Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/69EA886C7F0A11EF90F963B3762E951A.roa
File: 69EA886C7F0A11EF90F963B3762E951A.roa (raw, json)
Hash identifier: rmUsNJd+pcIHVvfeJVFywv04J+C29FPi/Z2sUMDMGEg=
Subject key identifier: 84:A9:81:BB:86:34:F7:33:93:86:97:B3:50:32:2E:1E:F2:80:3A:43
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: BD8F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/69EA886C7F0A11EF90F963B3762E951A.roa
Signing time: Mon 30 Sep 2024 09:00:18 +0000
ROA not before: Mon 30 Sep 2024 09:00:14 +0000
ROA not after: Mon 15 Sep 2025 09:00:14 +0000
asID: 15169
IP address blocks: 45.202.71.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 48527 (0xbd8f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 30 09:00:14 2024 GMT
Not After : Sep 15 09:00:14 2025 GMT
Subject: CN=66fa68a1-8be1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:cf:bf:37:af:fd:6d:84:45:30:a4:df:95:04:
b5:50:73:a2:7b:62:18:14:19:42:a6:76:6c:6f:34:
6c:77:bb:57:32:00:3a:94:c4:a1:48:12:3a:1e:ab:
74:d7:c4:0c:e6:d8:93:7f:5f:c8:b4:46:e5:f8:66:
42:64:9e:2d:69:3e:31:ac:1d:92:fc:b8:1f:ce:c4:
85:95:36:1b:94:e9:66:c0:93:20:7a:45:70:d0:28:
8a:6b:e2:73:82:0e:86:6f:da:16:1b:22:41:76:51:
3b:31:7f:9d:a3:0e:c3:2f:d7:dd:2d:ce:52:a0:10:
12:4d:af:4a:ad:ea:86:9b:1c:14:8b:c6:0b:25:03:
af:e6:5e:74:ce:57:5f:c5:0e:a8:ee:9e:2e:ac:e8:
52:8f:f9:ad:e3:df:e8:0b:5a:e0:43:74:77:6d:75:
cd:55:fb:55:72:3e:73:47:81:63:8a:97:0b:0b:56:
8d:c2:e6:d2:43:0c:b0:12:18:03:09:22:4b:e8:96:
31:6f:9d:74:5a:58:be:fc:4b:2f:e6:3d:bc:37:ed:
6e:55:53:3b:55:a9:01:4a:9d:aa:e7:8e:88:33:a4:
28:96:30:ce:04:cf:da:e8:1e:51:50:28:98:f5:3b:
cf:cd:63:d2:55:81:03:4a:53:f1:e9:c8:55:64:85:
1a:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:A9:81:BB:86:34:F7:33:93:86:97:B3:50:32:2E:1E:F2:80:3A:43
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/69EA886C7F0A11EF90F963B3762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.202.71.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:b9:52:97:9e:d2:cb:fd:8b:50:d5:d9:80:10:3a:48:55:9f:
c7:7e:fe:a9:29:6e:f4:94:bc:ae:2b:9c:aa:94:e5:cd:8b:39:
64:57:cd:2f:67:5b:8b:bf:f9:44:2e:97:8e:48:1b:43:05:9c:
99:ae:e9:86:c4:b2:b2:08:9f:f1:a6:b6:be:1b:7d:33:d9:1b:
e7:c3:07:fe:77:e1:56:4a:6f:57:fb:2f:95:33:87:38:21:cd:
f9:3f:e8:96:43:69:6b:1f:b3:1c:c7:75:25:4b:10:5d:ea:e0:
ee:d2:d0:9d:6c:69:49:4e:30:82:8a:9b:b6:c4:ed:96:f1:06:
95:6e:fb:4e:23:c8:ea:f8:60:10:0a:d9:42:c6:11:08:a7:f9:
1e:23:50:c6:be:e0:9d:08:8c:cc:57:d2:5c:6d:c8:81:95:00:
1d:4d:5d:03:fe:f3:78:d1:78:4a:ff:75:83:a1:c7:61:d2:68:
3f:24:6b:b8:9f:2a:d4:89:d3:96:2f:c7:31:54:7d:cd:1c:17:
79:fa:49:12:15:6c:cc:ef:88:a3:19:c7:6e:22:36:ce:66:99:
ba:8a:ee:d1:35:b6:6c:88:38:8c:b6:e5:51:a6:98:47:5b:ad:
ce:99:95:5c:93:cb:87:90:e3:db:24:4c:83:92:2f:2d:3f:73:
35:4b:dc:ab
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAL2PMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwOTMwMDkwMDE0WhcNMjUwOTE1MDkwMDE0WjAYMRYw
FAYDVQQDEw02NmZhNjhhMS04YmUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwM+/N6/9bYRFMKTflQS1UHOie2IYFBlCpnZsbzRsd7tXMgA6lMShSBI6
Hqt018QM5tiTf1/ItEbl+GZCZJ4taT4xrB2S/LgfzsSFlTYblOlmwJMgekVw0CiK
a+Jzgg6Gb9oWGyJBdlE7MX+dow7DL9fdLc5SoBASTa9KreqGmxwUi8YLJQOv5l50
zldfxQ6o7p4urOhSj/mt49/oC1rgQ3R3bXXNVftVcj5zR4FjipcLC1aNwubSQwyw
EhgDCSJL6JYxb510Wli+/Esv5j28N+1uVVM7VakBSp2q546IM6QoljDOBM/a6B5R
UCiY9TvPzWPSVYEDSlPx6chVZIUa6QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFISp
gbuGNPczk4aXs1AyLh7ygDpDMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82OUVBODg2QzdGMEExMUVGOTBGOTYzQjM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcpHMA0GCSqGSIb3DQEBCwUA
A4IBAQCbuVKXntLL/YtQ1dmAEDpIVZ/Hfv6pKW70lLyuK5yqlOXNizlkV80vZ1uL
v/lELpeOSBtDBZyZrumGxLKyCJ/xpra+G30z2Rvnwwf+d+FWSm9X+y+VM4c4Ic35
P+iWQ2lrH7Mcx3UlSxBd6uDu0tCdbGlJTjCCipu2xO2W8QaVbvtOI8jq+GAQCtlC
xhEIp/keI1DGvuCdCIzMV9JcbciBlQAdTV0D/vN40XhK/3WDocdh0mg/JGu4nyrU
idOWL8cxVH3NHBd5+kkSFWzM74ijGcduIjbOZpm6iu7RNbZsiDiMtuVRpphHW63O
mZVck8uHkOPbJEyDki8tP3M1S9yr
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:33 2024 by rpki-client on console-fra.rpki-client.org