Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/35753C508B9211EFA358CCB6762E951A.roa
File: 35753C508B9211EFA358CCB6762E951A.roa (raw, json)
Hash identifier: U9STvI1cpGOjRHDG79EKYwiNFW6mJBuV+VH9Tx+yH5c=
Subject key identifier: E0:EB:1E:C5:F0:06:DC:73:5E:BA:8E:F6:FD:29:C3:0E:C0:71:33:09
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: C510
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/35753C508B9211EFA358CCB6762E951A.roa
Signing time: Wed 16 Oct 2024 07:42:35 +0000
ROA not before: Wed 16 Oct 2024 07:42:31 +0000
ROA not after: Sun 31 Aug 2025 07:42:31 +0000
asID: 132513
IP address blocks: 45.207.170.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 50448 (0xc510)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Oct 16 07:42:31 2024 GMT
Not After : Aug 31 07:42:31 2025 GMT
Subject: CN=670f6e6b-5d0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:ca:fa:f8:31:33:6a:8a:bd:79:a1:32:30:bb:
11:4a:ce:93:42:87:71:43:59:52:0e:0d:56:7b:b4:
a2:ea:8e:bc:64:7b:67:de:b8:40:3e:4e:10:81:83:
1d:3b:09:06:52:72:cf:ec:89:68:64:cf:50:e4:d6:
4d:2a:1a:c9:e7:b2:18:0d:18:8d:85:95:5d:a5:f5:
d7:74:a0:44:4c:30:e4:f1:35:4a:b0:2b:48:5f:d3:
7b:05:e0:1d:c6:33:9f:9e:3b:18:60:98:5c:61:4e:
45:c6:b9:0c:31:eb:1f:f0:fd:2e:1c:b2:be:98:2d:
bc:31:02:43:15:3c:db:47:3f:8c:b6:3d:18:cd:fe:
8a:b3:5e:d8:3a:57:31:31:4c:94:24:a1:92:7e:0a:
9e:06:41:ef:ae:2b:c1:d6:14:6b:3a:59:20:f1:e2:
3a:35:d6:dd:47:48:c8:b6:bd:da:cb:d3:7b:2b:df:
e0:8b:fa:1b:63:da:66:bf:75:63:50:46:31:e5:01:
1b:9d:8d:ab:ee:7d:1c:77:1a:ca:52:3d:9a:8c:8a:
12:9b:33:6b:58:c0:1a:80:70:60:9e:87:e4:3d:b9:
0a:a9:58:87:43:51:fc:00:e4:69:1d:1c:2c:9a:fb:
6b:c6:c4:12:6a:c0:a0:c6:9b:44:d3:1f:e7:2b:fb:
aa:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:EB:1E:C5:F0:06:DC:73:5E:BA:8E:F6:FD:29:C3:0E:C0:71:33:09
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/35753C508B9211EFA358CCB6762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.207.170.0/24
Signature Algorithm: sha256WithRSAEncryption
19:29:c9:2e:9d:0c:55:dc:12:e1:50:f2:04:0a:16:e1:0a:90:
87:f3:7a:92:dd:ed:9e:8d:6f:17:d2:4a:2f:0d:b5:dc:a8:a9:
c4:a1:03:14:db:8f:27:20:47:04:44:37:a3:8c:e5:7b:66:64:
da:82:31:10:be:14:c6:d2:c0:23:9a:99:05:1d:6a:30:49:74:
91:be:8f:10:a1:81:3f:d2:9f:76:db:e8:4a:7d:d3:15:90:88:
c4:58:fb:6e:c5:1f:c0:a7:bf:a5:26:d2:b2:75:84:8c:e6:4e:
31:d4:c1:7f:c7:fb:14:bb:c6:0b:05:0b:a8:fe:cc:5b:59:0b:
e2:f2:8b:f6:f9:5c:86:a5:b3:40:0e:2a:ca:e1:d7:16:f5:d9:
24:8f:be:07:89:3e:c4:33:c5:80:95:9c:d2:1c:09:ab:12:fb:
78:8f:dd:7c:15:69:28:2d:5f:7a:57:26:e3:79:27:64:b2:95:
91:69:57:b9:ed:5c:88:da:6a:ab:aa:68:48:de:0c:05:a5:31:
d3:d8:8e:6c:2c:83:a8:48:f4:d9:72:84:ad:43:f8:ec:22:2d:
2b:72:04:99:cd:96:6c:0c:4f:88:16:46:9f:09:9c:5e:37:c4:
22:31:b8:7f:80:b5:fe:a5:22:71:98:bb:74:5b:3a:42:2b:b1:
fa:92:cf:95
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAMUQMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMDE2MDc0MjMxWhcNMjUwODMxMDc0MjMxWjAYMRYw
FAYDVQQDEw02NzBmNmU2Yi01ZDBiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnMr6+DEzaoq9eaEyMLsRSs6TQodxQ1lSDg1We7Si6o68ZHtn3rhAPk4Q
gYMdOwkGUnLP7IloZM9Q5NZNKhrJ57IYDRiNhZVdpfXXdKBETDDk8TVKsCtIX9N7
BeAdxjOfnjsYYJhcYU5FxrkMMesf8P0uHLK+mC28MQJDFTzbRz+Mtj0Yzf6Ks17Y
OlcxMUyUJKGSfgqeBkHvrivB1hRrOlkg8eI6NdbdR0jItr3ay9N7K9/gi/obY9pm
v3VjUEYx5QEbnY2r7n0cdxrKUj2ajIoSmzNrWMAagHBgnofkPbkKqViHQ1H8AORp
HRwsmvtrxsQSasCgxptE0x/nK/uqVwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFODr
HsXwBtxzXrqO9v0pww7AcTMJMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zNTc1M0M1MDhCOTIxMUVGQTM1OENDQjY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc+qMA0GCSqGSIb3DQEBCwUA
A4IBAQAZKckunQxV3BLhUPIEChbhCpCH83qS3e2ejW8X0kovDbXcqKnEoQMU248n
IEcERDejjOV7ZmTagjEQvhTG0sAjmpkFHWowSXSRvo8QoYE/0p922+hKfdMVkIjE
WPtuxR/Ap7+lJtKydYSM5k4x1MF/x/sUu8YLBQuo/sxbWQvi8ov2+VyGpbNADirK
4dcW9dkkj74HiT7EM8WAlZzSHAmrEvt4j918FWkoLV96VybjeSdkspWRaVe57VyI
2mqrqmhI3gwFpTHT2I5sLIOoSPTZcoStQ/jsIi0rcgSZzZZsDE+IFkafCZxeN8Qi
Mbh/gLX+pSJxmLt0WzpCK7H6ks+V
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:25 2024 by rpki-client on console-ams.rpki-client.org