Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/345E3A0E95DA11EF8DB52782762E951A.roa
File: 345E3A0E95DA11EF8DB52782762E951A.roa (raw, json)
Hash identifier: aqzwq65OAhxWcm1sBZbiVu1+8tkFrkfSTmXa9Y0uAa4=
Subject key identifier: 05:9E:66:21:C2:D3:6C:EC:8C:CB:B2:23:F0:B4:D0:33:CF:F4:FE:2F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: C98C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/345E3A0E95DA11EF8DB52782762E951A.roa
Signing time: Tue 29 Oct 2024 09:43:09 +0000
ROA not before: Tue 29 Oct 2024 09:43:05 +0000
ROA not after: Sun 27 Apr 2025 09:43:05 +0000
asID: 393559
IP address blocks: 45.204.70.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 51596 (0xc98c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Oct 29 09:43:05 2024 GMT
Not After : Apr 27 09:43:05 2025 GMT
Subject: CN=6720ae2c-f442
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:88:22:f3:63:5b:ce:9a:a1:88:f2:a7:0e:00:
75:88:14:bf:54:aa:d2:ec:32:ac:7f:97:80:13:47:
f6:5f:7e:55:89:0c:01:27:98:81:50:82:0f:dc:c4:
1c:f2:12:da:17:d2:09:9e:0d:ae:c6:23:4f:06:66:
dd:54:23:7f:14:53:44:aa:93:ad:da:f6:bb:53:eb:
49:06:a9:2c:9b:d3:8d:29:b4:f4:20:d5:40:7a:1e:
71:ea:a2:8d:c8:54:bb:98:ae:a4:87:1e:1e:9e:38:
6b:67:0b:2a:a4:0e:d8:aa:ae:8d:3a:84:18:c1:c0:
be:69:1e:53:8c:fc:43:93:7e:eb:87:cd:84:fd:a9:
13:08:9e:54:14:c3:c8:07:47:d6:6d:ae:cc:67:39:
1b:c9:0f:e0:6e:f2:31:bb:fb:c1:c6:d3:12:89:6f:
3e:05:dc:27:88:49:69:8a:d0:eb:cb:e3:23:4a:fb:
73:b0:8d:f8:c1:40:99:3d:ed:77:7b:cd:5d:07:da:
99:57:8e:17:5b:7f:a3:4a:e2:0c:d7:ea:3e:c6:4c:
e1:5b:0a:fb:b5:70:94:85:22:0f:55:0b:bc:bd:1c:
58:08:8e:02:69:04:87:bf:25:c1:db:f7:9c:ac:30:
88:de:6f:d3:47:bf:30:51:f8:cc:48:65:f1:5a:23:
67:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:9E:66:21:C2:D3:6C:EC:8C:CB:B2:23:F0:B4:D0:33:CF:F4:FE:2F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/345E3A0E95DA11EF8DB52782762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.204.70.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:3b:fa:a0:1c:53:8c:3f:0a:24:7c:f1:1a:56:23:c2:c0:6e:
92:75:c6:4e:1e:fb:d8:1f:8d:99:e5:4c:86:1a:8f:92:70:6b:
0c:a5:f2:45:34:e8:01:c1:20:fd:47:35:90:e5:a6:b0:83:f5:
01:ec:ed:16:1c:f2:78:6b:b1:ed:22:3d:b7:3f:87:0d:e4:51:
aa:07:20:5c:bd:95:08:46:b3:27:bf:6c:b2:4c:e1:74:8a:32:
ea:6d:b2:19:c1:85:05:d1:66:fb:52:2f:26:36:bf:5b:56:1d:
f8:db:6d:36:23:9e:5b:a1:d8:87:df:39:d4:78:fb:f4:93:23:
81:be:03:9e:9c:17:d8:16:a5:d5:93:da:cc:10:bc:e6:96:1d:
57:32:12:de:83:c3:7f:65:4c:4a:98:77:58:70:9d:94:15:e6:
62:79:26:53:20:bd:0c:fd:c8:b3:b5:13:0a:37:f2:ab:11:96:
fe:ff:56:6a:01:51:15:fa:19:da:18:d7:ab:4d:4e:b6:7f:84:
5e:1e:b0:ff:98:b4:fc:fe:f0:bc:4f:c4:ea:04:86:7e:5c:c6:
8c:cd:17:9e:3e:58:a9:f8:55:a3:97:0b:9e:fd:11:3b:f1:31:
e6:28:fa:1e:fe:5c:c5:ab:53:c2:be:ce:11:fb:98:b2:6c:71:
f6:48:2c:58
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAMmMMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMDI5MDk0MzA1WhcNMjUwNDI3MDk0MzA1WjAYMRYw
FAYDVQQDEw02NzIwYWUyYy1mNDQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2Igi82NbzpqhiPKnDgB1iBS/VKrS7DKsf5eAE0f2X35ViQwBJ5iBUIIP
3MQc8hLaF9IJng2uxiNPBmbdVCN/FFNEqpOt2va7U+tJBqksm9ONKbT0INVAeh5x
6qKNyFS7mK6khx4enjhrZwsqpA7Yqq6NOoQYwcC+aR5TjPxDk37rh82E/akTCJ5U
FMPIB0fWba7MZzkbyQ/gbvIxu/vBxtMSiW8+BdwniElpitDry+MjSvtzsI34wUCZ
Pe13e81dB9qZV44XW3+jSuIM1+o+xkzhWwr7tXCUhSIPVQu8vRxYCI4CaQSHvyXB
2/ecrDCI3m/TR78wUfjMSGXxWiNnzwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAWe
ZiHC02zsjMuyI/C00DPP9P4vMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zNDVFM0EwRTk1REExMUVGOERCNTI3ODI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcxGMA0GCSqGSIb3DQEBCwUA
A4IBAQB6O/qgHFOMPwokfPEaViPCwG6SdcZOHvvYH42Z5UyGGo+ScGsMpfJFNOgB
wSD9RzWQ5aawg/UB7O0WHPJ4a7HtIj23P4cN5FGqByBcvZUIRrMnv2yyTOF0ijLq
bbIZwYUF0Wb7Ui8mNr9bVh342202I55bodiH3znUePv0kyOBvgOenBfYFqXVk9rM
ELzmlh1XMhLeg8N/ZUxKmHdYcJ2UFeZieSZTIL0M/ciztRMKN/KrEZb+/1ZqAVEV
+hnaGNerTU62f4ReHrD/mLT8/vC8T8TqBIZ+XMaMzReePlip+FWjlwue/RE78THm
KPoe/lzFq1PCvs4R+5iybHH2SCxY
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:24 2024 by rpki-client on console-fra.rpki-client.org