Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AA9E90A6ED0111EE9E7DAF9E775412E6.roa
File: AA9E90A6ED0111EE9E7DAF9E775412E6.roa (raw, json)
Hash identifier: Os5Jw3alAY3s6uHOzcBbBPgmLkhWmAc1q/pPDYv9tvQ=
Subject key identifier: A6:56:7D:10:28:0B:98:17:92:3B:59:F7:64:6A:DE:28:91:58:72:D5
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 80E5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AA9E90A6ED0111EE9E7DAF9E775412E6.roa
Signing time: Thu 28 Mar 2024 12:49:51 +0000
ROA not before: Thu 28 Mar 2024 12:49:48 +0000
ROA not after: Sat 15 Mar 2025 12:49:48 +0000
asID: 133448
IP address blocks: 45.200.140.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 32997 (0x80e5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Mar 28 12:49:48 2024 GMT
Not After : Mar 15 12:49:48 2025 GMT
Subject: CN=6605676f-8112
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:f8:53:e0:f0:10:2c:d8:a9:8d:fb:0a:4a:8f:
18:88:a6:07:da:fc:7b:9f:8d:2b:25:24:1e:41:61:
ae:a8:0e:88:ed:14:da:f4:42:f2:68:bd:d9:a5:a2:
3d:1d:63:1a:3a:e4:f0:16:18:c2:00:ea:cd:a0:af:
b9:4e:41:92:73:39:18:29:ee:e9:4a:ef:84:6d:02:
3d:0a:3a:d5:ab:89:42:a0:6c:8f:2d:1a:2f:69:68:
0e:cf:ea:66:aa:23:14:8b:87:e6:27:7b:d2:a8:a3:
db:bb:28:52:e2:e5:61:e5:83:78:f2:3a:12:63:cb:
a6:71:1a:3a:b6:ab:d5:27:7c:51:06:79:46:1a:0e:
50:8e:e6:39:d7:b5:79:bd:a9:49:20:d6:e7:cb:4f:
5e:24:6f:a8:e8:00:06:fc:f6:87:04:ed:19:d3:4c:
14:fe:74:bc:6a:36:9d:52:e1:a1:b6:8e:63:d8:84:
a7:4e:0f:bf:85:a6:35:66:62:5f:0b:ae:52:ba:6d:
6e:b0:70:f8:8f:25:fa:2a:d7:d3:dd:cf:f0:6d:cc:
d3:57:76:76:2a:61:fe:ef:42:35:03:a3:f9:a9:b0:
2d:4e:49:24:2c:9c:d6:46:f0:74:23:82:13:86:12:
7c:4a:bf:90:9f:d5:ac:e9:8d:27:70:3c:3f:17:18:
29:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:56:7D:10:28:0B:98:17:92:3B:59:F7:64:6A:DE:28:91:58:72:D5
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AA9E90A6ED0111EE9E7DAF9E775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.200.140.0/22
Signature Algorithm: sha256WithRSAEncryption
15:e3:6c:eb:12:cb:cb:65:1f:79:65:24:be:10:e7:9d:99:73:
b3:21:ae:8b:c1:6d:b8:b5:a1:31:ef:96:de:b8:dd:1f:95:14:
cd:e9:4a:55:e2:b4:68:04:0b:dc:d1:7e:51:c2:1f:30:fa:5a:
95:2e:83:19:ae:5d:0c:f4:3b:11:60:ff:a1:8a:14:19:54:83:
64:df:85:37:35:4a:13:33:e1:e5:36:f9:af:f7:ac:28:6a:05:
d5:f5:d8:8b:33:07:60:2c:74:63:45:4d:6d:03:51:b7:c4:4a:
98:74:04:4d:93:25:02:2d:f6:f1:3f:88:b1:26:60:e1:11:0b:
ef:f6:30:d8:76:94:0c:c5:3c:4b:3d:53:96:06:0b:35:92:9c:
21:b7:22:c4:e3:9a:20:e2:e8:f1:6d:82:2b:be:70:15:3f:45:
d3:21:20:0d:d6:3c:ac:17:05:a8:28:07:df:63:ad:d4:29:74:
c7:45:54:a9:ba:8f:92:4d:08:31:f5:05:6c:b4:ca:60:fa:19:
4c:47:d0:ee:ab:3b:b6:4f:01:ef:61:28:2d:d9:d0:91:be:12:
ff:4b:55:71:d7:36:de:cd:c0:f5:0c:a1:b0:bd:00:c9:d0:45:
4e:81:b8:6d:44:99:29:60:98:77:0d:f8:2b:d2:8d:6d:d7:61:
c9:e4:de:d0
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAIDlMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwMzI4MTI0OTQ4WhcNMjUwMzE1MTI0OTQ4WjAYMRYw
FAYDVQQDEw02NjA1Njc2Zi04MTEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAm/hT4PAQLNipjfsKSo8YiKYH2vx7n40rJSQeQWGuqA6I7RTa9ELyaL3Z
paI9HWMaOuTwFhjCAOrNoK+5TkGSczkYKe7pSu+EbQI9CjrVq4lCoGyPLRovaWgO
z+pmqiMUi4fmJ3vSqKPbuyhS4uVh5YN48joSY8umcRo6tqvVJ3xRBnlGGg5QjuY5
17V5valJINbny09eJG+o6AAG/PaHBO0Z00wU/nS8ajadUuGhto5j2ISnTg+/haY1
ZmJfC65Sum1usHD4jyX6KtfT3c/wbczTV3Z2KmH+70I1A6P5qbAtTkkkLJzWRvB0
I4IThhJ8Sr+Qn9Ws6Y0ncDw/FxgpuwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKZW
fRAoC5gXkjtZ92Rq3iiRWHLVMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BQTlFOTBBNkVEMDExMUVFOUU3REFGOUU3NzU0MTJFNi5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLciMMA0GCSqGSIb3DQEBCwUA
A4IBAQAV42zrEsvLZR95ZSS+EOedmXOzIa6LwW24taEx75beuN0flRTN6UpV4rRo
BAvc0X5Rwh8w+lqVLoMZrl0M9DsRYP+hihQZVINk34U3NUoTM+HlNvmv96woagXV
9diLMwdgLHRjRU1tA1G3xEqYdARNkyUCLfbxP4ixJmDhEQvv9jDYdpQMxTxLPVOW
Bgs1kpwhtyLE45og4ujxbYIrvnAVP0XTISAN1jysFwWoKAffY63UKXTHRVSpuo+S
TQgx9QVstMpg+hlMR9Duqzu2TwHvYSgt2dCRvhL/S1Vx1zbezcD1DKGwvQDJ0EVO
gbhtRJkpYJh3Dfgr0o1t12HJ5N7Q
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:44 2024 by rpki-client on console-ams.rpki-client.org