Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A4EC641AA32E11EF822003B7762E951A.roa
File: A4EC641AA32E11EF822003B7762E951A.roa (raw, json)
Hash identifier: 3f+yLO3owFxNQ7sB/j0xe4EjDqDPuxveb7Qo5HeEXbc=
Subject key identifier: 63:CD:05:BB:38:3A:A7:20:62:9E:BB:09:E7:72:F5:86:B3:AE:07:49
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D2E5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A4EC641AA32E11EF822003B7762E951A.roa
Signing time: Fri 15 Nov 2024 08:50:20 +0000
ROA not before: Fri 15 Nov 2024 08:50:17 +0000
ROA not after: Sat 21 Dec 2024 08:50:17 +0000
asID: 138456
IP address blocks: 45.202.194.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 53989 (0xd2e5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 15 08:50:17 2024 GMT
Not After : Dec 21 08:50:17 2024 GMT
Subject: CN=67370b4c-aa19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:90:93:00:3e:e3:0a:e3:18:36:02:75:60:49:
c3:4e:cf:2d:c3:0c:2a:7c:16:c4:5b:3c:c9:c4:b6:
52:2e:61:9e:1a:33:d3:86:d4:a9:aa:13:4e:70:c7:
29:3b:f0:2c:8b:67:61:92:20:13:15:9c:d5:4d:68:
3d:8b:e6:bc:f0:35:67:66:00:d0:d2:7c:ba:0f:89:
d9:06:ed:da:2b:c4:4a:ef:9c:4d:9c:fd:a2:a3:a0:
6d:b3:ab:f3:69:d5:14:4a:d1:77:f9:96:e4:46:04:
39:c9:4a:6d:24:c1:39:79:2f:4f:64:17:8f:b1:82:
de:3a:ff:8f:31:06:55:e5:3b:ec:a9:53:ee:68:78:
2e:81:2c:0a:48:1d:2f:da:bf:3b:69:8c:9e:dd:37:
0a:56:45:be:94:46:b7:0f:f2:7c:f5:25:83:24:75:
fc:c1:42:db:a3:bc:ae:96:65:d7:a4:ec:3d:24:ed:
bc:59:3e:b9:d9:95:7f:a0:6b:c8:e6:91:6d:ac:a1:
92:29:5b:d5:cc:60:3f:68:8a:59:b7:24:b6:91:fb:
96:e5:cb:68:b1:88:fa:b4:f9:e3:0d:10:17:59:c5:
a5:0a:62:c3:ae:13:35:ca:87:e6:cd:63:b7:8b:d5:
a8:75:54:31:0c:eb:13:de:84:a5:b4:7e:8f:7c:51:
a5:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:CD:05:BB:38:3A:A7:20:62:9E:BB:09:E7:72:F5:86:B3:AE:07:49
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A4EC641AA32E11EF822003B7762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.202.194.0/23
Signature Algorithm: sha256WithRSAEncryption
74:a0:24:68:24:f6:10:bf:76:85:55:11:83:e1:01:4b:fd:f7:
b4:e4:87:cb:03:17:9d:b6:88:eb:63:cc:2e:ca:c2:66:35:d8:
a4:bd:1e:5a:c2:a2:17:8c:98:a7:44:53:ab:da:d9:ad:d5:a4:
66:a1:91:90:e4:42:d3:5b:5b:18:d0:6c:6d:ae:bb:7c:00:3d:
1f:04:8e:76:b3:04:ec:6e:60:6c:4f:a1:ee:f5:3e:dc:c8:c7:
22:12:02:6e:dc:fb:86:e7:1c:8b:1e:ad:a2:3e:18:d5:aa:69:
8a:b0:d3:0f:24:5c:86:f7:c2:f9:11:13:d1:13:06:1f:97:55:
f5:2b:d1:d2:a3:9d:5f:05:9d:59:e5:e7:da:65:57:91:c8:47:
75:b1:0d:d5:3b:68:e9:e0:4a:32:14:2f:88:c8:12:10:df:67:
6a:e5:e5:fb:e6:80:e1:90:3a:a3:21:c8:05:2b:6a:87:eb:2d:
e9:b9:4f:ea:16:35:b5:22:d3:49:ce:a3:2f:6f:7f:d5:e9:90:
2d:92:df:d2:34:a5:8a:b0:13:9e:e2:83:cf:f8:27:da:2b:e4:
d1:46:01:c6:3e:f0:8b:0e:c8:79:0c:90:56:d7:24:37:1c:df:
55:cd:22:5a:98:e7:ca:e9:29:5d:dd:f0:49:6e:39:a5:22:4d:
db:0b:9d:a3
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANLlMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTE1MDg1MDE3WhcNMjQxMjIxMDg1MDE3WjAYMRYw
FAYDVQQDEw02NzM3MGI0Yy1hYTE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxZCTAD7jCuMYNgJ1YEnDTs8twwwqfBbEWzzJxLZSLmGeGjPThtSpqhNO
cMcpO/Asi2dhkiATFZzVTWg9i+a88DVnZgDQ0ny6D4nZBu3aK8RK75xNnP2io6Bt
s6vzadUUStF3+ZbkRgQ5yUptJME5eS9PZBePsYLeOv+PMQZV5TvsqVPuaHgugSwK
SB0v2r87aYye3TcKVkW+lEa3D/J89SWDJHX8wULbo7yulmXXpOw9JO28WT652ZV/
oGvI5pFtrKGSKVvVzGA/aIpZtyS2kfuW5ctosYj6tPnjDRAXWcWlCmLDrhM1yofm
zWO3i9WodVQxDOsT3oSltH6PfFGlgwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGPN
Bbs4OqcgYp67Cedy9YazrgdJMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BNEVDNjQxQUEzMkUxMUVGODIyMDAzQjc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLcrCMA0GCSqGSIb3DQEBCwUA
A4IBAQB0oCRoJPYQv3aFVRGD4QFL/fe05IfLAxedtojrY8wuysJmNdikvR5awqIX
jJinRFOr2tmt1aRmoZGQ5ELTW1sY0Gxtrrt8AD0fBI52swTsbmBsT6Hu9T7cyMci
EgJu3PuG5xyLHq2iPhjVqmmKsNMPJFyG98L5ERPREwYfl1X1K9HSo51fBZ1Z5efa
ZVeRyEd1sQ3VO2jp4EoyFC+IyBIQ32dq5eX75oDhkDqjIcgFK2qH6y3puU/qFjW1
ItNJzqMvb3/V6ZAtkt/SNKWKsBOe4oPP+CfaK+TRRgHGPvCLDsh5DJBW1yQ3HN9V
zSJamOfK6Sld3fBJbjmlIk3bC52j
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:42 2024 by rpki-client on console-fra.rpki-client.org