Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/86E66D96A74B11EFAE864B83762E951A.roa
File: 86E66D96A74B11EFAE864B83762E951A.roa (raw, json)
Hash identifier: Am3xYkgJFBTp8FFxpusVc+6JFFpB0SMK6FQF+XhDBOI=
Subject key identifier: 0F:78:83:B7:B8:8A:61:84:32:74:65:FC:EB:20:B3:B0:81:DB:C7:4E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D6B0
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/86E66D96A74B11EFAE864B83762E951A.roa
Signing time: Wed 20 Nov 2024 14:27:10 +0000
ROA not before: Wed 20 Nov 2024 14:27:05 +0000
ROA not after: Sat 30 Nov 2024 14:27:05 +0000
asID: 202656
IP address blocks: 45.199.202.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 54960 (0xd6b0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 20 14:27:05 2024 GMT
Not After : Nov 30 14:27:05 2024 GMT
Subject: CN=673df1be-e235
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:70:25:44:66:11:cd:dd:21:aa:12:0b:5e:25:
60:2e:2f:bc:49:26:b2:12:cd:f9:6f:8e:93:73:6a:
b0:23:6c:46:c5:6c:63:58:1a:38:2b:34:8d:9b:77:
64:11:92:c9:9b:f2:9e:84:cf:c8:5f:49:9d:41:b2:
6c:5b:b6:41:cf:cc:70:19:03:b7:23:31:43:51:21:
83:ab:82:e0:69:14:a2:b6:9a:83:5b:8b:97:5e:75:
d6:68:f6:da:b1:6c:80:84:ad:55:8d:3a:56:ca:a5:
89:f6:8d:17:94:38:05:93:b0:cb:f2:db:d5:20:7c:
1b:c9:da:cf:5c:9a:c7:78:be:ba:cb:d3:ec:3d:b9:
b3:e5:3b:16:c5:61:d6:9e:e7:77:74:26:52:63:61:
11:44:7c:50:33:14:b3:79:9e:22:ed:71:b9:32:00:
b6:b7:ad:80:23:e6:62:59:10:4e:ad:09:4d:3a:00:
74:12:fe:9d:84:0e:cc:7a:38:8c:6f:70:00:27:b8:
b8:0d:5c:fc:7a:a9:61:f4:9f:e1:29:b9:d9:8f:bc:
d2:4d:fb:cc:69:d2:5c:63:1d:18:8a:44:26:be:79:
2b:22:52:a2:b6:bf:76:e3:62:6f:5e:59:d1:ae:d7:
55:1c:c5:2b:4c:ec:79:f6:43:3e:22:b9:46:b2:f9:
43:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:78:83:B7:B8:8A:61:84:32:74:65:FC:EB:20:B3:B0:81:DB:C7:4E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/86E66D96A74B11EFAE864B83762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.199.202.0/24
Signature Algorithm: sha256WithRSAEncryption
91:56:dd:6c:f1:6e:ce:29:62:3b:d9:52:a6:91:4b:1a:3a:12:
e8:cb:20:7c:ec:ea:58:43:82:81:74:c8:0f:86:ba:fc:8b:47:
93:76:23:6d:e6:9a:48:0a:15:ce:15:86:7d:a4:01:37:fe:de:
b6:a9:d8:e9:4c:77:1b:27:eb:6d:c2:8c:bf:94:13:5f:7c:0d:
09:26:3f:65:47:d0:9c:07:ae:c9:b3:5a:14:e1:e4:c8:8e:98:
9f:43:b7:02:4d:5c:06:6e:87:20:f3:2b:17:19:d1:3d:00:b3:
a9:04:3d:bb:00:0f:26:7e:f7:79:68:b6:33:1f:59:90:68:89:
41:26:47:07:a6:62:ad:ee:15:b8:b0:9b:e3:95:75:31:d7:35:
8a:35:d1:fa:59:c2:64:d9:ec:d3:47:41:38:07:53:d7:6d:a6:
72:ca:23:c6:15:73:4f:a6:87:2c:21:18:d6:b1:3f:b6:eb:de:
2d:05:59:e9:57:40:d7:24:29:b6:80:07:f0:7c:24:8f:40:d7:
d1:67:73:6e:8b:eb:48:4f:fb:db:31:9a:85:c9:a2:90:08:22:
26:57:e7:a1:ad:a0:13:0b:83:f0:06:e8:b3:ec:85:a4:e4:38:
24:ca:91:b4:59:e5:d9:d0:10:20:e1:da:99:fb:1d:cf:1b:73:
70:42:67:9f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANawMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTIwMTQyNzA1WhcNMjQxMTMwMTQyNzA1WjAYMRYw
FAYDVQQDEw02NzNkZjFiZS1lMjM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA73AlRGYRzd0hqhILXiVgLi+8SSayEs35b46Tc2qwI2xGxWxjWBo4KzSN
m3dkEZLJm/KehM/IX0mdQbJsW7ZBz8xwGQO3IzFDUSGDq4LgaRSitpqDW4uXXnXW
aPbasWyAhK1VjTpWyqWJ9o0XlDgFk7DL8tvVIHwbydrPXJrHeL66y9PsPbmz5TsW
xWHWnud3dCZSY2ERRHxQMxSzeZ4i7XG5MgC2t62AI+ZiWRBOrQlNOgB0Ev6dhA7M
ejiMb3AAJ7i4DVz8eqlh9J/hKbnZj7zSTfvMadJcYx0YikQmvnkrIlKitr9242Jv
XlnRrtdVHMUrTOx59kM+IrlGsvlD7wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFA94
g7e4imGEMnRl/Osgs7CB28dOMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84NkU2NkQ5NkE3NEIxMUVGQUU4NjRCODM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcfKMA0GCSqGSIb3DQEBCwUA
A4IBAQCRVt1s8W7OKWI72VKmkUsaOhLoyyB87OpYQ4KBdMgPhrr8i0eTdiNt5ppI
ChXOFYZ9pAE3/t62qdjpTHcbJ+ttwoy/lBNffA0JJj9lR9CcB67Js1oU4eTIjpif
Q7cCTVwGbocg8ysXGdE9ALOpBD27AA8mfvd5aLYzH1mQaIlBJkcHpmKt7hW4sJvj
lXUx1zWKNdH6WcJk2ezTR0E4B1PXbaZyyiPGFXNPpocsIRjWsT+2694tBVnpV0DX
JCm2gAfwfCSPQNfRZ3Nui+tIT/vbMZqFyaKQCCImV+ehraATC4PwBuiz7IWk5Dgk
ypG0WeXZ0BAg4dqZ+x3PG3NwQmef
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:38 2024 by rpki-client on console-ams.rpki-client.org