Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7D3F4DC2132011EFA2F76941017001B1.roa
File: 7D3F4DC2132011EFA2F76941017001B1.roa (raw, json)
Hash identifier: Yb0t69ulPARaPVhu1uZY9I/CY1SmQNQhrXrP6Uw5Qo4=
Subject key identifier: F3:76:BD:02:6B:29:12:76:58:12:88:E3:32:E6:A8:3A:99:BB:79:53
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 8A86
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7D3F4DC2132011EFA2F76941017001B1.roa
Signing time: Thu 16 May 2024 01:06:13 +0000
ROA not before: Thu 16 May 2024 01:06:10 +0000
ROA not after: Mon 26 May 2025 01:06:10 +0000
asID: 63199
IP address blocks: 45.196.22.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35462 (0x8a86)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 16 01:06:10 2024 GMT
Not After : May 26 01:06:10 2025 GMT
Subject: CN=66455c05-a390
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:36:29:19:e2:7a:35:e2:c8:52:5f:b9:23:21:
4f:4f:c0:1d:31:a4:be:88:3b:64:ce:88:96:84:66:
48:9f:25:12:5f:05:7c:a5:05:eb:9d:68:59:4e:4f:
90:7b:c9:36:94:bf:29:85:eb:30:d8:be:f3:68:85:
13:d4:d1:d9:08:d5:2c:a4:b5:c2:5b:3c:7c:6b:38:
17:b7:a5:2c:02:51:c7:e2:41:6d:e4:79:c5:43:29:
d2:71:55:48:0a:77:6c:79:e7:69:24:37:70:8b:4c:
a7:c7:70:d5:be:0a:2e:21:ac:b1:0a:b7:e1:72:01:
42:f7:4b:7a:51:5e:58:55:6f:03:2d:0f:58:d5:c4:
bf:f5:c7:86:05:06:4f:ee:8e:35:20:86:0e:2a:6a:
23:af:9f:7c:02:5f:2d:9f:ba:bb:fd:de:5c:5b:a6:
75:a2:59:9f:74:a9:1c:2d:35:fd:a0:4b:1a:63:03:
69:f1:89:c7:70:b3:7c:86:68:62:86:80:09:df:f4:
ff:4d:fb:fc:82:58:f6:37:fe:53:53:78:0b:6b:f9:
7f:4d:0b:4e:71:53:a0:fb:e2:dd:ed:55:dc:75:86:
52:b8:d4:8f:78:a8:8a:82:9e:69:7d:d3:1d:63:f9:
74:45:9d:d6:e2:aa:14:b1:bf:5e:5f:9e:7e:3c:38:
e9:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:76:BD:02:6B:29:12:76:58:12:88:E3:32:E6:A8:3A:99:BB:79:53
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7D3F4DC2132011EFA2F76941017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.22.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:df:35:3c:fc:c4:66:ae:ee:6f:30:ed:55:79:73:bb:0f:24:
94:f7:2a:ee:42:1d:f0:f9:71:c0:e6:c0:d1:9e:89:ec:6b:fa:
9b:ee:e8:7c:93:54:df:ed:ec:07:82:2f:39:be:d0:06:96:d9:
a4:c2:d0:e7:9e:c3:1d:b7:84:6d:e8:be:14:7a:26:59:29:f8:
13:d0:19:99:21:b6:3a:01:e6:ad:fa:01:62:a7:0a:7f:fe:3f:
7d:df:11:bb:28:68:01:e5:40:47:e3:30:fa:d1:29:0d:46:36:
9d:d5:fc:88:a4:62:5a:b9:ff:88:da:01:07:06:ca:7f:bc:c1:
88:67:e7:b7:6b:d9:9b:25:56:51:17:32:81:84:37:b8:fb:8d:
d8:8a:97:0d:f6:27:d4:12:a1:7c:d6:67:28:7b:9b:85:c8:22:
b7:01:40:31:6f:ea:4f:5e:c5:c5:b4:39:60:c1:0a:d8:df:41:
6a:73:85:21:97:a0:6e:26:a9:43:b6:7d:54:17:ca:26:e3:a4:
17:75:8f:ac:6f:52:b2:48:26:ed:9e:92:5e:92:8d:15:31:e5:
c3:54:78:c3:3f:65:70:a8:16:54:b9:2b:0b:73:f8:e7:89:e0:
fd:aa:ea:81:fc:d4:2f:4d:d6:f6:a8:e5:18:b0:91:ec:59:43:
b6:f5:2e:6e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAIqGMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNTE2MDEwNjEwWhcNMjUwNTI2MDEwNjEwWjAYMRYw
FAYDVQQDEw02NjQ1NWMwNS1hMzkwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnTYpGeJ6NeLIUl+5IyFPT8AdMaS+iDtkzoiWhGZInyUSXwV8pQXrnWhZ
Tk+Qe8k2lL8phesw2L7zaIUT1NHZCNUspLXCWzx8azgXt6UsAlHH4kFt5HnFQynS
cVVICndseedpJDdwi0ynx3DVvgouIayxCrfhcgFC90t6UV5YVW8DLQ9Y1cS/9ceG
BQZP7o41IIYOKmojr598Al8tn7q7/d5cW6Z1olmfdKkcLTX9oEsaYwNp8YnHcLN8
hmhihoAJ3/T/Tfv8glj2N/5TU3gLa/l/TQtOcVOg++Ld7VXcdYZSuNSPeKiKgp5p
fdMdY/l0RZ3W4qoUsb9eX55+PDjpeQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPN2
vQJrKRJ2WBKI4zLmqDqZu3lTMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83RDNGNERDMjEzMjAxMUVGQTJGNzY5NDEwMTcwMDFCMS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcQWMA0GCSqGSIb3DQEBCwUA
A4IBAQC23zU8/MRmru5vMO1VeXO7DySU9yruQh3w+XHA5sDRnonsa/qb7uh8k1Tf
7ewHgi85vtAGltmkwtDnnsMdt4Rt6L4UeiZZKfgT0BmZIbY6Aeat+gFipwp//j99
3xG7KGgB5UBH4zD60SkNRjad1fyIpGJauf+I2gEHBsp/vMGIZ+e3a9mbJVZRFzKB
hDe4+43YipcN9ifUEqF81mcoe5uFyCK3AUAxb+pPXsXFtDlgwQrY30Fqc4Uhl6Bu
JqlDtn1UF8om46QXdY+sb1KySCbtnpJeko0VMeXDVHjDP2VwqBZUuSsLc/jnieD9
quqB/NQvTdb2qOUYsJHsWUO29S5u
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:37 2024 by rpki-client on console-ams.rpki-client.org