Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4D68C4EE9B5A11EF99DEE4B3762E951A.roa
File: 4D68C4EE9B5A11EF99DEE4B3762E951A.roa (raw, json)
Hash identifier: jQND7ky0pRTK2biEoKOciWyGHEiaGNjUupDJJkkJhig=
Subject key identifier: E9:A9:FB:A9:82:5D:1F:B8:36:BB:BB:27:B6:63:EC:52:C5:16:C5:47
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: CE41
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4D68C4EE9B5A11EF99DEE4B3762E951A.roa
Signing time: Tue 05 Nov 2024 09:42:42 +0000
ROA not before: Tue 05 Nov 2024 09:42:38 +0000
ROA not after: Sat 07 Dec 2024 09:42:38 +0000
asID: 9304
IP address blocks: 45.204.141.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 52801 (0xce41)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 5 09:42:38 2024 GMT
Not After : Dec 7 09:42:38 2024 GMT
Subject: CN=6729e892-b748
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:25:ff:e0:6b:5d:6a:90:8d:7a:b8:b3:d0:d4:
44:41:5f:9b:86:0d:6b:a6:cb:c6:08:aa:48:9c:c0:
05:04:bf:e9:d4:bf:5d:70:4e:c4:2c:5e:ce:66:6d:
a3:5d:f9:c2:dc:cc:87:54:c0:d5:6a:9d:4a:57:53:
44:31:cc:43:ef:96:7c:53:ad:75:43:23:56:a5:57:
56:52:47:eb:13:95:1b:9d:bc:78:19:c6:15:0b:50:
9b:00:ef:4c:3f:8d:9c:2e:5e:cb:4f:51:41:83:f2:
e4:0e:f3:86:5c:1b:a4:36:34:b7:b8:32:17:70:68:
5a:04:f2:7c:aa:34:5b:9d:e6:53:96:de:94:d2:3d:
a4:e9:aa:fa:97:69:7c:ae:6b:47:d3:46:a7:31:85:
db:f6:f2:47:d5:91:47:37:18:18:9f:7b:d0:e5:29:
90:6b:d4:6c:c4:14:f3:ff:44:65:ac:f7:fd:be:75:
44:76:c7:92:98:dd:79:ec:d1:52:ff:b6:47:e7:97:
57:5d:e9:7c:ff:0e:63:dc:f0:a4:6c:ad:6d:e6:bb:
ba:fa:01:8c:c5:31:7d:dc:96:0c:57:89:64:0a:2c:
f4:9b:f0:69:ec:5c:d6:4a:05:93:49:49:fc:e2:b4:
51:cc:8a:53:e8:9d:a1:79:6e:0e:65:2e:a1:f4:30:
cc:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:A9:FB:A9:82:5D:1F:B8:36:BB:BB:27:B6:63:EC:52:C5:16:C5:47
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4D68C4EE9B5A11EF99DEE4B3762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.204.141.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:3b:bc:55:20:fd:61:95:e2:32:8a:a8:be:d3:49:8d:1a:8e:
8f:dd:ce:e7:63:7a:ac:19:ba:ce:69:4f:17:fa:2b:37:22:6b:
91:ec:2b:e8:7a:65:13:9c:a4:c8:f1:c0:bc:db:c1:85:6e:06:
4a:5b:bc:47:31:5c:f2:b1:a9:d8:dd:3f:51:c4:a8:9f:84:5e:
53:ae:6a:97:9a:a9:2e:c6:05:6e:31:37:d1:ac:9e:4c:a6:67:
a1:2b:e0:07:1f:aa:d8:ac:0b:4c:7a:0b:90:58:04:ac:11:3c:
d6:8a:7c:c8:34:e6:a7:2c:c0:35:af:6f:b5:de:77:2c:fe:62:
0b:f4:7b:50:05:c0:9c:3b:2e:ee:fd:2d:8f:b4:16:01:e6:55:
95:00:b0:f4:98:10:fc:23:1a:6f:f2:b8:26:79:8f:b2:e4:f1:
d1:a5:bd:39:5e:37:f4:00:ee:7c:38:80:66:e1:33:46:d2:b7:
58:36:6f:17:25:d0:54:4f:65:b2:26:7e:cb:fc:29:9e:8f:34:
cb:07:9b:f8:ca:e0:9b:4e:48:ba:34:2a:93:68:c1:0f:11:1d:
27:d6:bb:c6:04:f4:52:9c:f9:1b:80:c7:76:2d:1d:b9:c4:18:
e0:bb:68:e6:36:57:75:64:fb:36:fd:12:1f:05:19:a4:29:b1:
91:dd:2c:21
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAM5BMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTA1MDk0MjM4WhcNMjQxMjA3MDk0MjM4WjAYMRYw
FAYDVQQDEw02NzI5ZTg5Mi1iNzQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3CX/4GtdapCNeriz0NREQV+bhg1rpsvGCKpInMAFBL/p1L9dcE7ELF7O
Zm2jXfnC3MyHVMDVap1KV1NEMcxD75Z8U611QyNWpVdWUkfrE5Ubnbx4GcYVC1Cb
AO9MP42cLl7LT1FBg/LkDvOGXBukNjS3uDIXcGhaBPJ8qjRbneZTlt6U0j2k6ar6
l2l8rmtH00anMYXb9vJH1ZFHNxgYn3vQ5SmQa9RsxBTz/0RlrPf9vnVEdseSmN15
7NFS/7ZH55dXXel8/w5j3PCkbK1t5ru6+gGMxTF93JYMV4lkCiz0m/Bp7FzWSgWT
SUn84rRRzIpT6J2heW4OZS6h9DDMmQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOmp
+6mCXR+4Nru7J7Zj7FLFFsVHMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80RDY4QzRFRTlCNUExMUVGOTlERUU0QjM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcyNMA0GCSqGSIb3DQEBCwUA
A4IBAQAaO7xVIP1hleIyiqi+00mNGo6P3c7nY3qsGbrOaU8X+is3ImuR7CvoemUT
nKTI8cC828GFbgZKW7xHMVzysanY3T9RxKifhF5TrmqXmqkuxgVuMTfRrJ5Mpmeh
K+AHH6rYrAtMeguQWASsETzWinzINOanLMA1r2+13ncs/mIL9HtQBcCcOy7u/S2P
tBYB5lWVALD0mBD8Ixpv8rgmeY+y5PHRpb05Xjf0AO58OIBm4TNG0rdYNm8XJdBU
T2WyJn7L/CmejzTLB5v4yuCbTki6NCqTaMEPER0n1rvGBPRSnPkbgMd2LR25xBjg
u2jmNld1ZPs2/RIfBRmkKbGR3Swh
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:29 2024 by rpki-client on console-ams.rpki-client.org