Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8C1BB5D474C211EFAB5EE281762E951A.roa
File: 8C1BB5D474C211EFAB5EE281762E951A.roa (raw, json)
Hash identifier: VKvCOiOIr5lAX1P7sKqceCv0a8sonQclulfzDkTk78g=
Subject key identifier: 22:8B:71:F4:38:EC:C9:4E:7C:92:B7:11:A9:62:8D:9D:30:7C:90:A7
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: B770
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8C1BB5D474C211EFAB5EE281762E951A.roa
Signing time: Tue 17 Sep 2024 07:00:39 +0000
ROA not before: Tue 17 Sep 2024 07:00:36 +0000
ROA not after: Fri 08 Aug 2025 07:00:36 +0000
asID: 133861
IP address blocks: 45.207.58.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46960 (0xb770)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 17 07:00:36 2024 GMT
Not After : Aug 8 07:00:36 2025 GMT
Subject: CN=66e92917-7078
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:c6:c1:84:6f:41:b3:2d:e7:d6:f5:bd:e1:27:
77:f4:44:fa:f7:6d:2b:e3:21:5e:20:da:4d:7b:5b:
ba:be:f3:64:d0:8c:52:ef:f2:22:84:45:f3:e1:c7:
da:a7:41:ba:7d:0e:5a:14:38:6d:6d:a2:4b:68:40:
e6:9a:99:5c:fb:20:dd:74:05:46:ba:01:cf:3c:da:
61:2a:f2:ca:aa:84:97:0d:87:9a:e0:d2:31:25:d9:
5d:c6:e7:d6:ed:66:e6:84:44:48:98:df:4b:be:05:
de:bb:58:d7:28:a7:42:54:83:fe:ae:c4:ac:7c:76:
ed:b1:6f:71:84:23:96:d0:47:a0:4e:85:39:67:df:
59:5f:a2:0f:b4:d5:18:15:94:53:62:ef:03:fc:0f:
40:d3:b9:b1:07:02:79:ce:58:6d:da:dd:c4:a8:b2:
52:1c:e4:48:47:bf:78:e6:75:a8:0f:98:59:db:26:
0b:16:fe:dd:3b:be:c7:29:23:ee:9f:4a:2b:66:29:
a5:d2:4e:66:56:9f:43:cc:cf:13:0f:76:69:7d:c7:
1f:d6:aa:15:51:74:f3:a1:06:d9:a6:70:4f:e3:80:
8a:61:0b:73:57:ea:2e:3c:75:3e:59:b7:29:96:18:
c4:dd:4d:49:7f:e9:b7:fd:91:7c:7c:42:61:3d:da:
4c:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:8B:71:F4:38:EC:C9:4E:7C:92:B7:11:A9:62:8D:9D:30:7C:90:A7
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8C1BB5D474C211EFAB5EE281762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.207.58.0/24
Signature Algorithm: sha256WithRSAEncryption
74:ed:85:c6:47:73:cd:50:90:b0:c6:6a:9b:33:12:b7:c9:c5:
9b:6f:ce:79:08:a5:88:1d:2d:14:76:24:4a:5a:6b:99:a5:95:
c5:3b:c6:6a:90:c6:0e:5d:3d:de:50:91:22:a0:36:b7:19:49:
ba:73:5b:c0:b6:da:7a:9b:1b:1d:a9:bc:ef:cb:8d:40:38:d1:
ef:23:bb:03:90:ab:70:7c:d3:c9:1f:27:be:07:2b:21:e5:14:
5b:f2:32:86:61:c0:e9:86:fb:3f:93:a4:6b:f6:0f:a8:37:92:
c6:c1:e2:e1:b9:3c:ff:24:4b:fb:c9:00:ec:7c:1d:01:82:2b:
f2:a0:be:f3:89:b2:38:fb:ae:9a:f5:00:8a:b8:c7:b1:86:b0:
75:21:ad:9a:ca:51:7a:02:b4:42:2d:cd:8d:59:ae:b6:32:d4:
4c:e7:14:d7:e1:a9:98:0c:c5:58:de:b2:9c:0d:39:26:25:b3:
9c:c2:c4:b4:8b:5e:81:32:2e:40:83:43:a3:9a:2f:ee:35:5a:
0f:f1:e2:23:fc:d6:8c:cd:b3:a9:4f:c3:ce:20:30:1d:43:e8:
ee:46:73:35:f1:47:37:c0:b6:42:4d:74:8c:ad:f5:e8:38:1f:
75:5c:bb:1f:95:e6:b3:4a:6b:06:08:6c:b1:de:8b:4d:7e:64:
d2:b3:17:5e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDALdwMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwOTE3MDcwMDM2WhcNMjUwODA4MDcwMDM2WjAYMRYw
FAYDVQQDEw02NmU5MjkxNy03MDc4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyMbBhG9Bsy3n1vW94Sd39ET6920r4yFeINpNe1u6vvNk0IxS7/IihEXz
4cfap0G6fQ5aFDhtbaJLaEDmmplc+yDddAVGugHPPNphKvLKqoSXDYea4NIxJdld
xufW7WbmhERImN9LvgXeu1jXKKdCVIP+rsSsfHbtsW9xhCOW0EegToU5Z99ZX6IP
tNUYFZRTYu8D/A9A07mxBwJ5zlht2t3EqLJSHORIR7945nWoD5hZ2yYLFv7dO77H
KSPun0orZiml0k5mVp9DzM8TD3Zpfccf1qoVUXTzoQbZpnBP44CKYQtzV+ouPHU+
WbcplhjE3U1Jf+m3/ZF8fEJhPdpMjQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCKL
cfQ47MlOfJK3EalijZ0wfJCnMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84QzFCQjVENDc0QzIxMUVGQUI1RUUyODE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc86MA0GCSqGSIb3DQEBCwUA
A4IBAQB07YXGR3PNUJCwxmqbMxK3ycWbb855CKWIHS0UdiRKWmuZpZXFO8ZqkMYO
XT3eUJEioDa3GUm6c1vAttp6mxsdqbzvy41AONHvI7sDkKtwfNPJHye+Bysh5RRb
8jKGYcDphvs/k6Rr9g+oN5LGweLhuTz/JEv7yQDsfB0BgivyoL7zibI4+66a9QCK
uMexhrB1Ia2aylF6ArRCLc2NWa62MtRM5xTX4amYDMVY3rKcDTkmJbOcwsS0i16B
Mi5Ag0Ojmi/uNVoP8eIj/NaMzbOpT8POIDAdQ+juRnM18Uc3wLZCTXSMrfXoOB91
XLsfleazSmsGCGyx3otNfmTSsxde
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:39 2024 by rpki-client on console-ams.rpki-client.org