Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5943BF1C726A11EFAF01845A762E951A.roa
File: 5943BF1C726A11EFAF01845A762E951A.roa (raw, json)
Hash identifier: OAIpabKFAumlyPHrDlKXFilI+461E70kmXyoTUCFKMw=
Subject key identifier: 6F:82:A7:A9:85:B7:23:3A:FF:89:C0:9A:7E:49:EE:B7:4A:51:FB:FB
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: B5A5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5943BF1C726A11EFAF01845A762E951A.roa
Signing time: Sat 14 Sep 2024 07:24:16 +0000
ROA not before: Sat 14 Sep 2024 07:24:13 +0000
ROA not after: Fri 08 Aug 2025 07:24:13 +0000
asID: 133861
IP address blocks: 45.207.36.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46501 (0xb5a5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 14 07:24:13 2024 GMT
Not After : Aug 8 07:24:13 2025 GMT
Subject: CN=66e53a20-940c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:3c:04:8e:d2:f3:b6:41:5c:74:65:3f:b6:28:
65:3f:da:68:41:9e:4d:8f:6a:3f:6d:76:24:10:54:
62:73:fc:eb:df:53:85:5b:7f:06:21:6a:f7:0c:25:
c7:e8:a8:55:97:da:a2:ba:2a:3e:f7:35:87:66:bc:
61:b1:51:de:9f:b2:b7:1e:e0:ac:cf:62:01:84:bd:
5d:73:d1:3f:59:be:2f:c5:1c:f4:c8:f1:7a:87:da:
f7:74:c6:09:f6:07:b9:d4:0a:f2:72:a1:82:db:69:
64:99:9f:6c:b6:d4:42:39:0b:b2:a0:45:4e:fa:95:
e8:a4:8d:19:3b:27:9e:b1:35:9f:ea:40:36:6a:6f:
7e:3a:0e:53:5c:b9:4f:dc:c9:76:20:84:29:4c:70:
37:0b:a6:d2:08:73:b3:a0:d1:a8:22:88:a4:da:f3:
a1:55:ee:d8:6c:ed:a9:e8:f3:69:20:7b:38:89:0e:
1b:5c:7a:94:b6:14:53:6a:e6:a7:14:98:bb:aa:94:
00:2e:9d:39:23:8e:ae:6d:10:38:76:ee:28:b3:e8:
bd:07:c7:e5:bf:9d:c5:b8:c7:48:69:05:0a:bb:1b:
99:55:63:2a:d4:93:6d:d7:64:ba:ae:37:d9:4b:3b:
36:52:d1:e4:e0:9d:6a:c5:8a:a7:f2:a3:b8:b3:9c:
4d:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:82:A7:A9:85:B7:23:3A:FF:89:C0:9A:7E:49:EE:B7:4A:51:FB:FB
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5943BF1C726A11EFAF01845A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.207.36.0/22
Signature Algorithm: sha256WithRSAEncryption
32:6e:b7:35:46:50:f7:4b:30:54:b4:e7:bd:6d:29:bb:ca:94:
bb:76:50:17:59:3d:ee:8d:68:1c:d3:7a:1c:7b:b6:b7:4a:cf:
e7:97:4f:55:1b:f5:ae:e8:16:a9:e5:81:4d:48:f6:4a:db:28:
66:46:f2:ec:ca:e4:d2:2c:6f:3e:87:81:81:e3:f5:20:fd:0b:
04:95:c9:a4:78:a7:57:eb:94:f7:0d:34:dd:3f:70:7e:07:5f:
ed:09:bc:5c:66:1b:85:f8:29:69:32:8a:c2:72:8a:d8:ea:e1:
64:05:53:23:0c:58:7a:c1:4d:ac:41:eb:c0:cf:82:b4:0d:96:
76:96:29:7a:78:5a:fb:5f:a7:48:f9:24:fb:29:21:f7:c0:b2:
71:a9:f6:7d:4c:1e:5b:6d:96:99:33:b2:28:a8:db:eb:0a:f1:
b6:3e:31:73:5c:39:22:f0:21:3a:a6:d4:81:67:f3:4e:35:0f:
56:a7:3a:74:54:51:48:9e:06:d0:f6:5e:e2:a8:cd:82:f5:8d:
11:dd:95:02:2c:56:95:58:c5:31:2d:1e:9d:ea:54:39:1f:c1:
bd:fe:99:fe:ac:2b:b1:83:12:e5:85:33:97:1d:ed:36:38:02:
f5:1e:87:a4:f9:69:ea:de:62:3b:26:8c:96:8b:2f:ad:16:54:
4c:d1:e2:9d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDALWlMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwOTE0MDcyNDEzWhcNMjUwODA4MDcyNDEzWjAYMRYw
FAYDVQQDEw02NmU1M2EyMC05NDBjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxjwEjtLztkFcdGU/tihlP9poQZ5Nj2o/bXYkEFRic/zr31OFW38GIWr3
DCXH6KhVl9qiuio+9zWHZrxhsVHen7K3HuCsz2IBhL1dc9E/Wb4vxRz0yPF6h9r3
dMYJ9ge51ArycqGC22lkmZ9sttRCOQuyoEVO+pXopI0ZOyeesTWf6kA2am9+Og5T
XLlP3Ml2IIQpTHA3C6bSCHOzoNGoIoik2vOhVe7YbO2p6PNpIHs4iQ4bXHqUthRT
auanFJi7qpQALp05I46ubRA4du4os+i9B8flv53FuMdIaQUKuxuZVWMq1JNt12S6
rjfZSzs2UtHk4J1qxYqn8qO4s5xN0QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFG+C
p6mFtyM6/4nAmn5J7rdKUfv7MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81OTQzQkYxQzcyNkExMUVGQUYwMTg0NUE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLc8kMA0GCSqGSIb3DQEBCwUA
A4IBAQAybrc1RlD3SzBUtOe9bSm7ypS7dlAXWT3ujWgc03oce7a3Ss/nl09VG/Wu
6Bap5YFNSPZK2yhmRvLsyuTSLG8+h4GB4/Ug/QsElcmkeKdX65T3DTTdP3B+B1/t
CbxcZhuF+ClpMorCcorY6uFkBVMjDFh6wU2sQevAz4K0DZZ2lil6eFr7X6dI+ST7
KSH3wLJxqfZ9TB5bbZaZM7IoqNvrCvG2PjFzXDki8CE6ptSBZ/NONQ9Wpzp0VFFI
ngbQ9l7iqM2C9Y0R3ZUCLFaVWMUxLR6d6lQ5H8G9/pn+rCuxgxLlhTOXHe02OAL1
Hoek+Wnq3mI7JoyWiy+tFlRM0eKd
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:31 2024 by rpki-client on console-ams.rpki-client.org