Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/829DBB046F5111EF8299BC65762E951A.roa
File: 829DBB046F5111EF8299BC65762E951A.roa (raw, json)
Hash identifier: IKAGoO/1HCkedO0VqBLO5d3ym+nmfpcpJh54iVW+JXM=
Subject key identifier: 8E:BC:69:E7:0C:BF:F7:86:4B:6B:8C:E9:3C:4E:BE:9E:8A:F2:80:88
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: B369
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/829DBB046F5111EF8299BC65762E951A.roa
Signing time: Tue 10 Sep 2024 08:48:55 +0000
ROA not before: Tue 10 Sep 2024 08:48:51 +0000
ROA not after: Fri 14 Mar 2025 08:48:51 +0000
asID: 42831
IP address blocks: 45.207.20.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 45929 (0xb369)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 10 08:48:51 2024 GMT
Not After : Mar 14 08:48:51 2025 GMT
Subject: CN=66e007f7-df4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:a9:8b:bb:4d:6a:dc:2b:8e:d3:fe:27:ef:0e:
1a:26:c0:e4:9a:33:72:53:42:c7:57:d5:be:31:a6:
85:06:6d:28:bc:5d:99:23:04:ba:13:75:3d:c0:a5:
52:e3:fa:94:a7:56:16:4b:6c:a7:20:4d:84:47:70:
bc:03:d5:a0:9c:63:ae:4e:0e:1f:02:ca:77:4f:63:
6b:ec:6d:13:91:81:b9:2b:f2:9d:97:a6:9c:cf:79:
72:5a:86:80:5e:e0:c2:df:de:e6:5d:b4:a8:e0:8c:
6a:31:71:41:d2:43:29:d8:a7:ba:eb:92:64:d3:be:
b5:d2:c4:88:a9:a3:d7:c0:1d:0e:29:f4:49:84:88:
48:af:77:ad:ce:a8:40:34:33:3b:82:26:12:b0:34:
e2:aa:b0:de:3c:dd:06:45:a5:ac:74:15:c6:21:59:
e8:13:c8:02:53:dd:4f:e6:67:06:d6:ff:e9:d1:44:
07:b7:d1:59:87:91:90:60:20:33:94:f1:1d:72:cf:
a6:63:74:ee:6b:0a:54:c6:36:f8:1a:d1:c6:37:cc:
b0:47:15:a2:84:e4:9a:69:61:72:45:54:09:8f:4e:
e5:4c:c7:fe:79:a8:c5:ba:81:c9:2f:68:67:33:8b:
09:4e:8c:a5:19:00:f6:66:08:72:e8:2b:2f:c6:ff:
2d:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:BC:69:E7:0C:BF:F7:86:4B:6B:8C:E9:3C:4E:BE:9E:8A:F2:80:88
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/829DBB046F5111EF8299BC65762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.207.20.0/24
Signature Algorithm: sha256WithRSAEncryption
90:74:ff:f3:a9:e4:95:bd:21:bb:cf:8c:75:0c:bf:46:c8:68:
32:7d:e3:e1:13:c7:a7:d1:bf:5d:88:eb:54:0d:1d:08:f9:ef:
6b:ec:68:5b:22:51:df:d3:9b:d2:0e:6b:22:e8:9a:1e:ab:97:
e5:0c:9f:a3:7f:64:53:78:3a:de:eb:31:a4:ff:75:79:c0:dd:
b7:35:b6:1f:b1:03:de:bc:25:4c:27:1f:5c:a1:b3:6a:70:7e:
61:4c:d5:ce:1b:87:58:b5:1c:c2:28:34:3e:15:c7:cb:37:98:
ad:e0:ca:f2:9c:9f:79:86:20:58:87:10:50:50:5c:ba:30:07:
77:ca:52:89:a0:92:81:1a:90:1d:ec:7d:54:8e:26:6d:9e:0d:
70:43:97:bd:52:f8:c0:5f:06:fd:ff:27:11:28:40:d1:dc:e8:
1d:96:db:72:4d:27:26:1a:04:b8:92:92:e3:b7:e4:1b:a0:b5:
9d:d8:13:c8:f1:16:68:11:b9:1f:e5:4b:ec:4f:62:a1:06:bc:
6d:23:01:8d:1b:ba:0f:ef:68:1c:d5:5b:9e:62:1e:37:12:18:
e3:e3:2d:69:71:ab:78:97:8e:4c:98:6d:16:a8:ea:5e:93:21:
f7:00:f8:22:7e:53:38:3b:9d:d7:f1:67:ac:6f:d1:52:17:b4:
b0:ae:2a:bc
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDALNpMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwOTEwMDg0ODUxWhcNMjUwMzE0MDg0ODUxWjAYMRYw
FAYDVQQDEw02NmUwMDdmNy1kZjRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4KmLu01q3CuO0/4n7w4aJsDkmjNyU0LHV9W+MaaFBm0ovF2ZIwS6E3U9
wKVS4/qUp1YWS2ynIE2ER3C8A9WgnGOuTg4fAsp3T2Nr7G0TkYG5K/Kdl6acz3ly
WoaAXuDC397mXbSo4IxqMXFB0kMp2Ke665Jk07610sSIqaPXwB0OKfRJhIhIr3et
zqhANDM7giYSsDTiqrDePN0GRaWsdBXGIVnoE8gCU91P5mcG1v/p0UQHt9FZh5GQ
YCAzlPEdcs+mY3TuawpUxjb4GtHGN8ywRxWihOSaaWFyRVQJj07lTMf+eajFuoHJ
L2hnM4sJToylGQD2Zghy6Csvxv8tWQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFI68
aecMv/eGS2uM6TxOvp6K8oCIMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84MjlEQkIwNDZGNTExMUVGODI5OUJDNjU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc8UMA0GCSqGSIb3DQEBCwUA
A4IBAQCQdP/zqeSVvSG7z4x1DL9GyGgyfePhE8en0b9diOtUDR0I+e9r7GhbIlHf
05vSDmsi6Joeq5flDJ+jf2RTeDre6zGk/3V5wN23NbYfsQPevCVMJx9cobNqcH5h
TNXOG4dYtRzCKDQ+FcfLN5it4MrynJ95hiBYhxBQUFy6MAd3ylKJoJKBGpAd7H1U
jiZtng1wQ5e9UvjAXwb9/ycRKEDR3OgdlttyTScmGgS4kpLjt+QboLWd2BPI8RZo
Ebkf5UvsT2KhBrxtIwGNG7oP72gc1VueYh43Ehjj4y1pcat4l45MmG0WqOpekyH3
APgiflM4O53X8Wesb9FSF7Swriq8
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:38 2024 by rpki-client on console-ams.rpki-client.org