Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3D312CD2719E11EFB40FA357762E951A.roa
File: 3D312CD2719E11EFB40FA357762E951A.roa (raw, json)
Hash identifier: InUSVWXrkBbdtP1bVp2dzZU0rZAeBoO5gQPDE1Fc6/M=
Subject key identifier: 41:7F:38:03:43:93:AC:EF:A6:DC:3C:E2:6B:58:59:7E:55:89:96:3A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: B52C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3D312CD2719E11EFB40FA357762E951A.roa
Signing time: Fri 13 Sep 2024 07:03:12 +0000
ROA not before: Fri 13 Sep 2024 07:03:08 +0000
ROA not after: Fri 08 Aug 2025 07:03:08 +0000
asID: 133199
IP address blocks: 45.207.36.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46380 (0xb52c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 13 07:03:08 2024 GMT
Not After : Aug 8 07:03:08 2025 GMT
Subject: CN=66e3e3b0-992a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:d3:d2:db:5e:b0:08:4f:f9:ed:6c:c2:38:18:
d9:72:5e:d3:91:dd:4a:47:b3:81:10:72:05:b1:86:
87:52:ae:71:52:28:68:b9:95:fb:41:6b:59:51:2e:
ec:e4:60:4c:0e:db:8d:3d:44:61:73:90:c8:87:60:
f0:d4:6a:b0:e1:fd:b9:17:28:64:1a:0b:c4:a5:f1:
b9:e1:91:b3:ef:bc:2c:72:55:77:5a:52:bc:d2:a4:
af:d0:04:a4:fd:80:e3:55:71:4e:cd:e4:ee:2d:31:
cf:ee:58:ac:94:ca:66:56:90:dd:23:c8:0a:c8:01:
8c:c9:b2:f2:79:04:ad:08:24:65:e6:f9:16:ff:65:
94:98:fc:a4:50:2a:e9:50:2c:be:59:f3:46:15:72:
08:55:e5:1e:79:3c:a4:17:f1:c7:c0:78:fe:41:db:
d7:b5:2c:f4:a7:32:0e:7a:cc:77:d7:51:b2:3f:d5:
3b:49:b7:eb:c0:9e:ab:34:f7:95:cd:b6:d1:ef:99:
6c:f6:02:09:7a:1b:d4:06:f7:eb:3a:65:31:cf:f2:
72:4f:ae:b8:d8:b9:52:cb:72:7f:a9:78:68:5f:47:
e1:e2:33:bc:e4:cf:3b:84:2c:ba:c8:ee:73:68:92:
9d:21:b4:ab:b1:97:03:fd:c4:32:40:e5:fd:40:9f:
62:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:7F:38:03:43:93:AC:EF:A6:DC:3C:E2:6B:58:59:7E:55:89:96:3A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3D312CD2719E11EFB40FA357762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.207.36.0/22
Signature Algorithm: sha256WithRSAEncryption
31:cc:5c:83:10:33:bc:64:fc:d3:f0:2d:5a:0d:b3:8d:73:33:
b5:71:39:9b:ec:47:ab:27:2e:3b:ac:db:71:ac:96:f3:8b:24:
aa:a5:b0:72:98:4c:44:3e:3e:4a:8c:5d:c4:94:cd:08:53:07:
0c:29:47:a6:a8:f8:7d:77:b9:65:dc:74:2e:1a:ab:31:b5:23:
f9:91:cb:f2:2e:c4:5a:09:c5:78:1e:25:e0:95:1b:e9:f7:6f:
26:4c:2e:30:94:e0:dd:3d:50:3b:1f:5c:e4:68:85:01:b3:6b:
d9:bf:0e:f4:27:68:90:4b:f1:0a:a6:57:6a:d8:01:ad:20:aa:
46:98:08:99:dc:fd:d5:6c:05:37:43:49:a9:50:21:c2:47:52:
b3:50:02:6b:6b:56:bf:dc:0c:e4:37:20:34:f1:27:fd:18:dd:
31:38:3e:13:e1:34:69:7e:2b:37:4b:44:42:fc:0e:4b:b3:9d:
83:4c:69:40:62:6d:8c:f0:e4:c0:61:a1:dd:1c:c8:7c:0a:51:
d8:cb:c8:1e:82:87:8b:30:c6:5b:a6:27:94:ae:eb:ad:bd:29:
7b:db:c6:a3:7a:c7:cf:74:9f:db:16:1e:88:75:b1:27:0b:90:
12:50:e3:94:1d:15:a4:80:42:36:8b:4e:e2:a2:c1:30:fc:d5:
60:cb:85:42
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDALUsMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwOTEzMDcwMzA4WhcNMjUwODA4MDcwMzA4WjAYMRYw
FAYDVQQDEw02NmUzZTNiMC05OTJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv9PS216wCE/57WzCOBjZcl7Tkd1KR7OBEHIFsYaHUq5xUihouZX7QWtZ
US7s5GBMDtuNPURhc5DIh2Dw1Gqw4f25FyhkGgvEpfG54ZGz77wsclV3WlK80qSv
0ASk/YDjVXFOzeTuLTHP7lislMpmVpDdI8gKyAGMybLyeQStCCRl5vkW/2WUmPyk
UCrpUCy+WfNGFXIIVeUeeTykF/HHwHj+QdvXtSz0pzIOesx311GyP9U7SbfrwJ6r
NPeVzbbR75ls9gIJehvUBvfrOmUxz/JyT6642LlSy3J/qXhoX0fh4jO85M87hCy6
yO5zaJKdIbSrsZcD/cQyQOX9QJ9iUQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEF/
OANDk6zvptw84mtYWX5ViZY6MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zRDMxMkNEMjcxOUUxMUVGQjQwRkEzNTc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLc8kMA0GCSqGSIb3DQEBCwUA
A4IBAQAxzFyDEDO8ZPzT8C1aDbONczO1cTmb7EerJy47rNtxrJbziySqpbBymExE
Pj5KjF3ElM0IUwcMKUemqPh9d7ll3HQuGqsxtSP5kcvyLsRaCcV4HiXglRvp928m
TC4wlODdPVA7H1zkaIUBs2vZvw70J2iQS/EKpldq2AGtIKpGmAiZ3P3VbAU3Q0mp
UCHCR1KzUAJra1a/3AzkNyA08Sf9GN0xOD4T4TRpfis3S0RC/A5Ls52DTGlAYm2M
8OTAYaHdHMh8ClHYy8gegoeLMMZbpieUruutvSl728ajesfPdJ/bFh6IdbEnC5AS
UOOUHRWkgEI2i07iosEw/NVgy4VC
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:26 2024 by rpki-client on console-ams.rpki-client.org