Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0F87A27E9DA011EFB798A98D762E951A.roa
File: 0F87A27E9DA011EFB798A98D762E951A.roa (raw, json)
Hash identifier: sPZhNvDJz+MRbtYuQGMEbiuQOEW8LyNcljWug3cWNSM=
Subject key identifier: 0C:A8:06:8D:B8:42:C2:6C:76:52:5E:EE:A7:23:A4:1F:D1:E4:84:ED
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D014
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0F87A27E9DA011EFB798A98D762E951A.roa
Signing time: Fri 08 Nov 2024 07:07:05 +0000
ROA not before: Fri 08 Nov 2024 07:07:02 +0000
ROA not after: Thu 12 Dec 2024 07:07:02 +0000
asID: 398823
IP address blocks: 45.202.224.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 53268 (0xd014)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 8 07:07:02 2024 GMT
Not After : Dec 12 07:07:02 2024 GMT
Subject: CN=672db899-85c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:d3:4d:57:3e:89:68:14:59:5e:6a:61:24:4d:
63:9f:31:6f:11:3a:f8:03:53:77:e1:1a:92:47:5c:
bd:ad:18:aa:a0:0d:a1:8d:10:0e:28:66:71:4e:40:
17:21:19:2c:13:4f:4a:d5:70:4a:14:01:8f:bd:ff:
ca:db:3f:9c:bf:92:49:d0:57:f2:f9:f9:58:f8:d1:
78:b8:23:83:12:f9:da:c3:29:ba:53:28:6e:3a:a5:
26:a6:bc:81:fc:6d:b6:27:e4:53:75:ab:02:3f:39:
23:f0:f5:d6:bb:3f:16:9d:21:9a:8d:f3:fc:19:7e:
29:db:d7:bb:74:ff:66:26:c6:72:47:63:97:71:f7:
b8:dd:0b:4d:8f:80:a9:76:4f:38:c0:2f:d4:c6:47:
28:40:b3:20:ac:ae:3f:64:5a:49:5a:ff:f9:1c:10:
ae:fc:99:02:45:17:bb:af:65:a2:07:a5:3d:71:ef:
f5:df:7c:08:03:1c:6c:d5:9a:68:c0:69:50:e0:f1:
40:75:d6:51:c2:29:1a:6b:39:27:b9:2a:7b:25:9d:
a8:3e:c1:05:c2:75:c3:7c:49:eb:60:dc:e9:43:8a:
b2:8e:59:97:29:87:7b:b1:af:36:82:c6:86:d8:30:
2e:cd:e8:69:44:59:79:c0:ae:0c:14:78:3b:55:3c:
4e:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:A8:06:8D:B8:42:C2:6C:76:52:5E:EE:A7:23:A4:1F:D1:E4:84:ED
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0F87A27E9DA011EFB798A98D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.202.224.0/19
Signature Algorithm: sha256WithRSAEncryption
17:d4:51:4a:6e:f0:c2:52:61:30:d4:2f:ae:0e:24:cc:86:b0:
d6:7f:b6:f2:a4:e6:f1:a8:48:93:81:9a:cb:28:21:87:74:a4:
c5:d0:b3:93:51:d8:d3:7b:f9:47:ec:d9:0d:2b:f1:94:2e:66:
24:84:3e:1c:78:24:58:58:39:e1:d5:49:23:0a:8b:11:18:7b:
6b:1e:45:e9:d8:9e:a8:36:ea:0d:f0:da:39:21:87:ae:68:3a:
36:01:c5:1a:91:23:14:60:48:92:d1:4f:f5:27:5a:e8:8d:ef:
69:95:6e:e3:7b:c0:0e:ea:e7:6f:76:91:24:77:d7:2a:fd:61:
45:ff:e1:a1:9b:73:09:0d:89:c0:2b:99:d7:6d:98:35:bd:8a:
35:11:eb:67:82:e2:74:ad:a8:89:3b:1b:90:6d:02:74:7b:49:
c0:a3:17:9f:ce:4f:d2:ff:bd:f3:cc:6b:7f:3f:66:11:ea:45:
92:50:dd:b9:e1:8f:fc:5f:07:bf:dc:4c:e7:dd:f0:92:ee:d2:
b6:53:4f:30:1c:ce:4a:0e:e3:26:9c:bf:39:1f:ea:8f:a7:d0:
cf:96:5f:18:61:79:4f:40:98:eb:2f:bd:4a:b3:5f:d2:e5:3f:
6f:df:16:81:27:cf:d4:fa:aa:5a:17:7a:f5:17:d2:2c:9c:0d:
00:4d:0a:4e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANAUMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTA4MDcwNzAyWhcNMjQxMjEyMDcwNzAyWjAYMRYw
FAYDVQQDEw02NzJkYjg5OS04NWMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvNNNVz6JaBRZXmphJE1jnzFvETr4A1N34RqSR1y9rRiqoA2hjRAOKGZx
TkAXIRksE09K1XBKFAGPvf/K2z+cv5JJ0Ffy+flY+NF4uCODEvnawym6UyhuOqUm
pryB/G22J+RTdasCPzkj8PXWuz8WnSGajfP8GX4p29e7dP9mJsZyR2OXcfe43QtN
j4Cpdk84wC/UxkcoQLMgrK4/ZFpJWv/5HBCu/JkCRRe7r2WiB6U9ce/133wIAxxs
1ZpowGlQ4PFAddZRwikaazknuSp7JZ2oPsEFwnXDfEnrYNzpQ4qyjlmXKYd7sa82
gsaG2DAuzehpRFl5wK4MFHg7VTxO5wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAyo
Bo24QsJsdlJe7qcjpB/R5ITtMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wRjg3QTI3RTlEQTAxMUVGQjc5OEE5OEQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFLcrgMA0GCSqGSIb3DQEBCwUA
A4IBAQAX1FFKbvDCUmEw1C+uDiTMhrDWf7bypObxqEiTgZrLKCGHdKTF0LOTUdjT
e/lH7NkNK/GULmYkhD4ceCRYWDnh1UkjCosRGHtrHkXp2J6oNuoN8No5IYeuaDo2
AcUakSMUYEiS0U/1J1roje9plW7je8AO6udvdpEkd9cq/WFF/+Ghm3MJDYnAK5nX
bZg1vYo1EetnguJ0raiJOxuQbQJ0e0nAoxefzk/S/73zzGt/P2YR6kWSUN254Y/8
Xwe/3Ezn3fCS7tK2U08wHM5KDuMmnL85H+qPp9DPll8YYXlPQJjrL71Ks1/S5T9v
3xaBJ8/U+qpaF3r1F9IsnA0ATQpO
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:20 2024 by rpki-client on console-ams.rpki-client.org