Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/01A59F92952D11EF81ECB4B8762E951A.roa
File: 01A59F92952D11EF81ECB4B8762E951A.roa (raw, json)
Hash identifier: ZEzMBJVzf3Qc+0/4VeFRYfRxt/EYDj7lcnl4YDkY+k0=
Subject key identifier: CA:89:5E:D3:34:DF:D0:1F:1A:36:14:5D:4B:99:A1:60:3E:A4:03:45
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: C94C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/01A59F92952D11EF81ECB4B8762E951A.roa
Signing time: Mon 28 Oct 2024 13:03:21 +0000
ROA not before: Mon 28 Oct 2024 13:03:17 +0000
ROA not after: Sat 30 Nov 2024 13:03:17 +0000
asID: 203020
IP address blocks: 45.198.40.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 51532 (0xc94c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Oct 28 13:03:17 2024 GMT
Not After : Nov 30 13:03:17 2024 GMT
Subject: CN=671f8b98-4613
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ff:11:13:93:2a:6c:4f:5d:e4:29:9e:1c:85:
95:3b:c5:f7:8b:40:1c:b0:07:8a:d1:de:b8:4c:1c:
f3:5c:2c:29:9a:97:b3:67:18:d4:84:87:17:61:17:
1b:d7:4e:ea:b5:77:d0:ec:59:fd:9b:dd:d1:10:55:
03:a5:c1:d0:eb:c2:37:c6:24:4b:75:5e:91:6f:93:
ae:09:98:1e:d2:cb:02:b5:94:47:0e:07:53:fe:3e:
9f:8c:48:0d:fa:94:68:46:33:1b:e0:de:a1:e0:8e:
78:82:88:4a:f5:ea:ea:90:ef:cd:d4:71:01:c6:94:
0c:d3:b0:88:38:e6:36:59:97:e7:ab:01:7a:fb:91:
8c:1f:97:81:99:4e:a5:b4:0f:c6:78:ac:11:b1:26:
3d:38:fa:05:35:3b:f2:9b:c7:a9:16:f8:c5:5b:b8:
dc:8b:d8:9d:78:c8:1d:b2:f9:7a:77:54:5c:e3:49:
1c:24:cc:b1:e4:d0:cb:54:4f:17:b2:8c:15:7c:93:
82:ea:64:d4:be:7b:da:7c:f3:3a:34:db:b7:dd:67:
21:ff:f6:5b:31:02:52:d5:1d:fa:d7:13:67:0a:b5:
21:3b:b5:1b:21:88:91:bd:43:ab:c2:29:0a:0e:3f:
2c:53:df:ac:78:29:05:39:39:89:32:6d:9e:db:10:
ca:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:89:5E:D3:34:DF:D0:1F:1A:36:14:5D:4B:99:A1:60:3E:A4:03:45
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/01A59F92952D11EF81ECB4B8762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.198.40.0/21
Signature Algorithm: sha256WithRSAEncryption
32:fa:9b:93:2f:1b:dd:b4:1c:7f:58:73:b7:97:57:e8:97:76:
23:e0:ae:f5:b5:58:82:89:8b:b9:ab:72:a4:1a:d2:51:2d:0f:
6a:1e:a3:6f:50:3e:d7:81:41:64:04:18:2a:38:23:7e:e2:1e:
b0:32:ae:11:a2:9f:eb:74:bb:6b:be:46:ff:74:0a:14:66:a2:
93:01:e0:df:ec:bd:bf:0d:0c:5b:57:04:4c:9d:b3:45:72:66:
3b:3b:91:9c:6e:60:eb:7e:d8:3e:be:41:00:83:e4:b1:cd:81:
33:0c:a4:89:9a:8d:fa:ec:4f:a9:bf:d1:ca:e0:d5:b9:8b:78:
71:b9:7a:e6:ea:33:23:50:ce:31:d4:29:d6:56:28:4e:d1:48:
81:22:99:3e:b2:ef:78:65:db:2a:0d:4a:4d:7d:88:6f:95:85:
92:1d:28:fc:b4:df:46:12:22:55:fe:cc:bf:d6:f0:25:27:eb:
e6:0a:dc:4a:ff:65:63:19:e1:a9:8e:87:03:cf:98:7c:47:9c:
2d:bb:86:7e:06:43:32:92:33:fe:52:3e:f3:4e:ec:03:24:68:
fb:0d:6b:7e:f5:19:12:91:d2:61:a9:7d:12:df:41:59:2b:ee:
6c:3d:f8:65:54:32:8c:2d:ee:97:d2:26:54:81:08:97:f9:1a:
fb:27:e1:73
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAMlMMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMDI4MTMwMzE3WhcNMjQxMTMwMTMwMzE3WjAYMRYw
FAYDVQQDEw02NzFmOGI5OC00NjEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvP8RE5MqbE9d5CmeHIWVO8X3i0AcsAeK0d64TBzzXCwpmpezZxjUhIcX
YRcb107qtXfQ7Fn9m93REFUDpcHQ68I3xiRLdV6Rb5OuCZge0ssCtZRHDgdT/j6f
jEgN+pRoRjMb4N6h4I54gohK9erqkO/N1HEBxpQM07CIOOY2WZfnqwF6+5GMH5eB
mU6ltA/GeKwRsSY9OPoFNTvym8epFvjFW7jci9ideMgdsvl6d1Rc40kcJMyx5NDL
VE8XsowVfJOC6mTUvnvafPM6NNu33Wch//ZbMQJS1R361xNnCrUhO7UbIYiRvUOr
wikKDj8sU9+seCkFOTmJMm2e2xDKXwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMqJ
XtM039AfGjYUXUuZoWA+pANFMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wMUE1OUY5Mjk1MkQxMUVGODFFQ0I0Qjg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDLcYoMA0GCSqGSIb3DQEBCwUA
A4IBAQAy+puTLxvdtBx/WHO3l1fol3Yj4K71tViCiYu5q3KkGtJRLQ9qHqNvUD7X
gUFkBBgqOCN+4h6wMq4Rop/rdLtrvkb/dAoUZqKTAeDf7L2/DQxbVwRMnbNFcmY7
O5GcbmDrftg+vkEAg+SxzYEzDKSJmo367E+pv9HK4NW5i3hxuXrm6jMjUM4x1CnW
VihO0UiBIpk+su94ZdsqDUpNfYhvlYWSHSj8tN9GEiJV/sy/1vAlJ+vmCtxK/2Vj
GeGpjocDz5h8R5wtu4Z+BkMykjP+Uj7zTuwDJGj7DWt+9RkSkdJhqX0S30FZK+5s
PfhlVDKMLe6X0iZUgQiX+Rr7J+Fz
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:17 2024 by rpki-client on console-ams.rpki-client.org