: Fri 20 Dec 2024 01:44:38 +0000
ROA not before: Fri 20 Dec 2024 01:44:34 +0000
ROA not after: Wed 10 Dec 2025 01:44:34 +0000
asID: 984
IP address blocks: 45.206.134.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58894 (0xe60e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 20 01:44:34 2024 GMT
Not After : Dec 10 01:44:34 2025 GMT
Subject: CN=6764cc06-ca72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:d5:58:68:f1:74:91:ea:78:01:44:e1:bd:52:
e9:a0:fc:42:f3:16:36:a0:29:4e:42:12:28:e5:97:
91:4d:8b:2c:61:c6:86:53:0d:dd:57:14:21:c9:5f:
57:c0:7c:52:6e:40:36:6d:1a:2b:e4:15:93:f9:40:
23:7d:d5:96:bb:b3:94:0e:19:aa:2b:17:70:c2:a2:
3d:9f:45:11:6e:17:4e:22:38:98:94:95:ed:38:12:
80:bf:15:f2:9f:15:12:0a:17:d5:e1:00:e3:ec:4d:
2e:be:d7:7a:61:ea:2a:03:a5:14:6f:66:e5:2b:a0:
9b:47:15:1a:51:10:09:79:d4:c7:ec:55:c2:b3:2d:
2a:3e:94:54:53:51:ec:02:98:72:54:f3:9d:ca:fc:
3c:41:e7:2e:3c:80:91:8b:84:d6:09:0c:97:7c:04:
d9:13:1a:0a:4d:a9:3b:c8:88:e8:81:b0:15:90:d9:
14:30:65:be:6b:3a:fa:d4:01:00:d4:f7:90:08:95:
ac:ba:f6:e7:e9:8e:db:f5:8d:73:33:ba:c1:50:64:
95:75:ae:04:9d:06:c8:ca:1b:df:75:86:13:2c:2d:
4e:e3:e1:1d:d4:6b:c9:c9:42:a4:51:f8:d8:de:65:
71:58:74:21:c0:eb:20:ea:38:c2:43:42:bd:c7:e0:
92:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:3F:A3:3F:0D:A7:8C:36:0E:9F:0B:ED:C6:72:12:F3:59:C3:48:93
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F910E5B0BE7311EF94965F4C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.206.134.0/24
Signature Algorithm: sha256WithRSAEncryption
19:bc:3d:04:b4:72:47:52:03:2d:75:17:aa:27:bf:f3:0f:4f:
07:b5:74:14:b9:6a:e6:83:a4:28:a5:4f:f1:a0:a9:1c:23:aa:
50:52:70:3d:92:0e:96:0c:e1:5b:fa:56:99:25:a1:ae:06:c9:
d7:0d:9e:80:22:f9:2a:2c:f5:66:be:f6:c1:e5:09:90:d7:d3:
e6:22:ff:66:ac:af:1b:d8:63:76:7d:41:04:88:e9:a9:8f:44:
65:21:8b:15:1a:17:7d:2f:11:30:43:1e:a7:0c:06:e2:96:65:
cc:6e:7f:34:20:72:e0:62:50:65:87:05:ed:1a:23:23:e1:92:
82:3e:6d:48:11:b4:b2:13:c0:f8:1d:f0:af:41:3d:87:8c:3d:
09:89:da:8a:4f:8c:51:be:70:09:00:ed:bf:ed:59:3b:ba:1f:
97:97:c1:42:6a:f0:3a:82:d1:0f:91:93:2e:b1:c6:2f:66:23:
5c:38:ec:7a:fa:27:aa:15:d7:03:77:1e:8e:53:20:01:0b:f0:
ed:11:d9:8e:2c:af:37:9e:0d:01:e9:29:8f:a4:4a:03:6c:4d:
17:7b:fe:f0:e6:9d:4f:20:01:fc:ac:65:e1:62:e9:d1:42:8a:
fa:0d:ea:85:f8:23:44:c0:a1:6f:aa:67:98:c3:40:d1:56:ea:
3d:bf:a9:b6
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOYOMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjIwMDE0NDM0WhcNMjUxMjEwMDE0NDM0WjAYMRYw
FAYDVQQDEw02NzY0Y2MwNi1jYTcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv9VYaPF0kep4AUThvVLpoPxC8xY2oClOQhIo5ZeRTYssYcaGUw3dVxQh
yV9XwHxSbkA2bRor5BWT+UAjfdWWu7OUDhmqKxdwwqI9n0URbhdOIjiYlJXtOBKA
vxXynxUSChfV4QDj7E0uvtd6YeoqA6UUb2blK6CbRxUaURAJedTH7FXCsy0qPpRU
U1HsAphyVPOdyvw8QecuPICRi4TWCQyXfATZExoKTak7yIjogbAVkNkUMGW+azr6
1AEA1PeQCJWsuvbn6Y7b9Y1zM7rBUGSVda4EnQbIyhvfdYYTLC1O4+Ed1GvJyUKk
UfjY3mVxWHQhwOsg6jjCQ0K9x+CSWQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGk/
oz8Np4w2Dp8L7cZyEvNZw0iTMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GOTEwRTVCMEJFNzMxMUVGOTQ5NjVGNEM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc6GMA0GCSqGSIb3DQEBCwUA
A4IBAQAZvD0EtHJHUgMtdReqJ7/zD08HtXQUuWrmg6QopU/xoKkcI6pQUnA9kg6W
DOFb+laZJaGuBsnXDZ6AIvkqLPVmvvbB5QmQ19PmIv9mrK8b2GN2fUEEiOmpj0Rl
IYsVGhd9LxEwQx6nDAbilmXMbn80IHLgYlBlhwXtGiMj4ZKCPm1IEbSyE8D4HfCv
QT2HjD0JidqKT4xRvnAJAO2/7Vk7uh+Xl8FCavA6gtEPkZMuscYvZiNcOOx6+ieq
FdcDdx6OUyABC/DtEdmOLK83ng0B6SmPpEoDbE0Xe/7w5p1PIAH8rGXhYunRQor6
DeqF+CNEwKFvqmeYw0DRVuo9v6m2
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:55:32 2025 by rpki-client