Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/38212900A44711EFB90CFD8A762E951A.roa
File: 38212900A44711EFB90CFD8A762E951A.roa (raw, json)
Hash identifier: xNVafaNp+cNIDNGBxwbdYMfjCTT60p0Jebq8+mvcvKc=
Subject key identifier: 38:A2:29:66:86:3E:7C:B8:6C:69:8A:61:86:26:82:E4:59:D0:6A:C8
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D37A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/38212900A44711EFB90CFD8A762E951A.roa
Signing time: Sat 16 Nov 2024 18:18:46 +0000
ROA not before: Sat 16 Nov 2024 18:18:43 +0000
ROA not after: Mon 25 Nov 2024 18:18:43 +0000
asID: 399989
IP address blocks: 45.196.52.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 54138 (0xd37a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 16 18:18:43 2024 GMT
Not After : Nov 25 18:18:43 2024 GMT
Subject: CN=6738e206-1874
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:fc:f2:32:72:ae:40:a6:bb:7b:51:6b:a6:8c:
7c:30:55:7f:5c:9e:61:46:e1:a1:be:b8:17:c8:16:
ba:37:a3:3c:d3:77:52:af:82:d7:bc:3a:5e:20:81:
f1:99:ca:38:aa:58:3a:aa:9a:44:b1:81:c8:c6:29:
02:5b:56:a3:fc:25:55:fd:48:9c:53:35:e5:cb:f2:
61:d7:59:1b:8e:72:85:78:34:0c:e7:7d:76:1e:6c:
4b:63:c5:75:4e:78:b1:ee:3c:39:23:75:a2:4c:d5:
14:be:03:fb:29:f5:b0:bb:5a:18:b7:e1:b5:68:05:
af:6d:20:20:b3:04:0c:04:9a:6e:f2:a2:73:4a:8d:
24:90:ff:71:ea:76:c8:6d:28:b3:c4:ad:b3:25:09:
ba:2e:98:ed:55:cc:c2:79:40:17:43:01:73:64:17:
fd:dd:ec:24:cd:be:ee:e1:c0:d7:9e:84:80:54:03:
c4:f9:23:ab:92:a4:07:70:73:a7:a8:36:42:46:ea:
5d:94:34:ca:28:69:35:ff:72:1e:5e:74:82:c4:20:
84:3c:69:85:cc:c0:2a:a3:57:ef:6b:3b:02:c9:6e:
c8:9b:a6:f6:ef:c5:87:f6:4b:62:be:16:09:f2:9e:
48:de:30:20:18:39:6d:60:c8:24:e0:ce:24:be:77:
af:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:A2:29:66:86:3E:7C:B8:6C:69:8A:61:86:26:82:E4:59:D0:6A:C8
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/38212900A44711EFB90CFD8A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.52.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:90:58:79:29:c1:b6:c0:55:6c:9d:7e:d1:a0:3f:f9:7b:8f:
de:a6:52:58:d6:f9:e2:52:92:e0:0a:a6:43:5e:b0:7c:36:c0:
07:dd:27:c8:ca:b9:1f:ed:e8:7c:54:04:f3:a2:ca:90:3c:95:
97:ff:ac:15:ae:73:e5:af:88:f4:38:0d:46:56:c9:86:73:d6:
de:95:54:57:59:76:7d:e4:51:84:90:0c:27:17:90:30:ee:9e:
60:44:f4:e0:58:0e:31:d1:ee:63:c1:b8:3f:21:ed:36:93:f7:
5c:9e:ad:c3:ef:cc:34:8c:6e:4e:1d:63:2d:02:68:ce:cd:47:
a1:cb:94:9a:4e:43:45:83:d7:0d:a4:e3:9c:d4:bf:23:d9:19:
dd:a5:d5:00:62:a8:0f:85:b2:cc:e0:13:41:f2:73:5d:a5:4b:
03:c3:34:fa:d7:71:9e:89:d4:16:0e:80:97:c9:4c:8d:a1:61:
25:93:11:97:ec:58:c3:1e:4c:50:39:33:ac:bf:8b:2d:87:f9:
f5:fb:c9:37:9f:0e:0e:a5:87:dc:9a:66:9b:6f:8d:43:32:60:
67:1a:a4:32:cc:a5:d0:db:5f:8a:1c:20:7b:f3:ef:6c:05:8c:
9b:60:c7:e9:e2:b3:b8:21:af:88:b1:7a:06:80:41:14:00:4b:
2a:23:1f:f5
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANN6MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTE2MTgxODQzWhcNMjQxMTI1MTgxODQzWjAYMRYw
FAYDVQQDEw02NzM4ZTIwNi0xODc0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAufzyMnKuQKa7e1Frpox8MFV/XJ5hRuGhvrgXyBa6N6M803dSr4LXvDpe
IIHxmco4qlg6qppEsYHIxikCW1aj/CVV/UicUzXly/Jh11kbjnKFeDQM5312HmxL
Y8V1Tnix7jw5I3WiTNUUvgP7KfWwu1oYt+G1aAWvbSAgswQMBJpu8qJzSo0kkP9x
6nbIbSizxK2zJQm6LpjtVczCeUAXQwFzZBf93ewkzb7u4cDXnoSAVAPE+SOrkqQH
cHOnqDZCRupdlDTKKGk1/3IeXnSCxCCEPGmFzMAqo1fvazsCyW7Im6b278WH9kti
vhYJ8p5I3jAgGDltYMgk4M4kvnevvwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDii
KWaGPny4bGmKYYYmguRZ0GrIMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zODIxMjkwMEE0NDcxMUVGQjkwQ0ZEOEE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLcQ0MA0GCSqGSIb3DQEBCwUA
A4IBAQA8kFh5KcG2wFVsnX7RoD/5e4/eplJY1vniUpLgCqZDXrB8NsAH3SfIyrkf
7eh8VATzosqQPJWX/6wVrnPlr4j0OA1GVsmGc9belVRXWXZ95FGEkAwnF5Aw7p5g
RPTgWA4x0e5jwbg/Ie02k/dcnq3D78w0jG5OHWMtAmjOzUehy5SaTkNFg9cNpOOc
1L8j2RndpdUAYqgPhbLM4BNB8nNdpUsDwzT613GeidQWDoCXyUyNoWElkxGX7FjD
HkxQOTOsv4sth/n1+8k3nw4OpYfcmmabb41DMmBnGqQyzKXQ21+KHCB78+9sBYyb
YMfp4rO4Ia+IsXoGgEEUAEsqIx/1
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:26 2024 by rpki-client on console-ams.rpki-client.org