Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/68B31454A4C711EFAFA889BA762E951A.roa
File: 68B31454A4C711EFAFA889BA762E951A.roa (raw, json)
Hash identifier: b6vNzQbu4TLp9tajPk4bWrEHkfPc1N4Mliz7ajKgY9U=
Subject key identifier: C4:BF:E2:10:8E:7E:E9:FC:A9:74:F7:05:56:81:9C:C4:55:E0:FC:FD
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D495
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/68B31454A4C711EFAFA889BA762E951A.roa
Signing time: Sun 17 Nov 2024 09:36:23 +0000
ROA not before: Sun 17 Nov 2024 09:36:20 +0000
ROA not after: Mon 25 Nov 2024 09:36:20 +0000
asID: 7029
IP address blocks: 45.196.60.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 54421 (0xd495)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 17 09:36:20 2024 GMT
Not After : Nov 25 09:36:20 2024 GMT
Subject: CN=6739b917-a019
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:02:02:77:a9:d2:79:e5:7e:a1:97:f8:bb:1d:
ec:37:ef:d1:c9:1c:4f:85:2f:0f:f0:82:49:85:2f:
dc:2a:2f:cd:35:66:8c:a0:3b:01:b6:87:41:68:75:
05:bd:35:47:9a:de:27:ec:64:18:81:c0:b2:fd:4c:
04:ac:f1:2c:56:03:86:85:f7:ce:b2:e2:bd:d8:96:
cc:10:8d:9f:ed:a9:d0:e1:1b:6e:b9:e3:41:0c:d8:
95:58:19:06:4b:ce:93:72:42:df:db:4b:db:5d:56:
27:f1:5a:f7:f8:94:b8:e8:7e:f6:22:02:0a:a5:1a:
a5:ef:37:a3:c0:1a:7a:a9:17:c8:84:e9:20:2e:4f:
7f:92:5a:97:1d:09:c6:7f:00:a8:aa:46:77:f3:66:
fa:9a:a9:0f:9b:52:45:ca:40:16:62:90:0a:9a:77:
88:b4:ad:9f:54:86:14:9f:04:0d:76:27:83:aa:f7:
7c:60:19:f0:3e:3d:e4:c8:76:a2:46:03:1f:57:1e:
2c:ac:50:97:47:de:27:29:7a:4e:8f:f2:71:08:15:
86:b6:46:ea:31:fa:87:91:45:0b:98:78:6c:ff:45:
f4:13:ba:11:78:58:29:7c:01:a0:ab:5c:3f:5a:24:
27:b7:be:a4:ed:55:82:50:b4:46:ea:05:f4:2a:49:
5d:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:BF:E2:10:8E:7E:E9:FC:A9:74:F7:05:56:81:9C:C4:55:E0:FC:FD
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/68B31454A4C711EFAFA889BA762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.60.0/22
Signature Algorithm: sha256WithRSAEncryption
5b:29:e2:4f:95:f8:21:0e:32:52:57:e3:14:f5:da:7f:66:c2:
99:71:92:fe:c1:50:04:e4:78:37:1f:fe:2e:37:8f:7d:d9:9f:
b8:65:e4:ec:bc:ae:44:c6:f5:a3:a5:61:25:d4:c3:f1:6d:93:
ca:e5:f0:39:90:48:af:89:d1:24:ea:7f:34:84:16:a5:65:60:
f9:08:20:7f:69:ca:ba:49:34:27:0f:a4:3e:45:e0:e6:7c:fe:
80:b2:03:1e:9f:84:94:d7:56:c5:0f:e5:69:4f:c0:bb:3f:54:
cb:66:55:c8:68:39:db:3e:d0:68:5b:0b:b5:29:8c:b3:0f:9c:
bb:a1:b2:95:50:49:87:14:6a:50:cb:e4:82:56:93:25:b7:91:
7d:3a:ce:ac:3e:db:e0:d5:8f:23:32:61:b3:99:16:ba:59:66:
d8:6e:da:01:6a:96:6e:32:77:08:c8:ef:bc:fc:f6:70:ab:50:
29:e1:87:35:3b:b9:20:4e:c5:79:8d:3f:13:15:4b:ad:9c:82:
fa:20:94:95:99:af:76:7f:25:6a:fd:5b:13:ae:f5:8d:dc:0f:
9c:dd:08:16:36:9d:6f:8a:65:44:0d:89:21:85:46:11:29:fa:
2d:97:56:5a:8b:8e:f4:c2:6a:64:77:c5:e4:68:51:ad:cf:0c:
0d:bf:08:50
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANSVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTE3MDkzNjIwWhcNMjQxMTI1MDkzNjIwWjAYMRYw
FAYDVQQDEw02NzM5YjkxNy1hMDE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqgICd6nSeeV+oZf4ux3sN+/RyRxPhS8P8IJJhS/cKi/NNWaMoDsBtodB
aHUFvTVHmt4n7GQYgcCy/UwErPEsVgOGhffOsuK92JbMEI2f7anQ4RtuueNBDNiV
WBkGS86TckLf20vbXVYn8Vr3+JS46H72IgIKpRql7zejwBp6qRfIhOkgLk9/klqX
HQnGfwCoqkZ382b6mqkPm1JFykAWYpAKmneItK2fVIYUnwQNdieDqvd8YBnwPj3k
yHaiRgMfVx4srFCXR94nKXpOj/JxCBWGtkbqMfqHkUULmHhs/0X0E7oReFgpfAGg
q1w/WiQnt76k7VWCULRG6gX0KkldcQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMS/
4hCOfun8qXT3BVaBnMRV4Pz9MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82OEIzMTQ1NEE0QzcxMUVGQUZBODg5QkE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLcQ8MA0GCSqGSIb3DQEBCwUA
A4IBAQBbKeJPlfghDjJSV+MU9dp/ZsKZcZL+wVAE5Hg3H/4uN4992Z+4ZeTsvK5E
xvWjpWEl1MPxbZPK5fA5kEividEk6n80hBalZWD5CCB/acq6STQnD6Q+ReDmfP6A
sgMen4SU11bFD+VpT8C7P1TLZlXIaDnbPtBoWwu1KYyzD5y7obKVUEmHFGpQy+SC
VpMlt5F9Os6sPtvg1Y8jMmGzmRa6WWbYbtoBapZuMncIyO+8/PZwq1Ap4Yc1O7kg
TsV5jT8TFUutnIL6IJSVma92fyVq/VsTrvWN3A+c3QgWNp1vimVEDYkhhUYRKfot
l1Zai470wmpkd8XkaFGtzwwNvwhQ
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:34 2024 by rpki-client on console-ams.rpki-client.org