Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7D98FCF274C111EF94FF767B762E951A.roa
File: 7D98FCF274C111EF94FF767B762E951A.roa (raw, json)
Hash identifier: C2R+0obLNVPXytVNmQt9zbwybYr/jFvRYlNUklFF2Gs=
Subject key identifier: 13:E6:8A:4D:78:81:C8:0E:EF:B8:A4:88:CD:AE:E9:92:B7:4C:BD:A0
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: B76E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7D98FCF274C111EF94FF767B762E951A.roa
Signing time: Tue 17 Sep 2024 06:53:06 +0000
ROA not before: Tue 17 Sep 2024 06:53:02 +0000
ROA not after: Wed 19 Mar 2025 06:53:02 +0000
asID: 140403
IP address blocks: 45.198.1.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46958 (0xb76e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 17 06:53:02 2024 GMT
Not After : Mar 19 06:53:02 2025 GMT
Subject: CN=66e92752-0cc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:d4:35:e2:92:eb:7b:9d:2e:97:35:38:e0:b0:
b9:7f:9e:36:4c:aa:56:ba:b1:c4:f5:d8:88:c4:68:
70:22:e7:5e:d9:e7:50:bb:03:ac:a5:cb:27:80:1f:
81:d4:5e:ca:2a:8f:23:c7:16:ac:c4:d1:22:1c:b4:
3e:8c:6e:58:d0:e7:84:4e:c2:a4:4c:99:c4:24:1e:
75:56:4f:d2:4b:9c:0f:a3:3a:ab:47:96:e9:4a:be:
8d:3a:6d:0c:96:83:4e:e5:fc:10:9a:81:7d:02:c2:
41:1d:92:63:2e:d3:a8:b7:23:69:22:ef:b3:be:13:
46:52:ea:09:35:6f:ff:50:6d:73:d8:52:f2:cb:f2:
d9:27:0f:7a:89:a0:0b:6f:67:05:03:f0:09:8e:80:
a0:2b:c3:ec:22:c8:9b:b5:1d:12:ac:48:4a:d4:f5:
ed:80:4c:57:b6:33:38:dc:09:16:b5:c2:29:86:0e:
91:87:ce:4c:94:ac:e4:a1:65:56:71:34:01:f0:3a:
21:32:c4:2b:aa:b2:42:93:16:22:4e:68:f4:0c:3a:
a1:ab:51:1d:56:b0:a5:26:0a:69:a4:67:73:2a:08:
7d:29:ab:48:74:74:97:6a:fa:55:81:33:94:3c:b9:
8f:10:e0:cb:7e:a2:79:68:c9:5a:0a:c2:56:0c:9b:
f4:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:E6:8A:4D:78:81:C8:0E:EF:B8:A4:88:CD:AE:E9:92:B7:4C:BD:A0
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7D98FCF274C111EF94FF767B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.198.1.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:e9:14:de:8b:a7:f8:13:bc:bf:7f:7d:f7:b5:55:96:70:55:
9e:16:82:3b:5a:39:39:4e:e2:77:f0:f3:f6:0b:89:00:ec:1e:
70:5d:00:9a:ed:85:e3:8a:f7:86:d5:c3:c6:da:8d:45:14:a7:
3f:e1:c2:18:6c:35:f5:b0:c0:55:6e:34:ac:7e:54:7c:71:d1:
c0:f3:77:40:a2:96:e9:9f:d2:d7:eb:eb:6e:ed:d2:b5:1b:d1:
01:fd:ca:0a:c6:d6:79:bc:37:7f:66:2b:0b:ff:37:64:81:2e:
01:55:13:4c:13:59:f6:53:b4:7a:01:a9:05:43:4d:ce:d3:21:
2d:9f:cc:35:be:81:ea:b9:02:4f:a2:55:db:84:27:cd:c7:95:
39:6c:d2:98:39:14:67:b3:77:7a:e1:45:c8:91:8c:79:67:69:
67:02:e2:2c:d9:65:85:85:30:a3:00:8a:d5:d9:d3:3a:21:63:
46:2e:b8:99:bd:f8:a1:88:1c:75:7d:de:86:0e:5f:ad:7b:9e:
15:e3:fe:32:58:43:71:ce:83:d2:11:87:0a:18:11:2d:11:6c:
39:96:fc:7a:74:65:89:b5:1c:b0:37:f4:ff:66:d7:0b:bd:b2:
5c:8e:fe:5c:fd:0f:b3:05:8b:fa:92:7d:a4:21:4b:ea:d3:91:
cf:fe:2d:d5
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDALduMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwOTE3MDY1MzAyWhcNMjUwMzE5MDY1MzAyWjAYMRYw
FAYDVQQDEw02NmU5Mjc1Mi0wY2M0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqNQ14pLre50ulzU44LC5f542TKpWurHE9diIxGhwIude2edQuwOspcsn
gB+B1F7KKo8jxxasxNEiHLQ+jG5Y0OeETsKkTJnEJB51Vk/SS5wPozqrR5bpSr6N
Om0MloNO5fwQmoF9AsJBHZJjLtOotyNpIu+zvhNGUuoJNW//UG1z2FLyy/LZJw96
iaALb2cFA/AJjoCgK8PsIsibtR0SrEhK1PXtgExXtjM43AkWtcIphg6Rh85MlKzk
oWVWcTQB8DohMsQrqrJCkxYiTmj0DDqhq1EdVrClJgpppGdzKgh9KatIdHSXavpV
gTOUPLmPEODLfqJ5aMlaCsJWDJv0JQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBPm
ik14gcgO77ikiM2u6ZK3TL2gMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83RDk4RkNGMjc0QzExMUVGOTRGRjc2N0I3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcYBMA0GCSqGSIb3DQEBCwUA
A4IBAQBL6RTei6f4E7y/f333tVWWcFWeFoI7Wjk5TuJ38PP2C4kA7B5wXQCa7YXj
iveG1cPG2o1FFKc/4cIYbDX1sMBVbjSsflR8cdHA83dAopbpn9LX6+tu7dK1G9EB
/coKxtZ5vDd/ZisL/zdkgS4BVRNME1n2U7R6AakFQ03O0yEtn8w1voHquQJPolXb
hCfNx5U5bNKYORRns3d64UXIkYx5Z2lnAuIs2WWFhTCjAIrV2dM6IWNGLriZvfih
iBx1fd6GDl+te54V4/4yWENxzoPSEYcKGBEtEWw5lvx6dGWJtRywN/T/ZtcLvbJc
jv5c/Q+zBYv6kn2kIUvq05HP/i3V
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:36 2024 by rpki-client on console-fra.rpki-client.org