Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/343342E0A64711EF9D2989A4762E951A.roa
File: 343342E0A64711EF9D2989A4762E951A.roa (raw, json)
Hash identifier: W0W4Ow+1rX2ZP9KmDfqJI0wF0Q0V5WwXP3zxB2RLg68=
Subject key identifier: 4B:90:F3:B2:69:4A:78:58:5A:B6:45:39:B8:60:CE:97:7C:F3:39:A0
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D542
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/343342E0A64711EF9D2989A4762E951A.roa
Signing time: Tue 19 Nov 2024 07:23:42 +0000
ROA not before: Tue 19 Nov 2024 07:23:38 +0000
ROA not after: Tue 18 Feb 2025 07:23:38 +0000
asID: 328608
IP address blocks: 45.197.176.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 54594 (0xd542)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 19 07:23:38 2024 GMT
Not After : Feb 18 07:23:38 2025 GMT
Subject: CN=673c3cfe-f789
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:68:bd:56:c6:f9:0f:0d:97:15:89:fe:1d:04:
45:39:2f:33:8a:41:56:37:b7:ca:d7:13:11:03:75:
79:c4:ad:90:6a:0f:4e:88:09:ed:07:45:56:ad:8a:
0a:f2:da:33:53:15:46:60:11:d8:b1:21:98:6c:71:
73:3c:93:6e:cc:46:31:5d:9b:6f:57:29:cb:11:c6:
38:d1:6d:fe:df:95:99:15:f4:a5:21:12:68:15:2b:
e7:85:29:51:18:7b:cb:29:e2:6c:fa:7b:99:30:34:
1d:9e:35:8e:ef:a1:0f:26:bc:68:65:28:38:d2:92:
f7:24:56:01:d9:07:d6:a9:1f:6c:b7:66:c0:12:c3:
12:5e:7c:4d:ef:36:fd:27:2f:21:94:b2:3f:2a:5c:
ea:06:c2:a2:c7:a1:85:60:66:e2:f4:0b:7a:37:8c:
92:d3:17:93:e1:c3:1c:11:28:b9:29:01:bb:66:dd:
e4:da:ed:5b:f9:40:37:25:39:aa:78:1a:26:00:1f:
ce:1c:d5:f3:58:52:53:a1:fb:99:29:3f:c1:a9:ea:
6d:7b:3f:de:95:73:15:a0:04:d3:92:6b:2e:c7:bc:
f5:48:42:8b:a2:b6:99:50:43:48:19:57:5e:d7:bb:
ff:92:48:1d:fe:99:bd:22:80:ff:e6:7b:a1:f9:e7:
f6:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:90:F3:B2:69:4A:78:58:5A:B6:45:39:B8:60:CE:97:7C:F3:39:A0
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/343342E0A64711EF9D2989A4762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.197.176.0/20
Signature Algorithm: sha256WithRSAEncryption
39:67:da:5c:c1:8a:1d:56:8e:56:2d:52:50:e0:bb:d2:9f:71:
08:b4:03:28:25:b5:e7:a4:9c:8e:a2:f1:7b:ee:c1:33:e5:b9:
8f:61:7f:8e:b0:83:a3:c0:58:67:05:62:54:e2:65:b2:ba:ae:
28:dc:22:a4:e9:68:58:81:30:72:e0:ee:24:f6:67:38:16:2c:
13:cd:4d:f4:9c:e2:5f:9e:68:a4:bc:07:dc:c3:6a:a6:ed:ff:
49:86:27:95:a5:49:97:73:ed:9e:94:5d:d1:5e:18:2c:f3:b4:
19:da:a0:cb:1c:75:7f:c7:33:76:32:22:70:1f:27:b8:75:f6:
11:4b:a8:4c:8c:09:09:4c:56:56:56:8c:7e:21:e4:a4:ba:3c:
c8:91:69:cb:42:cd:04:e4:de:88:a6:b4:34:65:a0:fb:b0:3f:
b8:d5:c7:38:63:17:c5:36:0f:3a:d2:7f:fc:38:ac:7f:01:72:
25:8c:dc:b8:0c:f1:23:4d:37:96:f8:b0:1e:1c:5a:18:4b:b1:
a2:7b:46:60:57:3c:9c:62:e4:7e:92:dd:1a:6b:1c:b8:52:87:
d1:62:12:f2:44:8d:c9:2b:ce:9c:f8:bd:b8:76:88:11:6f:29:
e6:8b:b5:a2:31:4b:e9:7c:c8:d6:80:a4:1a:38:a9:a0:7b:cd:
e6:65:c3:d2
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANVCMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTE5MDcyMzM4WhcNMjUwMjE4MDcyMzM4WjAYMRYw
FAYDVQQDEw02NzNjM2NmZS1mNzg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvmi9Vsb5Dw2XFYn+HQRFOS8zikFWN7fK1xMRA3V5xK2Qag9OiAntB0VW
rYoK8tozUxVGYBHYsSGYbHFzPJNuzEYxXZtvVynLEcY40W3+35WZFfSlIRJoFSvn
hSlRGHvLKeJs+nuZMDQdnjWO76EPJrxoZSg40pL3JFYB2QfWqR9st2bAEsMSXnxN
7zb9Jy8hlLI/KlzqBsKix6GFYGbi9At6N4yS0xeT4cMcESi5KQG7Zt3k2u1b+UA3
JTmqeBomAB/OHNXzWFJTofuZKT/Bqeptez/elXMVoATTkmsux7z1SEKLoraZUENI
GVde17v/kkgd/pm9IoD/5nuh+ef2RwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEuQ
87JpSnhYWrZFObhgzpd88zmgMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zNDMzNDJFMEE2NDcxMUVGOUQyOTg5QTQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQELcWwMA0GCSqGSIb3DQEBCwUA
A4IBAQA5Z9pcwYodVo5WLVJQ4LvSn3EItAMoJbXnpJyOovF77sEz5bmPYX+OsIOj
wFhnBWJU4mWyuq4o3CKk6WhYgTBy4O4k9mc4FiwTzU30nOJfnmikvAfcw2qm7f9J
hieVpUmXc+2elF3RXhgs87QZ2qDLHHV/xzN2MiJwHye4dfYRS6hMjAkJTFZWVox+
IeSkujzIkWnLQs0E5N6IprQ0ZaD7sD+41cc4YxfFNg860n/8OKx/AXIljNy4DPEj
TTeW+LAeHFoYS7Gie0ZgVzycYuR+kt0aaxy4UofRYhLyRI3JK86c+L24dogRbynm
i7WiMUvpfMjWgKQaOKmge83mZcPS
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:25 2024 by rpki-client on console-ams.rpki-client.org