Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/758522CC1F0111EF9392AA3A7DDC24C2.roa
File: 758522CC1F0111EF9392AA3A7DDC24C2.roa (raw, json)
Hash identifier: BcFjvv1S4DfmljvmytadQaCUJd1VFhAxQFfUVLRKuxs=
Subject key identifier: 6B:F4:9C:9D:60:DF:6D:B9:BA:B5:81:86:41:6C:E4:D4:40:CB:0E:B7
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 8DA7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/758522CC1F0111EF9392AA3A7DDC24C2.roa
Signing time: Fri 31 May 2024 03:54:20 +0000
ROA not before: Fri 31 May 2024 03:54:17 +0000
ROA not after: Wed 07 May 2025 03:54:17 +0000
asID: 133929
IP address blocks: 45.200.104.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 09 Sep 2024 00:16:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 36263 (0x8da7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 31 03:54:17 2024 GMT
Not After : May 7 03:54:17 2025 GMT
Subject: CN=665949ec-d48f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:d3:cc:7b:d6:7d:87:8b:4b:7e:41:60:97:34:
56:ee:e8:f8:b8:9e:4c:74:3a:11:93:32:b6:6e:f6:
8d:25:d5:15:b5:db:80:a4:c2:2a:c9:2f:83:b3:5e:
30:a2:63:cf:af:4b:45:eb:5b:0d:bd:91:78:2f:5e:
1c:32:b1:53:f9:7f:07:43:14:9a:a3:72:35:be:e1:
97:87:37:bb:5b:36:85:fa:74:db:8c:b8:a3:fc:2a:
88:c0:71:72:2f:ea:ed:b8:27:c8:2f:9a:63:03:46:
05:f4:7c:08:96:40:85:7b:eb:3b:3e:2d:1b:69:2e:
67:0b:8b:d5:99:0a:6c:52:ed:8c:6a:d8:cf:d9:82:
08:41:12:8d:be:9b:fe:02:03:54:1b:6c:c9:9b:af:
95:05:28:75:dd:e2:87:5f:e4:2c:c9:9e:8a:9c:0d:
e1:5f:63:df:ae:9f:38:d4:cb:69:ce:38:ee:a1:c7:
61:47:2c:18:7c:c5:99:a3:05:42:f8:58:33:69:c8:
90:94:c7:49:80:2b:6a:2e:9c:66:f5:22:c3:d3:9d:
ce:c7:67:1e:ed:0f:d9:b2:f5:e9:d7:02:96:05:0f:
9c:64:df:94:26:f6:9f:5e:ec:19:bd:36:a1:9a:79:
5d:87:b9:86:a7:cd:f4:2b:fc:8c:30:f8:de:53:0f:
1c:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:F4:9C:9D:60:DF:6D:B9:BA:B5:81:86:41:6C:E4:D4:40:CB:0E:B7
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/758522CC1F0111EF9392AA3A7DDC24C2.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.200.104.0/22
Signature Algorithm: sha256WithRSAEncryption
b7:26:ea:c7:90:2b:15:84:3f:60:ee:72:97:d9:85:ca:74:eb:
70:56:ed:95:5d:6f:e9:d0:32:66:6b:b7:f1:c5:00:93:e9:0e:
4f:43:ee:bc:65:4b:77:f4:87:1a:f9:8e:cc:5e:55:9f:56:b7:
40:0c:0a:37:2b:04:68:db:43:17:cd:50:00:92:21:db:82:57:
1b:7a:30:6c:1b:db:27:85:89:5f:3a:f9:23:b3:da:00:58:1a:
d8:1f:2d:ab:2d:4a:53:75:cc:34:37:ec:29:ec:c5:d1:35:4a:
50:76:18:4c:18:cb:45:69:a6:54:31:05:2a:2a:d1:89:48:a5:
0d:55:b0:b9:ea:f1:39:b6:d4:2e:80:bb:3f:91:66:f6:60:03:
1d:6f:3b:b3:0c:ff:b9:fb:65:b2:8d:e8:d8:0f:9b:df:c3:ba:
e3:e2:6b:95:de:99:16:0e:fd:6e:8f:66:23:f5:77:46:c6:2e:
a9:32:ab:48:39:21:0a:dd:a8:67:2f:2c:dd:7a:a0:3a:05:3e:
1e:a0:32:83:43:20:7f:67:ac:30:ae:c3:64:b5:09:96:2a:c0:
54:44:e7:cd:cb:5d:98:da:1a:00:e8:00:c2:e8:3b:67:0b:0e:
f3:f1:51:f4:0f:e4:39:f2:ca:b2:2d:d2:e0:7c:cd:fa:12:e3:
5c:89:13:3d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAI2nMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNTMxMDM1NDE3WhcNMjUwNTA3MDM1NDE3WjAYMRYw
FAYDVQQDEw02NjU5NDllYy1kNDhmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAudPMe9Z9h4tLfkFglzRW7uj4uJ5MdDoRkzK2bvaNJdUVtduApMIqyS+D
s14womPPr0tF61sNvZF4L14cMrFT+X8HQxSao3I1vuGXhze7WzaF+nTbjLij/CqI
wHFyL+rtuCfIL5pjA0YF9HwIlkCFe+s7Pi0baS5nC4vVmQpsUu2MatjP2YIIQRKN
vpv+AgNUG2zJm6+VBSh13eKHX+QsyZ6KnA3hX2Pfrp841MtpzjjuocdhRywYfMWZ
owVC+FgzaciQlMdJgCtqLpxm9SLD053Ox2ce7Q/ZsvXp1wKWBQ+cZN+UJvafXuwZ
vTahmnldh7mGp830K/yMMPjeUw8cmwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGv0
nJ1g3225urWBhkFs5NRAyw63MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83NTg1MjJDQzFGMDExMUVGOTM5MkFBM0E3RERDMjRDMi5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLchoMA0GCSqGSIb3DQEBCwUA
A4IBAQC3JurHkCsVhD9g7nKX2YXKdOtwVu2VXW/p0DJma7fxxQCT6Q5PQ+68ZUt3
9Ica+Y7MXlWfVrdADAo3KwRo20MXzVAAkiHbglcbejBsG9snhYlfOvkjs9oAWBrY
Hy2rLUpTdcw0N+wp7MXRNUpQdhhMGMtFaaZUMQUqKtGJSKUNVbC56vE5ttQugLs/
kWb2YAMdbzuzDP+5+2WyjejYD5vfw7rj4muV3pkWDv1uj2Yj9XdGxi6pMqtIOSEK
3ahnLyzdeqA6BT4eoDKDQyB/Z6wwrsNktQmWKsBUROfNy12Y2hoA6ADC6DtnCw7z
8VH0D+Q58sqyLdLgfM36EuNciRM9
-----END CERTIFICATE-----
Generated at Sat Sep 7 11:12:07 2024 by rpki-client on console-ams.rpki-client.org