Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8F8A9768734F11EFA64609BC762E951A.roa
File: 8F8A9768734F11EFA64609BC762E951A.roa (raw, json)
Hash identifier: 1jWWv/lH+IzUL27wP3OBb3J2jv8JQet3qiRimHLS8Ns=
Subject key identifier: B1:35:50:A3:3D:EB:3E:70:11:49:F5:AE:0F:C8:CB:C0:6F:02:B8:79
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: B65C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8F8A9768734F11EFA64609BC762E951A.roa
Signing time: Sun 15 Sep 2024 10:45:02 +0000
ROA not before: Sun 15 Sep 2024 10:44:59 +0000
ROA not after: Fri 08 Aug 2025 10:44:59 +0000
asID: 133199
IP address blocks: 45.207.43.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46684 (0xb65c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 15 10:44:59 2024 GMT
Not After : Aug 8 10:44:59 2025 GMT
Subject: CN=66e6baae-8fd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:0d:a0:19:6e:3f:37:59:5c:74:25:ff:7f:5e:
27:3e:3e:8e:21:dd:29:92:b4:0a:af:73:b4:2c:ee:
b3:05:73:0b:48:c6:2e:2c:9f:72:b7:11:73:4b:f6:
1f:07:ac:40:53:99:66:e1:95:45:fe:7f:c3:cb:30:
e2:cd:2e:58:16:c8:85:ae:25:db:c1:1f:3c:32:0c:
f1:33:03:7c:d2:9d:11:a9:7c:cc:72:f5:ba:27:17:
f0:24:1c:61:f5:8a:2e:85:61:be:05:32:a3:14:a3:
e0:2b:c9:88:e4:06:0b:b3:c1:92:3a:b9:a8:70:2c:
76:46:11:a7:43:30:86:4e:9a:87:8b:5b:ab:37:30:
06:d6:a0:fc:61:f4:fa:53:70:e0:81:76:e2:2c:97:
15:3b:31:a7:7e:98:1a:bf:43:b1:8d:2e:45:58:62:
e0:9f:ff:06:18:b3:6c:5e:8c:1c:b4:95:c9:53:fd:
5f:34:cf:01:96:66:c9:04:bd:23:30:7e:dd:f4:31:
95:ea:37:61:fb:06:cb:9d:6c:13:6c:4a:19:79:d9:
c9:15:43:cd:49:13:9e:4f:c2:66:a6:18:c6:06:1e:
15:f3:a8:54:a5:c3:7b:aa:54:3c:de:8c:ec:2f:8e:
e2:4a:2c:f0:78:93:a7:47:b0:4d:d9:05:54:b3:46:
25:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:35:50:A3:3D:EB:3E:70:11:49:F5:AE:0F:C8:CB:C0:6F:02:B8:79
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8F8A9768734F11EFA64609BC762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.207.43.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:a9:4d:3a:5a:a8:93:3d:a5:f9:a3:bd:cf:db:88:63:ec:0a:
eb:66:e5:a7:89:3e:97:d4:17:81:6e:66:53:d3:da:0c:28:f1:
76:d8:5d:ca:bd:1a:c1:09:00:ae:d4:7d:69:4e:b4:15:b8:06:
3e:ee:cc:03:97:b7:6d:7a:f8:76:6e:fd:57:52:42:37:13:89:
b7:84:8a:fc:41:4a:e4:83:d0:19:60:57:54:50:01:6b:41:6e:
98:08:3d:3d:00:ee:9f:fc:d2:e2:77:40:70:12:65:d4:f3:6f:
34:c0:a4:2b:c9:5e:c0:27:fd:05:eb:c7:dd:0d:22:11:91:f5:
1e:8b:39:cc:78:7f:8e:32:27:ca:3e:86:b8:9b:87:8a:53:f2:
7d:8f:de:70:a3:ca:98:2f:e5:57:ad:6b:78:c1:69:87:8e:df:
c8:cd:a1:35:cc:a7:d7:7a:18:47:43:b6:a8:d6:83:5d:34:d0:
d0:1f:03:39:12:26:56:0f:e7:39:14:44:12:0b:39:e4:d8:4b:
36:8e:99:33:fc:61:f9:54:b1:bc:d3:09:3f:b5:d0:82:94:dc:
13:91:74:9b:27:e7:8d:70:13:47:91:ac:6b:7b:68:a0:02:3f:
15:08:0c:aa:6f:d8:e6:60:bc:38:b7:68:ca:79:ed:60:52:46:
a8:dd:37:e2
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDALZcMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwOTE1MTA0NDU5WhcNMjUwODA4MTA0NDU5WjAYMRYw
FAYDVQQDEw02NmU2YmFhZS04ZmQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsA2gGW4/N1lcdCX/f14nPj6OId0pkrQKr3O0LO6zBXMLSMYuLJ9ytxFz
S/YfB6xAU5lm4ZVF/n/DyzDizS5YFsiFriXbwR88MgzxMwN80p0RqXzMcvW6Jxfw
JBxh9YouhWG+BTKjFKPgK8mI5AYLs8GSOrmocCx2RhGnQzCGTpqHi1urNzAG1qD8
YfT6U3DggXbiLJcVOzGnfpgav0OxjS5FWGLgn/8GGLNsXowctJXJU/1fNM8BlmbJ
BL0jMH7d9DGV6jdh+wbLnWwTbEoZednJFUPNSROeT8JmphjGBh4V86hUpcN7qlQ8
3ozsL47iSizweJOnR7BN2QVUs0YlZQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLE1
UKM96z5wEUn1rg/Iy8BvArh5MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84RjhBOTc2ODczNEYxMUVGQTY0NjA5QkM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc8rMA0GCSqGSIb3DQEBCwUA
A4IBAQC8qU06WqiTPaX5o73P24hj7ArrZuWniT6X1BeBbmZT09oMKPF22F3KvRrB
CQCu1H1pTrQVuAY+7swDl7dtevh2bv1XUkI3E4m3hIr8QUrkg9AZYFdUUAFrQW6Y
CD09AO6f/NLid0BwEmXU8280wKQryV7AJ/0F68fdDSIRkfUeiznMeH+OMifKPoa4
m4eKU/J9j95wo8qYL+VXrWt4wWmHjt/IzaE1zKfXehhHQ7ao1oNdNNDQHwM5EiZW
D+c5FEQSCznk2Es2jpkz/GH5VLG80wk/tdCClNwTkXSbJ+eNcBNHkaxre2igAj8V
CAyqb9jmYLw4t2jKee1gUkao3Tfi
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:38 2024 by rpki-client on console-fra.rpki-client.org