Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BAEEA858F8BC11EE9B34B32D017001B1.roa
File: BAEEA858F8BC11EE9B34B32D017001B1.roa (raw, json)
Hash identifier: PfIeA6QyGTJZV1IE06Yq/7ABxMWAJkbw1RDlImpW1Ok=
Subject key identifier: F8:0E:BD:06:1A:D5:13:A1:63:FF:86:BC:85:A2:AC:DE:BC:01:E7:34
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 8257
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BAEEA858F8BC11EE9B34B32D017001B1.roa
Signing time: Fri 12 Apr 2024 11:06:37 +0000
ROA not before: Fri 12 Apr 2024 11:06:34 +0000
ROA not after: Wed 15 May 2024 11:06:34 +0000
asID: 23470
IP address blocks: 45.207.171.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 04 May 2024 00:16:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 33367 (0x8257)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 12 11:06:34 2024 GMT
Not After : May 15 11:06:34 2024 GMT
Subject: CN=661915bd-042f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:f7:d3:4d:01:14:19:5b:6d:2e:17:ce:16:a1:
8d:03:35:46:63:38:48:75:be:22:98:dc:fa:65:05:
66:c0:8b:6e:8a:9e:ac:4c:be:bd:0b:ff:bf:29:32:
80:86:95:01:b8:0a:2d:65:db:66:71:31:20:67:b5:
05:44:bd:92:5a:63:75:6d:a7:6e:97:69:78:ae:d7:
72:ad:48:6a:08:09:f8:97:45:c2:2c:a5:19:a9:38:
69:68:0e:e6:76:35:22:1f:92:65:1a:ee:28:60:97:
89:76:7a:95:8d:41:93:3f:ae:e8:f8:31:c8:e5:6a:
9d:2c:1e:d2:57:db:dc:b9:ad:db:6d:9d:37:02:2f:
0f:c3:7c:e4:f7:1b:fc:bf:3f:1c:24:82:9e:eb:97:
0f:76:2f:25:f8:f2:e4:36:62:89:dd:14:1e:28:44:
e7:31:43:06:36:cc:24:04:72:ac:44:84:75:96:fe:
b3:f9:99:40:ce:65:9e:e6:cd:13:60:07:60:43:99:
4f:c9:42:ef:e2:27:05:ab:b3:ca:cf:49:47:cb:48:
6f:c5:9d:05:56:39:58:85:e0:7d:61:68:f8:83:16:
8c:d7:f4:c7:3b:53:cf:ba:57:08:1a:18:63:d2:de:
d4:b9:33:49:28:9e:59:1e:fd:24:bb:19:5e:9e:ed:
73:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:0E:BD:06:1A:D5:13:A1:63:FF:86:BC:85:A2:AC:DE:BC:01:E7:34
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BAEEA858F8BC11EE9B34B32D017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.207.171.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:1a:5b:34:24:13:2f:60:09:bd:eb:7f:47:02:b2:a9:84:9e:
3b:55:5a:ac:b6:b7:11:7e:c0:d7:e6:e1:12:19:11:b8:26:33:
38:3c:79:ce:1c:76:31:2d:a6:fa:da:d3:e1:ec:5e:3b:89:45:
25:65:69:23:57:df:ee:eb:1b:4e:7d:69:ae:9f:a2:64:de:f2:
88:f7:95:e5:eb:c4:4a:3b:61:e8:47:6a:e2:6f:d0:8c:15:72:
2f:1f:7f:4e:64:e3:e9:45:8c:26:ee:d4:2b:d2:18:95:c9:35:
49:f5:5e:84:22:dc:93:3d:eb:68:4f:9c:0a:76:f1:06:48:77:
24:53:14:4d:c6:cf:d5:b9:b6:0d:78:5c:11:17:14:ee:b6:8c:
82:b6:62:cb:67:c1:8b:7b:08:78:5c:ec:cc:24:5e:92:77:52:
a0:5b:8b:c0:4f:a0:17:e7:11:8a:9d:96:78:fb:d5:2e:15:b1:
48:16:1e:88:a8:45:36:8b:db:63:af:f6:e6:54:5e:b5:94:1c:
00:ad:9c:a5:32:0d:bf:32:a1:a6:e3:7d:41:30:19:40:87:c4:
8a:65:b6:6b:a1:04:b7:9e:8c:0b:19:fc:52:e7:41:4c:f0:a3:
01:39:a2:32:15:34:dd:b2:61:30:bc:85:40:b9:b7:a7:d6:fe:
36:c3:f9:e8
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAIJXMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNDEyMTEwNjM0WhcNMjQwNTE1MTEwNjM0WjAYMRYw
FAYDVQQDEw02NjE5MTViZC0wNDJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv/fTTQEUGVttLhfOFqGNAzVGYzhIdb4imNz6ZQVmwItuip6sTL69C/+/
KTKAhpUBuAotZdtmcTEgZ7UFRL2SWmN1badul2l4rtdyrUhqCAn4l0XCLKUZqThp
aA7mdjUiH5JlGu4oYJeJdnqVjUGTP67o+DHI5WqdLB7SV9vcua3bbZ03Ai8Pw3zk
9xv8vz8cJIKe65cPdi8l+PLkNmKJ3RQeKETnMUMGNswkBHKsRIR1lv6z+ZlAzmWe
5s0TYAdgQ5lPyULv4icFq7PKz0lHy0hvxZ0FVjlYheB9YWj4gxaM1/THO1PPulcI
Ghhj0t7UuTNJKJ5ZHv0kuxlenu1zLwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPgO
vQYa1ROhY/+GvIWirN68Aec0MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CQUVFQTg1OEY4QkMxMUVFOUIzNEIzMkQwMTcwMDFCMS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc+rMA0GCSqGSIb3DQEBCwUA
A4IBAQC1Gls0JBMvYAm9639HArKphJ47VVqstrcRfsDX5uESGRG4JjM4PHnOHHYx
Lab62tPh7F47iUUlZWkjV9/u6xtOfWmun6Jk3vKI95Xl68RKO2HoR2rib9CMFXIv
H39OZOPpRYwm7tQr0hiVyTVJ9V6EItyTPetoT5wKdvEGSHckUxRNxs/VubYNeFwR
FxTutoyCtmLLZ8GLewh4XOzMJF6Sd1KgW4vAT6AX5xGKnZZ4+9UuFbFIFh6IqEU2
i9tjr/bmVF61lBwArZylMg2/MqGm431BMBlAh8SKZbZroQS3nowLGfxS50FM8KMB
OaIyFTTdsmEwvIVAuben1v42w/no
-----END CERTIFICATE-----
Generated at Thu May 2 03:12:45 2024 by rpki-client on console-ams.rpki-client.org