Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/66945A84FD3D11EE81ED3D68017001B1.roa
File: 66945A84FD3D11EE81ED3D68017001B1.roa (raw, json)
Hash identifier: 58l2rBzg+zYb0LYONRX95Gl8z8c7+TMKJ/sgm0iQLBM=
Subject key identifier: 23:58:DF:0C:3D:8B:46:B6:04:B4:7C:E7:B3:C7:7B:A9:F8:CD:96:89
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 833F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/66945A84FD3D11EE81ED3D68017001B1.roa
Signing time: Thu 18 Apr 2024 04:37:45 +0000
ROA not before: Thu 18 Apr 2024 04:37:41 +0000
ROA not after: Sat 27 Apr 2024 04:37:41 +0000
asID: 142062
IP address blocks: 45.192.0.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 27 Apr 2024 00:16:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 33599 (0x833f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 18 04:37:41 2024 GMT
Not After : Apr 27 04:37:41 2024 GMT
Subject: CN=6620a399-e8fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:f9:3b:cf:10:7d:83:20:bb:b1:dc:4d:29:ef:
8b:4d:ac:7e:0d:78:4c:9c:c9:2e:26:14:49:86:36:
91:33:18:22:8d:a4:3a:f7:aa:c6:dc:61:6c:ad:18:
e1:58:51:ad:80:8f:c6:d0:d3:de:dd:db:da:63:74:
67:48:34:83:46:f6:55:70:4e:ae:12:ae:c9:4b:09:
d2:48:30:71:8e:d0:90:ce:03:c0:b1:05:b8:56:1b:
ec:54:4b:00:18:19:0d:9d:4c:0a:15:fd:58:98:a3:
88:36:24:c9:3a:d9:ea:b8:0f:52:82:57:64:79:2a:
a4:2e:4d:68:a2:88:c5:96:6d:55:e5:d9:c4:e3:3c:
df:08:f1:78:2a:20:ce:da:de:d3:37:96:ce:ca:9e:
23:f0:8c:39:15:b9:d4:8f:13:da:a3:a2:fc:bf:70:
c9:d7:82:82:5b:04:61:1e:38:ad:f3:fc:c0:1e:ae:
0c:7e:15:6c:c7:76:75:04:87:71:58:44:78:4c:6b:
e0:6a:99:dd:b1:5a:05:88:71:86:c9:e8:aa:17:30:
19:c8:3f:bb:ea:e9:02:ec:fb:04:af:9b:b7:84:a0:
d0:93:44:ac:d4:79:b0:52:9c:84:3b:2d:d6:c8:c9:
3a:5d:27:24:cf:83:cb:a7:11:42:b7:bd:4a:f7:08:
e0:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:58:DF:0C:3D:8B:46:B6:04:B4:7C:E7:B3:C7:7B:A9:F8:CD:96:89
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/66945A84FD3D11EE81ED3D68017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.192.0.0/19
Signature Algorithm: sha256WithRSAEncryption
89:49:2d:47:d8:cb:88:f2:2d:4e:75:0a:a6:33:0e:36:ee:01:
c9:61:66:1f:9a:e7:da:cd:83:ed:0b:c6:f7:91:8a:ce:54:ab:
b0:67:fc:67:59:df:af:3f:96:79:c2:6a:68:dd:b5:78:07:d6:
2f:54:86:68:74:cf:b4:1e:39:7c:ed:1c:06:06:55:e3:4a:19:
0f:4b:80:f0:85:7c:b3:ec:89:1b:e7:c3:00:09:05:66:b4:67:
30:75:c7:9b:79:6a:7e:bb:79:85:0c:6d:50:53:72:06:ce:25:
56:4f:ad:6c:6d:8b:1b:77:e8:21:6e:be:15:9e:e6:d6:eb:f5:
74:e9:64:63:9f:e3:06:b0:7f:fb:cf:6c:7d:30:c6:29:7e:aa:
35:4e:0e:03:53:45:6b:1e:fe:06:bd:c1:28:3c:bd:f7:24:a4:
7a:39:70:e7:ff:b8:27:8b:f9:1b:27:a4:b5:bc:92:74:8d:2b:
47:69:2f:2c:ea:e2:4b:54:95:42:6d:7f:1a:b1:5f:6d:73:be:
36:05:22:7e:fa:55:89:64:a8:84:70:69:c1:52:73:0a:f0:ab:
84:3e:5d:c7:a9:4f:7e:da:96:81:e6:01:d5:8c:e4:f0:0e:64:
31:5d:e9:f3:c0:0b:72:fa:5c:aa:0c:9c:83:8b:b2:3f:64:bc:
f2:84:24:33
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAIM/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNDE4MDQzNzQxWhcNMjQwNDI3MDQzNzQxWjAYMRYw
FAYDVQQDEw02NjIwYTM5OS1lOGZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxvk7zxB9gyC7sdxNKe+LTax+DXhMnMkuJhRJhjaRMxgijaQ696rG3GFs
rRjhWFGtgI/G0NPe3dvaY3RnSDSDRvZVcE6uEq7JSwnSSDBxjtCQzgPAsQW4Vhvs
VEsAGBkNnUwKFf1YmKOINiTJOtnquA9SgldkeSqkLk1ooojFlm1V5dnE4zzfCPF4
KiDO2t7TN5bOyp4j8Iw5FbnUjxPao6L8v3DJ14KCWwRhHjit8/zAHq4MfhVsx3Z1
BIdxWER4TGvgapndsVoFiHGGyeiqFzAZyD+76ukC7PsEr5u3hKDQk0Ss1HmwUpyE
Oy3WyMk6XSckz4PLpxFCt71K9wjgkQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCNY
3ww9i0a2BLR857PHe6n4zZaJMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82Njk0NUE4NEZEM0QxMUVFODFFRDNENjgwMTcwMDFCMS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFLcAAMA0GCSqGSIb3DQEBCwUA
A4IBAQCJSS1H2MuI8i1OdQqmMw427gHJYWYfmufazYPtC8b3kYrOVKuwZ/xnWd+v
P5Z5wmpo3bV4B9YvVIZodM+0Hjl87RwGBlXjShkPS4DwhXyz7Ikb58MACQVmtGcw
dcebeWp+u3mFDG1QU3IGziVWT61sbYsbd+ghbr4VnubW6/V06WRjn+MGsH/7z2x9
MMYpfqo1Tg4DU0VrHv4GvcEoPL33JKR6OXDn/7gni/kbJ6S1vJJ0jStHaS8s6uJL
VJVCbX8asV9tc742BSJ++lWJZKiEcGnBUnMK8KuEPl3HqU9+2paB5gHVjOTwDmQx
XenzwAty+lyqDJyDi7I/ZLzyhCQz
-----END CERTIFICATE-----
Generated at Thu Apr 25 22:33:43 2024 by rpki-client on console-fra.rpki-client.org