Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3FD031BC9B5C11EF8ABA2942762E951A.roa
File: 3FD031BC9B5C11EF8ABA2942762E951A.roa (raw, json)
Hash identifier: FEpqsOwcnNTzoKazFgJLotVU4QtjD5nLfn1bbYRWOnk=
Subject key identifier: 2D:A7:8E:A6:0C:7C:80:A4:05:56:06:B3:E7:11:FD:C2:30:FA:BB:E7
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: CE55
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3FD031BC9B5C11EF8ABA2942762E951A.roa
Signing time: Tue 05 Nov 2024 09:56:38 +0000
ROA not before: Tue 05 Nov 2024 09:56:34 +0000
ROA not after: Mon 13 Jan 2025 09:56:34 +0000
asID: 22773
IP address blocks: 45.207.0.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 52821 (0xce55)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 5 09:56:34 2024 GMT
Not After : Jan 13 09:56:34 2025 GMT
Subject: CN=6729ebd6-62cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:55:7d:46:ce:ac:78:c0:e1:12:d9:20:da:9a:
84:79:59:c6:34:27:9a:20:16:4e:78:a6:11:c2:d4:
dc:d8:50:1b:95:26:58:db:17:da:ac:44:5b:9c:82:
53:7b:16:16:24:ee:54:79:22:07:5a:0a:cb:d0:d7:
14:ee:83:8b:10:8b:b9:76:79:23:3c:24:c5:64:53:
a0:e7:6b:8c:1e:c1:ce:3e:a2:14:cd:47:64:91:9b:
46:9c:0a:5e:a7:a2:20:c4:a0:5b:44:6a:c2:72:3e:
92:f3:c8:bc:ae:c8:05:8d:c7:be:c6:9f:9e:cb:3b:
65:14:1e:9d:e0:30:6c:f2:46:18:ce:fe:51:24:1e:
76:a5:06:6b:d0:11:39:55:fa:95:1c:b7:e0:1f:4a:
6b:de:da:5e:db:aa:74:fc:93:96:57:89:cc:bc:a0:
b1:45:86:af:f1:c0:35:e8:68:cc:c9:b8:d2:44:d9:
e2:d5:f1:24:f6:b0:76:a5:0a:73:c7:d7:57:58:bc:
d5:c2:6f:2a:79:cc:d8:c5:f1:41:e1:f2:78:5a:38:
90:75:c7:33:bb:0d:d8:59:5b:fd:81:d9:79:67:82:
d8:18:bc:12:f2:dc:0c:8e:80:9f:4b:8a:ad:7e:3d:
9f:a3:13:15:d8:97:43:4c:34:2a:04:29:b3:6f:96:
24:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:A7:8E:A6:0C:7C:80:A4:05:56:06:B3:E7:11:FD:C2:30:FA:BB:E7
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3FD031BC9B5C11EF8ABA2942762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.207.0.0/23
Signature Algorithm: sha256WithRSAEncryption
5c:35:f2:41:b8:dd:8d:de:fb:a2:19:cf:4d:36:00:41:77:72:
0b:3a:d0:eb:87:fb:c9:38:e8:af:43:64:29:cd:01:25:b2:97:
fb:97:b7:e6:b3:aa:67:65:4c:10:73:2a:01:51:fb:41:d1:82:
c1:6f:1e:6f:f1:a1:60:f2:3d:f5:ee:43:f4:3e:c6:24:23:f4:
21:b7:f2:80:0d:25:7d:75:c4:0b:45:ea:6a:45:4d:63:0c:36:
98:a2:18:87:4c:fe:79:a9:7d:e8:13:f5:f3:41:cc:f2:c2:6e:
69:b6:72:6d:5f:fc:98:ae:2d:93:66:db:e6:5d:cc:c6:98:47:
fa:44:5c:5e:d8:1c:cf:e9:2f:da:f4:34:64:a8:77:d5:83:40:
7f:c9:a9:21:19:e0:84:f3:14:45:18:19:97:2c:5d:d2:5e:3b:
89:7e:21:5f:e9:01:6a:e8:52:9b:13:e8:e4:dd:06:e6:d4:fb:
2b:37:c7:7b:34:e3:ef:a1:10:46:f1:ac:46:fb:b4:43:82:95:
90:52:01:b0:9a:f8:e0:a0:77:bb:36:17:b0:fd:8a:67:d7:1a:
d7:d2:ef:a9:41:c1:44:f2:d5:95:16:00:32:d1:03:74:05:72:
9c:3c:89:c9:c9:b8:08:a6:8e:5b:0f:3a:5d:57:cc:ac:5b:1e:
ed:db:58:88
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAM5VMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTA1MDk1NjM0WhcNMjUwMTEzMDk1NjM0WjAYMRYw
FAYDVQQDEw02NzI5ZWJkNi02MmNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAolV9Rs6seMDhEtkg2pqEeVnGNCeaIBZOeKYRwtTc2FAblSZY2xfarERb
nIJTexYWJO5UeSIHWgrL0NcU7oOLEIu5dnkjPCTFZFOg52uMHsHOPqIUzUdkkZtG
nApep6IgxKBbRGrCcj6S88i8rsgFjce+xp+eyztlFB6d4DBs8kYYzv5RJB52pQZr
0BE5VfqVHLfgH0pr3tpe26p0/JOWV4nMvKCxRYav8cA16GjMybjSRNni1fEk9rB2
pQpzx9dXWLzVwm8qeczYxfFB4fJ4WjiQdcczuw3YWVv9gdl5Z4LYGLwS8twMjoCf
S4qtfj2foxMV2JdDTDQqBCmzb5YkRQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFC2n
jqYMfICkBVYGs+cR/cIw+rvnMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zRkQwMzFCQzlCNUMxMUVGOEFCQTI5NDI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLc8AMA0GCSqGSIb3DQEBCwUA
A4IBAQBcNfJBuN2N3vuiGc9NNgBBd3ILOtDrh/vJOOivQ2QpzQElspf7l7fms6pn
ZUwQcyoBUftB0YLBbx5v8aFg8j317kP0PsYkI/Qht/KADSV9dcQLRepqRU1jDDaY
ohiHTP55qX3oE/XzQczywm5ptnJtX/yYri2TZtvmXczGmEf6RFxe2BzP6S/a9DRk
qHfVg0B/yakhGeCE8xRFGBmXLF3SXjuJfiFf6QFq6FKbE+jk3Qbm1PsrN8d7NOPv
oRBG8axG+7RDgpWQUgGwmvjgoHe7Nhew/Ypn1xrX0u+pQcFE8tWVFgAy0QN0BXKc
PInJybgIpo5bDzpdV8ysWx7t21iI
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:26 2024 by rpki-client on console-fra.rpki-client.org