Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5AFA33409C1811EFA7851367762E951A.roa
File: 5AFA33409C1811EFA7851367762E951A.roa (raw, json)
Hash identifier: xvp4V2OsQliRK5cgpELV15NMc9/J3FlKNsCEc1RRk9E=
Subject key identifier: 71:DE:72:59:91:30:E8:50:61:F0:4B:90:78:A2:60:62:12:63:93:5C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: CF10
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5AFA33409C1811EFA7851367762E951A.roa
Signing time: Wed 06 Nov 2024 08:23:09 +0000
ROA not before: Wed 06 Nov 2024 08:23:05 +0000
ROA not after: Sun 08 Dec 2024 08:23:05 +0000
asID: 8796
IP address blocks: 45.207.192.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 53008 (0xcf10)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 6 08:23:05 2024 GMT
Not After : Dec 8 08:23:05 2024 GMT
Subject: CN=672b276d-e7cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:dc:fd:f2:23:64:f2:2b:28:d0:4b:75:58:30:
1b:58:69:97:1a:97:6a:50:cb:f9:eb:ab:0a:41:c1:
27:18:df:4d:a0:bd:ce:9d:08:59:ff:7b:f2:b6:04:
9f:f3:5c:e6:9c:33:c7:9d:f6:50:f0:6c:98:ff:df:
be:52:c9:08:61:16:4f:b9:80:b6:e2:fa:3b:9e:97:
35:a3:bd:13:f7:da:4b:73:10:53:82:96:08:64:9e:
fa:d0:d5:0d:01:a0:33:be:f6:da:f2:38:43:a5:b1:
de:09:c6:11:2c:4d:03:3b:a6:30:52:ee:7c:a5:9f:
77:c5:4a:51:37:e7:7a:39:4d:16:ab:79:50:b0:49:
ff:1b:41:ac:fd:11:0e:3e:08:f9:87:2c:21:0c:54:
94:83:9e:35:02:72:5d:53:cb:49:34:e2:cd:e1:a2:
72:4b:c2:e9:82:b3:7e:0a:94:61:54:a7:79:75:10:
71:3f:6f:e0:72:fe:a0:ba:8f:f2:64:12:6f:67:15:
c5:1a:ef:41:06:b3:22:22:8a:ff:22:39:52:57:59:
f5:1f:f1:6b:1e:d5:79:db:f3:ac:6e:c6:c2:df:f3:
77:6f:73:74:9f:94:ec:03:e6:c9:a0:5c:26:14:5a:
fd:9a:66:42:99:e9:4c:ad:0c:0f:9c:eb:51:5d:c9:
fe:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:DE:72:59:91:30:E8:50:61:F0:4B:90:78:A2:60:62:12:63:93:5C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5AFA33409C1811EFA7851367762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.207.192.0/19
Signature Algorithm: sha256WithRSAEncryption
6c:ad:8c:03:4a:dd:cd:fc:8d:06:b6:82:78:6a:e4:8e:f5:f0:
04:3c:02:60:f5:9f:f6:e8:1c:e7:18:bd:84:ff:23:de:70:b1:
39:09:71:3b:0f:85:bb:7e:26:36:4f:fc:9d:d6:90:7c:f6:1d:
4f:88:29:c2:af:3d:eb:71:ff:d4:2c:5e:91:c9:38:0f:a2:88:
d2:91:1d:36:94:1f:fe:1d:af:06:6f:80:0e:00:f7:18:a9:5d:
90:8c:56:73:5c:2c:56:02:69:74:f7:16:70:cb:8b:32:d9:f0:
d7:e0:bb:81:84:71:ba:c8:3a:5e:ab:55:5b:ec:4c:b6:a3:6a:
49:a2:05:99:66:fa:2d:50:fe:25:01:98:ff:0e:31:f6:24:cb:
ca:ba:26:32:59:9c:bc:17:ee:b0:b3:24:47:67:90:6e:33:a5:
cf:d0:3c:34:22:0e:23:ef:90:81:84:60:60:0c:bc:1f:fd:cf:
12:e5:3b:8b:b9:b9:1f:75:53:70:33:21:cd:e7:ed:59:d8:12:
52:7a:45:5c:90:43:95:65:58:d7:df:85:47:4f:97:fb:fa:c9:
45:58:98:8d:7d:14:f2:ac:f5:7f:36:fb:5f:e1:17:d8:b8:d5:
a4:a5:24:f6:93:d2:e6:ba:50:fd:2d:6b:e0:00:1e:68:88:8e:
fc:e1:90:3e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAM8QMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTA2MDgyMzA1WhcNMjQxMjA4MDgyMzA1WjAYMRYw
FAYDVQQDEw02NzJiMjc2ZC1lN2NiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0dz98iNk8iso0Et1WDAbWGmXGpdqUMv566sKQcEnGN9NoL3OnQhZ/3vy
tgSf81zmnDPHnfZQ8GyY/9++UskIYRZPuYC24vo7npc1o70T99pLcxBTgpYIZJ76
0NUNAaAzvvba8jhDpbHeCcYRLE0DO6YwUu58pZ93xUpRN+d6OU0Wq3lQsEn/G0Gs
/REOPgj5hywhDFSUg541AnJdU8tJNOLN4aJyS8LpgrN+CpRhVKd5dRBxP2/gcv6g
uo/yZBJvZxXFGu9BBrMiIor/IjlSV1n1H/FrHtV52/OsbsbC3/N3b3N0n5TsA+bJ
oFwmFFr9mmZCmelMrQwPnOtRXcn+xQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHHe
clmRMOhQYfBLkHiiYGISY5NcMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81QUZBMzM0MDlDMTgxMUVGQTc4NTEzNjc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFLc/AMA0GCSqGSIb3DQEBCwUA
A4IBAQBsrYwDSt3N/I0GtoJ4auSO9fAEPAJg9Z/26BznGL2E/yPecLE5CXE7D4W7
fiY2T/yd1pB89h1PiCnCrz3rcf/ULF6RyTgPoojSkR02lB/+Ha8Gb4AOAPcYqV2Q
jFZzXCxWAml09xZwy4sy2fDX4LuBhHG6yDpeq1Vb7Ey2o2pJogWZZvotUP4lAZj/
DjH2JMvKuiYyWZy8F+6wsyRHZ5BuM6XP0Dw0Ig4j75CBhGBgDLwf/c8S5TuLubkf
dVNwMyHN5+1Z2BJSekVckEOVZVjX34VHT5f7+slFWJiNfRTyrPV/Nvtf4RfYuNWk
pST2k9LmulD9LWvgAB5oiI784ZA+
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:30 2024 by rpki-client on console-fra.rpki-client.org