Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1371D5BC735211EF979FB14B762E951A.roa
File: 1371D5BC735211EF979FB14B762E951A.roa (raw, json)
Hash identifier: WDUIyJg3QjOR33mL19/o9nqFL0o9SI1SBRQImolCG8g=
Subject key identifier: DC:85:4C:AC:B0:75:4B:66:61:32:4D:58:1A:F1:DE:1D:28:9C:27:1E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: B670
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1371D5BC735211EF979FB14B762E951A.roa
Signing time: Sun 15 Sep 2024 11:03:02 +0000
ROA not before: Sun 15 Sep 2024 11:02:59 +0000
ROA not after: Fri 08 Aug 2025 11:02:59 +0000
asID: 133199
IP address blocks: 45.207.48.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46704 (0xb670)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 15 11:02:59 2024 GMT
Not After : Aug 8 11:02:59 2025 GMT
Subject: CN=66e6bee6-c2d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:38:46:cb:e3:89:3c:14:4d:af:ee:ae:bf:de:
81:f9:ea:0d:48:04:11:2d:28:cb:b9:be:d8:d6:6c:
d0:bb:27:6a:b7:8e:25:4a:27:0d:2a:1b:0d:36:a2:
78:57:7f:a4:10:eb:dd:2e:40:83:36:b9:18:14:88:
92:d8:ec:3b:3d:42:86:e6:31:f9:bb:f6:fd:61:81:
3b:fe:96:0d:3e:a9:ac:33:2c:b7:72:1b:14:93:87:
fc:05:b9:36:42:40:5c:bd:68:11:f7:00:b6:d1:8b:
18:dd:cf:f8:20:de:70:43:d9:60:14:11:5d:e4:8b:
d7:6e:ae:76:18:bb:90:cc:a6:80:2b:33:f7:bc:84:
01:37:e8:28:ce:72:26:10:c8:cb:48:2b:a5:21:01:
73:40:a6:de:73:49:34:da:dd:d2:06:0a:29:b4:d9:
1f:09:ba:56:b7:48:5f:38:31:eb:6a:ea:b8:48:a0:
4a:64:99:6c:cf:99:4b:34:57:6e:8d:14:75:e9:53:
f1:ca:fc:53:ea:a0:74:df:a0:97:6c:b3:e5:97:ec:
e2:b3:b4:de:ad:30:7b:8c:62:a5:fd:8f:5c:c6:68:
58:95:a8:ef:a3:9a:01:7e:39:32:2b:1d:b7:95:b8:
ee:07:0a:04:bd:8f:5a:21:9f:8e:27:60:fa:ca:2e:
0e:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:85:4C:AC:B0:75:4B:66:61:32:4D:58:1A:F1:DE:1D:28:9C:27:1E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1371D5BC735211EF979FB14B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.207.48.0/21
Signature Algorithm: sha256WithRSAEncryption
9c:d5:28:fc:b5:a1:35:4e:ae:64:d9:d2:94:e2:eb:f7:81:b5:
0f:ac:1a:64:ac:a7:82:8c:b1:a7:82:90:d4:73:ba:c7:15:d5:
2c:87:de:f8:0b:1d:f1:59:9c:84:f0:0a:ad:ef:94:8f:b9:5b:
8b:db:16:a3:7e:b7:f1:a5:70:41:85:52:c4:d6:5a:82:2f:38:
ea:68:12:52:bf:c0:f8:02:e4:af:03:c0:69:ee:f6:f5:ee:67:
84:8e:4f:7b:01:17:08:32:44:83:c8:e1:a6:36:23:15:0e:09:
78:cc:18:b8:37:b5:2e:b4:62:32:72:3c:4d:9b:ae:1a:54:d1:
9e:c5:6e:fd:a3:21:a4:a3:e4:23:78:b1:fb:ae:5a:a7:5c:3f:
2f:3f:f4:d6:77:de:32:be:38:23:d4:eb:67:90:1c:34:52:11:
39:db:eb:57:d2:76:7d:95:4a:7a:12:c9:da:8a:02:2a:3c:76:
5b:b3:1e:8b:ee:88:e7:ea:9e:ae:e7:52:24:ee:62:0d:c1:0e:
bd:e4:fb:df:65:63:b3:e1:d7:da:28:e3:5c:6e:ec:2d:c3:fd:
be:b6:a8:8c:3a:52:c8:08:6f:5b:c0:61:64:69:dc:6d:e2:ff:
5a:38:a4:95:64:8d:2f:47:b6:92:30:6c:68:b7:f0:03:e2:6d:
1b:f5:04:88
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDALZwMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwOTE1MTEwMjU5WhcNMjUwODA4MTEwMjU5WjAYMRYw
FAYDVQQDEw02NmU2YmVlNi1jMmQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzzhGy+OJPBRNr+6uv96B+eoNSAQRLSjLub7Y1mzQuydqt44lSicNKhsN
NqJ4V3+kEOvdLkCDNrkYFIiS2Ow7PUKG5jH5u/b9YYE7/pYNPqmsMyy3chsUk4f8
Bbk2QkBcvWgR9wC20YsY3c/4IN5wQ9lgFBFd5IvXbq52GLuQzKaAKzP3vIQBN+go
znImEMjLSCulIQFzQKbec0k02t3SBgoptNkfCbpWt0hfODHrauq4SKBKZJlsz5lL
NFdujRR16VPxyvxT6qB036CXbLPll+zis7TerTB7jGKl/Y9cxmhYlajvo5oBfjky
Kx23lbjuBwoEvY9aIZ+OJ2D6yi4OnwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNyF
TKywdUtmYTJNWBrx3h0onCceMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xMzcxRDVCQzczNTIxMUVGOTc5RkIxNEI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDLc8wMA0GCSqGSIb3DQEBCwUA
A4IBAQCc1Sj8taE1Tq5k2dKU4uv3gbUPrBpkrKeCjLGngpDUc7rHFdUsh974Cx3x
WZyE8Aqt75SPuVuL2xajfrfxpXBBhVLE1lqCLzjqaBJSv8D4AuSvA8Bp7vb17meE
jk97ARcIMkSDyOGmNiMVDgl4zBi4N7UutGIycjxNm64aVNGexW79oyGko+QjeLH7
rlqnXD8vP/TWd94yvjgj1OtnkBw0UhE52+tX0nZ9lUp6EsnaigIqPHZbsx6L7ojn
6p6u51Ik7mINwQ695PvfZWOz4dfaKONcbuwtw/2+tqiMOlLICG9bwGFkadxt4v9a
OKSVZI0vR7aSMGxot/AD4m0b9QSI
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:19 2024 by rpki-client on console-fra.rpki-client.org