Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2BAD699E7E3711EF8DB0A784762E951A.roa
File: 2BAD699E7E3711EF8DB0A784762E951A.roa (raw, json)
Hash identifier: gm/2RCwMluxx9Fc+6+HnG4pTxtID0iU6Q/Ert50CjOE=
Subject key identifier: 08:15:42:F6:FD:D0:1D:75:06:BA:F8:48:DB:A6:2F:9C:C3:D7:8A:3E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: BC49
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2BAD699E7E3711EF8DB0A784762E951A.roa
Signing time: Sun 29 Sep 2024 07:48:09 +0000
ROA not before: Sun 29 Sep 2024 07:48:06 +0000
ROA not after: Mon 30 Dec 2024 07:48:06 +0000
asID: 17561
IP address blocks: 45.207.21.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 48201 (0xbc49)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 29 07:48:06 2024 GMT
Not After : Dec 30 07:48:06 2024 GMT
Subject: CN=66f90639-37b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:da:9e:8c:eb:30:09:77:d0:60:98:52:fb:57:
ba:9a:3f:dd:3a:4a:bc:8b:aa:db:a4:e3:d5:3e:1d:
9d:b3:d3:83:43:90:80:cf:36:8f:69:cd:76:dd:f9:
51:3f:ac:56:b6:f8:50:87:d9:36:bd:79:0b:8a:ea:
2d:2e:e7:6e:65:04:ae:d5:b7:ba:61:a6:cf:d5:df:
95:9f:6e:f8:a4:9a:69:79:19:66:3d:d0:a9:f8:f0:
97:3b:f9:b2:d3:45:d4:7f:d7:ff:78:f5:3c:f6:8f:
a1:3d:ee:24:93:af:54:8b:ec:9d:da:4c:22:4c:a2:
e5:5e:1c:aa:7e:ae:52:4d:25:29:9f:b8:80:bd:12:
7f:3b:5a:8c:40:87:73:63:69:4c:ab:14:7f:d5:e2:
05:3a:a4:80:66:b4:74:d0:13:64:1e:34:e0:98:a6:
7e:59:fd:0d:de:52:41:ea:ef:cb:84:26:dd:7d:bf:
75:6e:49:52:45:a6:f8:bd:21:88:50:34:50:23:ff:
96:d0:09:33:62:63:68:83:f4:ab:eb:bb:9c:c3:ed:
6a:c5:55:04:ef:9b:c1:c4:bb:6b:35:67:04:27:6b:
1f:9a:74:86:4a:84:68:43:40:c2:59:22:fc:b3:2b:
f6:21:e9:04:10:16:07:13:44:c3:39:e4:50:47:89:
7a:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:15:42:F6:FD:D0:1D:75:06:BA:F8:48:DB:A6:2F:9C:C3:D7:8A:3E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2BAD699E7E3711EF8DB0A784762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.207.21.0/24
Signature Algorithm: sha256WithRSAEncryption
83:97:97:ab:77:af:7c:c5:da:41:92:78:05:ea:19:64:d4:ea:
b2:70:88:8a:32:79:55:38:f1:df:0b:b4:7a:ee:00:4a:b3:91:
da:d9:43:91:c7:e2:f2:55:5d:d9:83:fa:07:01:42:07:2f:53:
f6:f4:98:02:09:d3:59:35:b5:34:ce:7d:3b:c6:11:4c:81:1d:
a9:65:65:88:ad:b5:47:3e:df:0b:aa:3b:98:8a:23:cd:ed:0e:
a9:98:62:d6:3f:64:64:4f:24:56:5c:cd:03:8f:fa:4e:ed:2a:
3b:3b:84:d7:1a:a5:de:d3:7b:5f:4f:1c:4e:e4:38:9f:6b:19:
c1:e1:78:2a:5b:c8:2c:62:41:61:30:87:31:2d:50:cb:3a:03:
b4:84:99:94:a4:cb:b9:71:4d:ca:86:78:56:c8:85:da:f2:3b:
f4:8c:33:47:66:66:db:7b:6b:6d:73:35:2a:5f:05:45:e2:a6:
6c:5f:5e:80:58:77:bb:7a:af:fd:04:d7:e1:85:6c:8e:60:6e:
38:b6:34:30:f0:a9:72:57:40:c3:83:76:bf:b6:42:fc:e3:19:
8a:b1:59:0d:e9:ad:f3:7c:eb:ac:9b:92:ba:77:c4:41:a8:47:
c9:27:5a:37:17:11:70:26:f9:d9:1f:56:f4:f1:25:39:f9:00:
7e:7f:be:0e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDALxJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwOTI5MDc0ODA2WhcNMjQxMjMwMDc0ODA2WjAYMRYw
FAYDVQQDEw02NmY5MDYzOS0zN2IwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAytqejOswCXfQYJhS+1e6mj/dOkq8i6rbpOPVPh2ds9ODQ5CAzzaPac12
3flRP6xWtvhQh9k2vXkLiuotLuduZQSu1be6YabP1d+Vn274pJppeRlmPdCp+PCX
O/my00XUf9f/ePU89o+hPe4kk69Ui+yd2kwiTKLlXhyqfq5STSUpn7iAvRJ/O1qM
QIdzY2lMqxR/1eIFOqSAZrR00BNkHjTgmKZ+Wf0N3lJB6u/LhCbdfb91bklSRab4
vSGIUDRQI/+W0AkzYmNog/Sr67ucw+1qxVUE75vBxLtrNWcEJ2sfmnSGSoRoQ0DC
WSL8syv2IekEEBYHE0TDOeRQR4l69wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAgV
Qvb90B11Brr4SNumL5zD14o+MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yQkFENjk5RTdFMzcxMUVGOERCMEE3ODQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc8VMA0GCSqGSIb3DQEBCwUA
A4IBAQCDl5erd698xdpBkngF6hlk1OqycIiKMnlVOPHfC7R67gBKs5Ha2UORx+Ly
VV3Zg/oHAUIHL1P29JgCCdNZNbU0zn07xhFMgR2pZWWIrbVHPt8LqjuYiiPN7Q6p
mGLWP2RkTyRWXM0Dj/pO7So7O4TXGqXe03tfTxxO5DifaxnB4XgqW8gsYkFhMIcx
LVDLOgO0hJmUpMu5cU3KhnhWyIXa8jv0jDNHZmbbe2ttczUqXwVF4qZsX16AWHe7
eq/9BNfhhWyOYG44tjQw8KlyV0DDg3a/tkL84xmKsVkN6a3zfOusm5K6d8RBqEfJ
J1o3FxFwJvnZH1b08SU5+QB+f74O
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:24 2024 by rpki-client on console-ams.rpki-client.org