Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1CA423F0A74711EFBB8C7568762E951A.roa
File: 1CA423F0A74711EFBB8C7568762E951A.roa (raw, json)
Hash identifier: ZFJbRqP7oytQF7yTs13KbpKbE8fgcak3lDE3N6GQB2A=
Subject key identifier: 39:2E:CF:6E:95:1E:6B:03:F5:16:6A:4A:C5:BF:BD:ED:68:22:44:BC
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D67E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1CA423F0A74711EFBB8C7568762E951A.roa
Signing time: Wed 20 Nov 2024 13:55:34 +0000
ROA not before: Wed 20 Nov 2024 13:55:30 +0000
ROA not after: Sat 30 Nov 2024 13:55:30 +0000
asID: 44559
IP address blocks: 45.199.210.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 54910 (0xd67e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 20 13:55:30 2024 GMT
Not After : Nov 30 13:55:30 2024 GMT
Subject: CN=673dea56-4d16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:b7:95:cf:28:a5:ff:c5:84:b7:50:e4:85:54:
c9:e6:3d:fb:fb:bc:18:ac:aa:fb:ec:1d:a0:9c:87:
a4:17:93:d8:42:b3:c0:1d:9a:20:c6:9e:28:51:df:
ef:3e:e0:b5:fe:8d:9f:a3:72:71:e0:fe:77:b1:c8:
a8:f1:b9:80:40:c2:21:23:28:50:5b:91:9d:d7:7d:
f4:5c:e4:26:9b:25:27:48:a6:c5:62:e4:6d:fb:ba:
ac:58:cb:38:4c:30:82:1e:50:d4:5c:47:9d:76:01:
d6:9f:5e:3e:5e:01:20:30:af:3f:bc:c6:97:1e:2f:
c3:87:8b:3f:5e:64:d0:d5:fe:ef:f5:79:8f:bc:44:
70:a1:42:23:05:c6:77:6f:da:1a:dd:76:2b:37:bd:
77:0e:1e:e6:de:96:d3:e8:36:b2:82:9d:41:ad:44:
c7:22:76:7c:cd:72:2e:4d:76:9e:21:40:f5:02:92:
f8:9d:1f:8a:a8:fb:5a:9e:39:04:8b:d0:7a:33:4e:
27:3a:d3:19:88:90:b0:77:2b:2a:e8:ff:64:8f:24:
bd:94:82:bc:00:ec:f5:15:b8:c9:28:2c:be:a9:d6:
a1:86:ef:a9:ba:c2:37:ad:77:f0:31:82:af:69:11:
ab:f0:28:b4:71:1e:21:e6:24:af:9b:ca:5c:ac:97:
c8:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:2E:CF:6E:95:1E:6B:03:F5:16:6A:4A:C5:BF:BD:ED:68:22:44:BC
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1CA423F0A74711EFBB8C7568762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.199.210.0/23
Signature Algorithm: sha256WithRSAEncryption
5b:9c:27:28:d3:5f:0b:3b:2f:76:d0:7b:44:9e:3f:60:12:38:
73:7f:6a:7a:1f:51:59:b3:0f:47:68:d1:eb:d8:e8:f8:6f:6a:
65:75:43:73:d7:5f:82:b5:1c:4b:da:e3:af:78:d2:22:fa:45:
1b:89:da:38:9a:0d:0e:9f:b5:4a:a5:d3:77:51:2c:03:06:4f:
7a:cc:bc:ab:a8:24:68:4a:fb:97:23:fa:d6:5e:22:e3:f1:4b:
1a:1a:72:e1:dc:0e:99:b9:9d:e3:88:56:75:1e:6d:22:6b:2e:
76:4b:c2:c8:11:4b:1f:12:d9:9a:ea:3a:53:81:fd:62:f1:08:
45:65:d5:93:02:e7:22:dd:6b:b9:ea:a9:18:7c:90:98:b8:04:
8c:8a:05:c2:5c:c2:93:2d:43:80:10:97:20:a6:c8:0e:0c:74:
6b:07:5e:bd:1d:a8:46:20:85:59:ac:86:a1:bb:2b:dc:a6:bb:
5b:ac:08:03:35:49:0a:18:75:88:be:e9:cf:e4:57:3e:90:cf:
ca:5b:83:3c:b9:49:b8:24:f9:db:da:d2:eb:70:34:0e:66:26:
31:ee:40:04:2f:4f:e8:ad:2d:d6:07:8c:38:45:94:f3:5e:05:
ae:55:02:bd:26:41:85:03:60:34:99:8d:58:79:b5:de:87:95:
48:6f:a5:97
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANZ+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTIwMTM1NTMwWhcNMjQxMTMwMTM1NTMwWjAYMRYw
FAYDVQQDEw02NzNkZWE1Ni00ZDE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv7eVzyil/8WEt1DkhVTJ5j37+7wYrKr77B2gnIekF5PYQrPAHZogxp4o
Ud/vPuC1/o2fo3Jx4P53scio8bmAQMIhIyhQW5Gd1330XOQmmyUnSKbFYuRt+7qs
WMs4TDCCHlDUXEeddgHWn14+XgEgMK8/vMaXHi/Dh4s/XmTQ1f7v9XmPvERwoUIj
BcZ3b9oa3XYrN713Dh7m3pbT6Daygp1BrUTHInZ8zXIuTXaeIUD1ApL4nR+KqPta
njkEi9B6M04nOtMZiJCwdysq6P9kjyS9lIK8AOz1FbjJKCy+qdahhu+pusI3rXfw
MYKvaRGr8Ci0cR4h5iSvm8pcrJfIQQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDku
z26VHmsD9RZqSsW/ve1oIkS8MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xQ0E0MjNGMEE3NDcxMUVGQkI4Qzc1Njg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLcfSMA0GCSqGSIb3DQEBCwUA
A4IBAQBbnCco018LOy920HtEnj9gEjhzf2p6H1FZsw9HaNHr2Oj4b2pldUNz11+C
tRxL2uOveNIi+kUbido4mg0On7VKpdN3USwDBk96zLyrqCRoSvuXI/rWXiLj8Usa
GnLh3A6ZuZ3jiFZ1Hm0iay52S8LIEUsfEtma6jpTgf1i8QhFZdWTAuci3Wu56qkY
fJCYuASMigXCXMKTLUOAEJcgpsgODHRrB169HahGIIVZrIahuyvcprtbrAgDNUkK
GHWIvunP5Fc+kM/KW4M8uUm4JPnb2tLrcDQOZiYx7kAEL0/orS3WB4w4RZTzXgWu
VQK9JkGFA2A0mY1YebXeh5VIb6WX
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:22 2024 by rpki-client on console-ams.rpki-client.org