Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1D0574B8A44811EF9CE29091762E951A.roa
File: 1D0574B8A44811EF9CE29091762E951A.roa (raw, json)
Hash identifier: 8MbWyaH9qRAH4mRmhW6nnHxKIVee8YUh+ymLk4y1kaw=
Subject key identifier: B8:F5:FF:82:46:3B:FC:99:B9:1A:45:2B:0A:C5:D2:39:D6:D2:0B:2B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D386
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1D0574B8A44811EF9CE29091762E951A.roa
Signing time: Sat 16 Nov 2024 18:25:10 +0000
ROA not before: Sat 16 Nov 2024 18:25:07 +0000
ROA not after: Mon 25 Nov 2024 18:25:07 +0000
asID: 399989
IP address blocks: 45.196.40.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 54150 (0xd386)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 16 18:25:07 2024 GMT
Not After : Nov 25 18:25:07 2024 GMT
Subject: CN=6738e386-9aab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:28:59:93:2c:99:3f:78:d2:7c:af:28:83:dc:
9c:ee:22:f3:ba:9c:1f:9b:f8:9b:cb:f4:f0:62:5e:
d1:c8:e2:8f:15:f8:ae:55:47:25:30:4b:2b:4e:a4:
d7:42:30:a8:df:83:34:ed:de:58:1f:e8:9a:a2:22:
7b:7a:5f:5e:65:5e:b2:f1:ed:87:19:ec:6d:b7:65:
f8:1f:85:bb:bc:7e:c4:e3:85:b0:eb:20:c3:77:41:
47:5d:21:9a:87:61:aa:91:0d:12:f9:a5:5d:77:6b:
9a:f5:2a:0b:6b:52:b7:35:8d:92:90:b6:e0:9a:55:
bc:37:ae:0a:86:c6:11:b5:93:0d:94:68:16:5f:be:
8b:6d:7e:80:1e:e8:9e:8a:89:f8:f2:ea:de:e3:68:
12:e3:bb:c2:91:96:8e:64:e6:c9:5f:c0:d8:84:55:
97:11:10:78:ec:32:15:4a:94:7b:b4:20:25:9b:16:
a9:4a:c6:34:7e:4d:9b:39:e7:fc:97:f8:50:0a:e7:
21:3a:b4:bc:61:2b:50:bd:73:57:f4:16:21:09:5a:
1a:df:26:f1:52:64:0b:b0:63:88:db:66:ed:e8:89:
21:45:7a:1a:8d:fc:3a:e8:c7:a3:d3:5f:89:78:0c:
aa:57:6d:80:8c:79:cb:6c:05:e6:7d:f2:fc:5f:36:
3e:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:F5:FF:82:46:3B:FC:99:B9:1A:45:2B:0A:C5:D2:39:D6:D2:0B:2B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1D0574B8A44811EF9CE29091762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.40.0/22
Signature Algorithm: sha256WithRSAEncryption
21:5f:20:dc:12:e3:49:c4:ea:9e:df:f3:9a:bd:1b:a6:09:c0:
0d:48:50:b5:3f:6d:2a:e4:50:be:4f:eb:f7:32:0b:95:bf:15:
99:d0:14:b7:9c:ae:08:71:fd:5d:5f:e3:f5:e6:d3:12:cf:a4:
d7:f5:41:3d:07:d7:e0:a8:84:64:dc:eb:37:dd:d2:8d:50:85:
c2:20:45:5e:7c:ad:d6:5c:ac:6e:30:a6:62:ed:ff:88:2f:dd:
07:53:90:47:f7:32:5c:3b:02:da:4a:93:50:cc:20:67:c5:6e:
fc:b8:7f:73:f9:38:c1:fd:6d:f3:58:a2:51:19:ae:96:b7:06:
5a:60:69:5f:8c:e3:ce:b4:cd:d5:aa:12:03:bf:56:fe:ee:f3:
95:4a:fb:b3:84:b3:b6:d6:a1:e6:cd:61:38:3e:09:6a:b5:cf:
0c:3d:85:5f:9c:18:99:48:98:32:29:46:6c:aa:e4:49:7d:96:
e7:37:a6:22:be:93:9e:36:21:8f:38:47:67:22:e9:3b:17:11:
40:25:ac:67:11:9e:88:62:6a:c8:3a:9e:a4:7c:c5:ac:c6:7b:
ff:af:13:f4:0f:56:26:04:59:aa:3c:ce:dd:29:d4:c9:84:1b:
fe:77:92:52:78:90:b2:53:94:73:bb:cd:c6:98:03:20:cc:42:
42:e7:fe:99
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANOGMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTE2MTgyNTA3WhcNMjQxMTI1MTgyNTA3WjAYMRYw
FAYDVQQDEw02NzM4ZTM4Ni05YWFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwyhZkyyZP3jSfK8og9yc7iLzupwfm/iby/TwYl7RyOKPFfiuVUclMEsr
TqTXQjCo34M07d5YH+iaoiJ7el9eZV6y8e2HGextt2X4H4W7vH7E44Ww6yDDd0FH
XSGah2GqkQ0S+aVdd2ua9SoLa1K3NY2SkLbgmlW8N64KhsYRtZMNlGgWX76LbX6A
Huieion48ure42gS47vCkZaOZObJX8DYhFWXERB47DIVSpR7tCAlmxapSsY0fk2b
Oef8l/hQCuchOrS8YStQvXNX9BYhCVoa3ybxUmQLsGOI22bt6IkhRXoajfw66Mej
01+JeAyqV22AjHnLbAXmffL8XzY+uwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLj1
/4JGO/yZuRpFKwrF0jnW0gsrMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xRDA1NzRCOEE0NDgxMUVGOUNFMjkwOTE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLcQoMA0GCSqGSIb3DQEBCwUA
A4IBAQAhXyDcEuNJxOqe3/OavRumCcANSFC1P20q5FC+T+v3MguVvxWZ0BS3nK4I
cf1dX+P15tMSz6TX9UE9B9fgqIRk3Os33dKNUIXCIEVefK3WXKxuMKZi7f+IL90H
U5BH9zJcOwLaSpNQzCBnxW78uH9z+TjB/W3zWKJRGa6WtwZaYGlfjOPOtM3VqhID
v1b+7vOVSvuzhLO21qHmzWE4Pglqtc8MPYVfnBiZSJgyKUZsquRJfZbnN6YivpOe
NiGPOEdnIuk7FxFAJaxnEZ6IYmrIOp6kfMWsxnv/rxP0D1YmBFmqPM7dKdTJhBv+
d5JSeJCyU5Rzu83GmAMgzEJC5/6Z
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:22 2024 by rpki-client on console-ams.rpki-client.org