Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/70A37E9CA74C11EFB96C7089762E951A.roa
File: 70A37E9CA74C11EFB96C7089762E951A.roa (raw, json)
Hash identifier: H0WA0198Enq10RzzNBSr3WuJNXL5MljtA+IAk9wOWs4=
Subject key identifier: E0:93:67:D6:6E:D8:E5:8F:FD:F0:EE:20:BE:95:CD:66:6A:72:1C:B7
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D6BA
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/70A37E9CA74C11EFB96C7089762E951A.roa
Signing time: Wed 20 Nov 2024 14:33:42 +0000
ROA not before: Wed 20 Nov 2024 14:33:38 +0000
ROA not after: Sat 30 Nov 2024 14:33:38 +0000
asID: 202656
IP address blocks: 45.199.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 54970 (0xd6ba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 20 14:33:38 2024 GMT
Not After : Nov 30 14:33:38 2024 GMT
Subject: CN=673df346-e979
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:69:e7:a4:c9:51:1e:c5:ac:e5:3d:94:d4:61:
64:b1:9e:6e:d9:cd:a0:fc:0f:e2:49:d4:69:8f:6f:
0e:ca:cd:81:88:ea:05:02:9b:84:66:7f:7a:ad:82:
41:47:01:56:3d:6c:8b:d1:03:f1:c3:d5:1e:10:0f:
d2:bb:c2:f3:fe:a6:7e:bd:f7:93:b5:05:a0:86:a9:
3b:1c:24:9a:ec:e9:7c:fa:f7:d8:5b:fe:97:17:e8:
79:ca:f3:c4:c4:9d:0b:5e:35:25:ec:e6:5f:b5:75:
c2:bc:fa:78:60:28:9c:f1:ea:ad:23:10:25:a4:ff:
d5:8d:d7:65:06:93:35:73:b0:44:ae:c6:ab:85:36:
a8:21:26:bd:20:79:3c:17:61:20:2e:42:ee:ef:a1:
03:05:48:bb:a0:84:fa:6a:ba:1a:ec:b8:0b:06:95:
12:c8:7b:45:02:a3:e7:1e:ed:fa:c1:36:04:17:b5:
4e:4c:2f:bc:68:7c:a3:17:f6:25:54:0e:dc:1b:cc:
a4:df:3e:b2:be:42:1c:12:62:3d:8f:de:86:89:72:
4c:95:dc:c6:17:6e:d1:79:10:4b:48:43:65:cb:7a:
c5:06:8e:6b:6b:5c:b3:d8:80:8e:cb:35:1b:5e:ff:
1f:39:2a:ee:f2:3a:54:39:90:74:e9:1f:1d:17:11:
0b:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:93:67:D6:6E:D8:E5:8F:FD:F0:EE:20:BE:95:CD:66:6A:72:1C:B7
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/70A37E9CA74C11EFB96C7089762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.199.207.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:b0:1b:9e:5a:88:99:22:cd:ea:44:a3:c6:87:98:33:1f:7e:
aa:4a:bc:8f:eb:9d:f2:bb:cb:b8:25:74:c8:ee:f8:8f:f9:00:
1a:b1:61:ab:1b:26:f5:c3:57:08:09:6a:9a:9e:27:05:92:90:
d1:94:81:fe:df:fc:28:2e:5d:98:f8:c3:6b:78:02:fd:a8:74:
e0:95:c3:88:08:47:c1:fc:ec:66:7d:26:5c:d4:f1:bd:86:ef:
d0:5e:5e:80:91:46:41:05:15:ae:ae:95:c8:3f:68:db:d1:fe:
e3:02:05:c9:9c:82:9d:77:64:fd:cb:1a:f2:7f:61:d3:61:ff:
9e:22:ff:3e:b2:da:9d:74:ea:23:88:44:40:c3:5c:9f:60:6e:
3a:fc:dc:e5:58:79:5a:68:47:7e:9d:f1:3b:59:2c:55:51:1e:
2b:4d:9c:c7:70:b9:82:cb:42:bd:00:3d:85:43:1b:8e:2a:0f:
08:7f:a5:db:a1:d1:35:44:34:a2:f6:01:b6:b5:18:19:c3:df:
b1:79:bf:94:5c:0b:16:8d:f4:53:1e:02:d3:8e:6d:1f:14:b6:
06:c3:eb:65:15:63:25:2a:63:85:76:de:1f:12:03:c7:c7:ef:
8e:01:1b:ff:48:f0:a2:f3:dd:90:38:63:41:fe:08:27:dd:30:
2a:dc:69:2c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANa6MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTIwMTQzMzM4WhcNMjQxMTMwMTQzMzM4WjAYMRYw
FAYDVQQDEw02NzNkZjM0Ni1lOTc5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAlmnnpMlRHsWs5T2U1GFksZ5u2c2g/A/iSdRpj28Oys2BiOoFApuEZn96
rYJBRwFWPWyL0QPxw9UeEA/Su8Lz/qZ+vfeTtQWghqk7HCSa7Ol8+vfYW/6XF+h5
yvPExJ0LXjUl7OZftXXCvPp4YCic8eqtIxAlpP/VjddlBpM1c7BErsarhTaoISa9
IHk8F2EgLkLu76EDBUi7oIT6aroa7LgLBpUSyHtFAqPnHu36wTYEF7VOTC+8aHyj
F/YlVA7cG8yk3z6yvkIcEmI9j96GiXJMldzGF27ReRBLSENly3rFBo5ra1yz2ICO
yzUbXv8fOSru8jpUOZB06R8dFxELUQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOCT
Z9Zu2OWP/fDuIL6VzWZqchy3MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83MEEzN0U5Q0E3NEMxMUVGQjk2QzcwODk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcfPMA0GCSqGSIb3DQEBCwUA
A4IBAQBqsBueWoiZIs3qRKPGh5gzH36qSryP653yu8u4JXTI7viP+QAasWGrGyb1
w1cICWqanicFkpDRlIH+3/woLl2Y+MNreAL9qHTglcOICEfB/OxmfSZc1PG9hu/Q
Xl6AkUZBBRWurpXIP2jb0f7jAgXJnIKdd2T9yxryf2HTYf+eIv8+stqddOojiERA
w1yfYG46/NzlWHlaaEd+nfE7WSxVUR4rTZzHcLmCy0K9AD2FQxuOKg8If6XbodE1
RDSi9gG2tRgZw9+xeb+UXAsWjfRTHgLTjm0fFLYGw+tlFWMlKmOFdt4fEgPHx++O
ARv/SPCi892QOGNB/ggn3TAq3Gks
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:34 2024 by rpki-client on console-fra.rpki-client.org