Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3A9D5DA89AAF11EF833DE47A762E951A.roa
File: 3A9D5DA89AAF11EF833DE47A762E951A.roa (raw, json)
Hash identifier: iH+dLgd7jM+iNqz+CtGIhcSz84wzPfVg61Oj6cK6nBo=
Subject key identifier: 9F:6E:63:D3:DC:EC:DA:F3:6B:4A:F6:FE:DC:F7:80:F0:77:E5:82:28
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: CDB6
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3A9D5DA89AAF11EF833DE47A762E951A.roa
Signing time: Mon 04 Nov 2024 13:18:07 +0000
ROA not before: Mon 04 Nov 2024 13:18:03 +0000
ROA not after: Tue 03 Dec 2024 13:18:03 +0000
asID: 139646
IP address blocks: 45.207.224.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 52662 (0xcdb6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 4 13:18:03 2024 GMT
Not After : Dec 3 13:18:03 2024 GMT
Subject: CN=6728c98e-a296
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:25:42:de:4d:47:e5:5e:89:e4:d4:66:69:8a:
9c:69:58:f4:c8:b1:0c:c0:32:1c:8d:52:a5:2e:3d:
40:8f:16:50:c4:e4:3d:e7:78:97:28:e1:87:86:13:
26:e0:b0:79:4c:71:a4:d8:ff:3b:da:e6:4d:02:fc:
05:13:8b:7c:c3:88:64:45:9f:07:87:42:a2:f8:ec:
91:04:7f:22:1e:6c:cb:ef:49:7f:df:e1:b2:fe:f8:
b0:b8:b1:d6:35:cc:08:91:93:94:3c:53:dc:a0:14:
60:80:e0:de:4c:7f:31:47:b9:5f:8e:42:89:32:32:
f7:81:ae:18:d5:1f:0e:dc:9f:07:0c:01:8c:ad:52:
16:c2:eb:44:7c:bd:88:70:31:ec:f0:8e:a3:92:cf:
d2:41:f4:3c:f8:f0:95:c3:57:37:a1:08:ce:5e:f1:
39:09:97:5d:af:b0:82:70:f0:2f:36:40:c3:49:2e:
f6:1f:02:37:3d:0c:cd:92:a9:4c:14:13:dd:35:ce:
43:1f:f4:b5:36:a1:ff:af:d2:71:5c:4d:fa:40:e3:
c8:b8:94:74:e4:b2:93:95:4e:ed:3b:6e:d4:79:86:
cd:42:be:02:cf:21:fc:3f:dc:40:54:12:2c:09:be:
7d:01:af:74:f9:2a:ed:07:bb:04:43:11:75:fc:d3:
51:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:6E:63:D3:DC:EC:DA:F3:6B:4A:F6:FE:DC:F7:80:F0:77:E5:82:28
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3A9D5DA89AAF11EF833DE47A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.207.224.0/19
Signature Algorithm: sha256WithRSAEncryption
37:e4:65:9d:87:57:66:d3:54:a3:98:f9:e7:82:90:5b:21:8c:
62:b0:cc:b5:23:b6:65:f3:67:96:d6:5a:83:59:46:97:70:7a:
6c:52:4f:0e:b6:98:52:f8:83:63:86:28:86:73:91:a1:cf:74:
37:cd:23:ad:e4:36:e4:47:6d:90:55:ef:d8:da:b3:8c:80:46:
4f:aa:ac:eb:42:89:55:18:2d:b0:4f:c7:ff:6e:0f:fb:98:b7:
83:f4:f2:16:9c:f2:af:4c:40:a1:2f:16:0f:a2:cb:8c:fb:33:
7a:30:6a:95:0f:9a:17:e7:9c:04:1e:28:02:ee:f6:49:4f:0b:
0c:99:61:ea:fc:9c:67:cb:27:7a:ff:a3:cd:fd:4b:6b:2c:b5:
a6:c4:ba:a6:99:c4:57:4d:53:9d:34:48:fd:c7:91:f3:f1:4d:
87:11:b8:a4:1c:95:59:9e:9c:d1:18:31:6f:14:29:6e:85:cd:
84:6a:75:60:5c:c9:50:00:70:65:9f:58:06:6d:94:24:7a:a4:
19:ac:ad:78:3d:fe:c4:8f:b7:af:0d:ca:7f:54:d0:e1:6d:92:
1f:b0:1f:bf:04:c2:40:12:31:59:fc:1c:3c:cf:77:33:c2:c3:
60:73:f9:79:19:65:02:74:5a:4b:d5:dd:b1:8d:7a:5f:a9:8a:
c8:6d:4c:85
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAM22MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTA0MTMxODAzWhcNMjQxMjAzMTMxODAzWjAYMRYw
FAYDVQQDEw02NzI4Yzk4ZS1hMjk2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1yVC3k1H5V6J5NRmaYqcaVj0yLEMwDIcjVKlLj1AjxZQxOQ953iXKOGH
hhMm4LB5THGk2P872uZNAvwFE4t8w4hkRZ8Hh0Ki+OyRBH8iHmzL70l/3+Gy/viw
uLHWNcwIkZOUPFPcoBRggODeTH8xR7lfjkKJMjL3ga4Y1R8O3J8HDAGMrVIWwutE
fL2IcDHs8I6jks/SQfQ8+PCVw1c3oQjOXvE5CZddr7CCcPAvNkDDSS72HwI3PQzN
kqlMFBPdNc5DH/S1NqH/r9JxXE36QOPIuJR05LKTlU7tO27UeYbNQr4CzyH8P9xA
VBIsCb59Aa90+SrtB7sEQxF1/NNRYwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJ9u
Y9Pc7Nrza0r2/tz3gPB35YIoMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zQTlENURBODlBQUYxMUVGODMzREU0N0E3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFLc/gMA0GCSqGSIb3DQEBCwUA
A4IBAQA35GWdh1dm01SjmPnngpBbIYxisMy1I7Zl82eW1lqDWUaXcHpsUk8OtphS
+INjhiiGc5Ghz3Q3zSOt5DbkR22QVe/Y2rOMgEZPqqzrQolVGC2wT8f/bg/7mLeD
9PIWnPKvTEChLxYPosuM+zN6MGqVD5oX55wEHigC7vZJTwsMmWHq/Jxnyyd6/6PN
/UtrLLWmxLqmmcRXTVOdNEj9x5Hz8U2HEbikHJVZnpzRGDFvFCluhc2EanVgXMlQ
AHBln1gGbZQkeqQZrK14Pf7Ej7evDcp/VNDhbZIfsB+/BMJAEjFZ/Bw8z3czwsNg
c/l5GWUCdFpL1d2xjXpfqYrIbUyF
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:25 2024 by rpki-client on console-fra.rpki-client.org