Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/91076EAE86FA11EF961FDAAD762E951A.roa
File: 91076EAE86FA11EF961FDAAD762E951A.roa (raw, json)
Hash identifier: QQ4f1vr+MNxpKSFdEivzkKnL/Ler/ZYO7C/qxOaQ4E4=
Subject key identifier: 28:06:B8:BA:A7:41:AE:0E:79:F2:D9:4E:20:78:7D:B4:7B:B5:E2:CE
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: C2F7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/91076EAE86FA11EF961FDAAD762E951A.roa
Signing time: Thu 10 Oct 2024 11:27:01 +0000
ROA not before: Thu 10 Oct 2024 11:26:50 +0000
ROA not after: Thu 23 Jan 2025 11:26:50 +0000
asID: 10753
IP address blocks: 45.199.149.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 49911 (0xc2f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Oct 10 11:26:50 2024 GMT
Not After : Jan 23 11:26:50 2025 GMT
Subject: CN=6707ba05-0f17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:07:39:fd:1d:d6:d5:7f:3e:5b:9b:65:1a:48:
31:19:ae:74:92:8e:a9:a3:25:b7:3b:04:a7:68:d4:
27:b8:d1:33:4e:9f:26:0b:39:13:cd:a4:77:56:f5:
2e:29:89:12:63:3f:1d:1c:e5:39:7b:84:81:d6:c6:
34:52:af:8a:dc:76:3e:ea:d2:6b:0d:ad:cc:fa:c0:
00:c7:d7:37:bf:1b:e9:5d:f3:cc:66:ad:58:49:ce:
f9:84:4c:0f:e2:07:1f:d6:98:03:3d:9c:0e:53:9b:
b6:56:23:c1:d8:59:76:7f:fe:9d:45:93:63:31:0b:
d5:c2:76:3e:35:36:1b:e5:a3:63:e8:62:b1:ad:c1:
ab:3e:2f:99:32:cf:ba:07:63:83:3f:2c:53:78:ff:
df:83:ca:12:c4:52:63:d8:19:02:01:66:fd:ec:4e:
08:4b:e7:3d:fc:7d:34:67:b6:6d:81:27:81:21:13:
7e:de:4c:d9:a9:33:f7:f2:c0:a8:87:15:3c:1a:d7:
37:3e:31:c6:c1:a0:97:93:bc:d0:50:a0:78:06:62:
6a:b2:cd:bc:1f:90:4f:e7:03:c4:aa:bd:e9:dd:6c:
3c:e1:82:38:a0:0e:ff:a0:51:b4:28:e2:5a:b2:d4:
3e:84:c4:23:14:37:2b:50:33:f5:7f:ae:bf:4a:71:
01:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:06:B8:BA:A7:41:AE:0E:79:F2:D9:4E:20:78:7D:B4:7B:B5:E2:CE
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/91076EAE86FA11EF961FDAAD762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.199.149.0/24
Signature Algorithm: sha256WithRSAEncryption
59:1e:04:8d:ab:d9:37:d2:e7:09:d8:f3:48:71:fc:17:45:8e:
90:12:21:4f:cf:bf:05:4e:ae:0d:24:ed:88:75:c8:72:34:9b:
1e:e5:19:0b:6d:14:2b:e9:f3:ca:35:2c:5f:b1:69:7a:a3:ad:
c3:a6:dd:aa:34:6c:5c:7c:b0:8c:4b:96:6e:04:d4:2a:2b:20:
d2:c3:81:44:4a:a2:6c:54:03:24:43:5c:de:bc:39:64:d2:4c:
94:7f:23:8f:04:0d:44:ed:0b:da:84:05:d3:6b:4a:34:ff:6e:
70:aa:d6:c2:88:d5:c5:49:3b:c9:bc:41:8c:a3:37:1b:da:43:
d3:43:52:54:d1:36:d6:cb:e6:a3:01:37:88:26:4c:32:4e:62:
6e:a3:0c:a0:81:c4:07:ae:58:fe:d4:b0:27:c1:e6:fd:da:fd:
50:40:59:7b:4d:ad:f2:e4:7f:61:51:69:da:5a:91:26:9b:db:
1f:8b:01:e2:ff:2f:af:23:c6:3b:b3:38:7e:33:60:e0:44:bd:
78:10:1f:b4:58:32:70:3a:47:bc:ae:4b:76:d8:45:17:5a:47:
98:f8:9c:bc:22:ca:9c:eb:08:70:e1:d7:91:fb:bc:39:07:ec:
51:d1:99:76:1b:e4:39:b4:a5:d8:35:a4:e2:35:e1:ef:f7:e7:
6d:aa:66:82
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAML3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMDEwMTEyNjUwWhcNMjUwMTIzMTEyNjUwWjAYMRYw
FAYDVQQDEw02NzA3YmEwNS0wZjE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsAc5/R3W1X8+W5tlGkgxGa50ko6poyW3OwSnaNQnuNEzTp8mCzkTzaR3
VvUuKYkSYz8dHOU5e4SB1sY0Uq+K3HY+6tJrDa3M+sAAx9c3vxvpXfPMZq1YSc75
hEwP4gcf1pgDPZwOU5u2ViPB2Fl2f/6dRZNjMQvVwnY+NTYb5aNj6GKxrcGrPi+Z
Ms+6B2ODPyxTeP/fg8oSxFJj2BkCAWb97E4IS+c9/H00Z7ZtgSeBIRN+3kzZqTP3
8sCohxU8Gtc3PjHGwaCXk7zQUKB4BmJqss28H5BP5wPEqr3p3Ww84YI4oA7/oFG0
KOJastQ+hMQjFDcrUDP1f66/SnEBLwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCgG
uLqnQa4OefLZTiB4fbR7teLOMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85MTA3NkVBRTg2RkExMUVGOTYxRkRBQUQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALceVMA0GCSqGSIb3DQEBCwUA
A4IBAQBZHgSNq9k30ucJ2PNIcfwXRY6QEiFPz78FTq4NJO2IdchyNJse5RkLbRQr
6fPKNSxfsWl6o63Dpt2qNGxcfLCMS5ZuBNQqKyDSw4FESqJsVAMkQ1zevDlk0kyU
fyOPBA1E7QvahAXTa0o0/25wqtbCiNXFSTvJvEGMozcb2kPTQ1JU0TbWy+ajATeI
JkwyTmJuowyggcQHrlj+1LAnweb92v1QQFl7Ta3y5H9hUWnaWpEmm9sfiwHi/y+v
I8Y7szh+M2DgRL14EB+0WDJwOke8rkt22EUXWkeY+Jy8Isqc6whw4deR+7w5B+xR
0Zl2G+Q5tKXYNaTiNeHv9+dtqmaC
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:40 2024 by rpki-client on console-ams.rpki-client.org