Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/325C57D6758C11EFB5E21077762E951A.roa
File: 325C57D6758C11EFB5E21077762E951A.roa (raw, json)
Hash identifier: efk7FylAoquvJxWVzh7zLA24g80og5Yv3OD7HcL/bKA=
Subject key identifier: 01:62:BE:C2:9E:75:8E:BF:E5:69:58:0D:A8:66:4B:B4:19:AE:DC:0C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: B7D7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/325C57D6758C11EFB5E21077762E951A.roa
Signing time: Wed 18 Sep 2024 07:04:07 +0000
ROA not before: Wed 18 Sep 2024 07:04:04 +0000
ROA not after: Wed 19 Mar 2025 07:04:04 +0000
asID: 140403
IP address blocks: 45.198.1.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 47063 (0xb7d7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 18 07:04:04 2024 GMT
Not After : Mar 19 07:04:04 2025 GMT
Subject: CN=66ea7b67-8206
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:98:a0:92:78:c5:74:f4:95:46:3d:ee:a8:f0:
34:8e:e4:6a:c7:3b:cc:68:1b:fb:7b:4f:aa:07:c3:
a9:10:dc:48:db:12:b5:97:10:61:a9:73:cb:15:d7:
83:2e:91:9b:ed:a3:26:a2:ec:b1:d3:07:ac:72:48:
6d:47:a4:10:c5:83:1b:ba:d2:77:0e:20:a4:95:a5:
e0:c1:80:cd:09:42:3c:d2:09:23:ad:be:85:0d:8e:
8a:6f:21:c3:1d:a7:c0:7d:8d:44:26:9f:16:b4:4a:
91:77:7e:be:92:3c:9b:1e:cd:c9:e3:ce:a8:cc:5e:
c4:31:f2:d4:11:be:3a:d4:71:fe:03:fb:56:85:e3:
38:21:48:2e:ea:b5:76:02:92:2b:a2:ca:d7:b1:77:
e1:9d:ac:56:ac:0c:d9:8a:d1:56:8a:d4:05:43:a1:
f5:d1:4c:a0:ee:0f:ba:8f:ad:1b:07:7f:69:90:33:
0c:88:8a:22:14:20:72:e2:1d:25:95:b1:70:ca:ea:
0e:24:a9:b3:7b:a1:31:5b:98:8e:7b:31:e8:82:a4:
ef:8d:eb:0b:47:d1:58:f6:bb:c8:e7:8d:9d:37:fd:
36:d2:4e:d9:16:54:ed:2f:df:98:9f:f3:16:70:1a:
ef:da:17:34:c1:be:90:8a:72:5e:6b:dd:5c:88:7a:
ac:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:62:BE:C2:9E:75:8E:BF:E5:69:58:0D:A8:66:4B:B4:19:AE:DC:0C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/325C57D6758C11EFB5E21077762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.198.1.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:d6:51:ff:00:7f:5e:42:2f:96:f1:3c:95:cc:36:dc:86:ea:
26:4a:5c:e8:12:aa:53:64:9d:49:13:cc:47:34:59:46:9c:2c:
bd:d9:84:46:d5:4f:39:00:b0:71:eb:cf:95:25:20:c7:94:50:
62:db:6a:2d:01:8f:bd:c5:7c:2e:12:45:b3:70:40:94:ee:7a:
23:af:7a:75:c8:68:2f:5c:51:8d:9e:41:04:c1:1e:97:a2:5f:
8d:ce:ea:c1:64:d2:36:a8:94:e1:44:ff:ff:ea:f1:8b:9a:7d:
bb:a3:3a:d5:3e:2a:06:23:25:62:b3:b5:b5:76:bb:4f:97:91:
62:4f:1e:c5:56:ed:35:63:32:3d:84:04:1f:73:5e:b2:f3:d0:
7c:79:87:23:fc:22:6d:ed:4d:88:ca:f9:d4:a4:7d:fe:28:c3:
9d:55:bb:89:5d:57:af:d3:ff:fb:76:8b:93:65:88:dd:18:a0:
27:e7:90:e7:41:a0:db:b6:da:32:d8:ef:53:b1:d1:99:53:1b:
40:7d:30:9b:26:42:b2:c2:e8:1e:dd:aa:b1:1d:6b:02:ea:f3:
6f:f4:a5:95:53:20:80:64:31:52:a3:73:3c:28:6f:a3:f6:44:
ac:66:8d:8c:ca:b2:b6:cb:e1:cf:22:e0:b0:3e:58:5d:df:a4:
0d:41:5b:22
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDALfXMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwOTE4MDcwNDA0WhcNMjUwMzE5MDcwNDA0WjAYMRYw
FAYDVQQDEw02NmVhN2I2Ny04MjA2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzJigknjFdPSVRj3uqPA0juRqxzvMaBv7e0+qB8OpENxI2xK1lxBhqXPL
FdeDLpGb7aMmouyx0wesckhtR6QQxYMbutJ3DiCklaXgwYDNCUI80gkjrb6FDY6K
byHDHafAfY1EJp8WtEqRd36+kjybHs3J486ozF7EMfLUEb461HH+A/tWheM4IUgu
6rV2ApIrosrXsXfhnaxWrAzZitFWitQFQ6H10Uyg7g+6j60bB39pkDMMiIoiFCBy
4h0llbFwyuoOJKmze6ExW5iOezHogqTvjesLR9FY9rvI542dN/020k7ZFlTtL9+Y
n/MWcBrv2hc0wb6QinJea91ciHqsywIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAFi
vsKedY6/5WlYDahmS7QZrtwMMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zMjVDNTdENjc1OEMxMUVGQjVFMjEwNzc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcYBMA0GCSqGSIb3DQEBCwUA
A4IBAQC21lH/AH9eQi+W8TyVzDbchuomSlzoEqpTZJ1JE8xHNFlGnCy92YRG1U85
ALBx68+VJSDHlFBi22otAY+9xXwuEkWzcECU7nojr3p1yGgvXFGNnkEEwR6Xol+N
zurBZNI2qJThRP//6vGLmn27ozrVPioGIyVis7W1drtPl5FiTx7FVu01YzI9hAQf
c16y89B8eYcj/CJt7U2IyvnUpH3+KMOdVbuJXVev0//7douTZYjdGKAn55DnQaDb
ttoy2O9TsdGZUxtAfTCbJkKywuge3aqxHWsC6vNv9KWVUyCAZDFSo3M8KG+j9kSs
Zo2MyrK2y+HPIuCwPlhd36QNQVsi
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:23 2024 by rpki-client on console-fra.rpki-client.org