Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B00642B0A31211EFB0C7C38A762E951A.roa
File: B00642B0A31211EFB0C7C38A762E951A.roa (raw, json)
Hash identifier: CSTJw5SlrGsx8MmfU+CwTdpTc/8MfF/He0+LDTdHoZo=
Subject key identifier: 40:A7:13:23:EE:7A:F8:35:F2:9E:67:12:FB:53:45:51:7D:B4:42:71
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D2D5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B00642B0A31211EFB0C7C38A762E951A.roa
Signing time: Fri 15 Nov 2024 05:30:13 +0000
ROA not before: Fri 15 Nov 2024 05:30:09 +0000
ROA not after: Mon 07 Apr 2025 05:30:09 +0000
asID: 209242
IP address blocks: 45.205.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 53973 (0xd2d5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 15 05:30:09 2024 GMT
Not After : Apr 7 05:30:09 2025 GMT
Subject: CN=6736dc65-7264
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:46:4d:83:79:91:61:94:a0:12:54:9f:c5:83:
37:b5:4d:87:25:67:2b:ba:ed:03:da:61:d1:07:b3:
38:2b:e4:47:34:d2:99:4b:c5:0e:6c:47:57:91:41:
52:1c:3b:f7:15:dc:aa:c2:bc:0b:03:35:df:48:c3:
db:ce:6a:dc:15:73:34:9e:ff:80:ea:14:69:34:2a:
e0:90:f2:f1:83:40:42:7c:92:ca:c2:c0:35:bd:fe:
97:42:01:3c:89:fe:9b:9c:09:30:c7:9c:e1:3e:29:
0b:16:4a:63:29:ba:c6:0b:9e:46:2a:eb:15:c4:d0:
f6:84:f4:f0:d6:30:f5:04:88:55:db:02:11:e3:a3:
de:5e:7d:3b:39:7d:3d:27:fd:83:6f:ef:ac:25:15:
3a:21:86:fc:1b:b8:71:26:db:29:fa:ed:e9:7b:57:
b0:0a:cd:73:73:e4:91:1f:66:a3:6b:c2:90:ea:49:
b5:78:8c:2f:40:2c:ca:68:6e:0d:6f:c6:04:fd:5d:
2f:b7:c5:b3:6f:aa:58:93:2a:b8:de:ec:b4:db:bb:
90:67:07:6d:03:c2:5c:d1:6a:d7:2f:e4:cc:e4:a3:
96:82:84:ba:a9:8f:10:58:29:54:7f:48:81:35:5c:
0a:5d:3b:8f:02:b7:d6:6b:fc:ee:b3:c7:99:e7:6b:
11:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:A7:13:23:EE:7A:F8:35:F2:9E:67:12:FB:53:45:51:7D:B4:42:71
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B00642B0A31211EFB0C7C38A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.205.0.0/24
Signature Algorithm: sha256WithRSAEncryption
57:11:7f:6a:68:84:d4:68:c6:98:3a:5d:8a:18:af:2a:a4:0d:
78:2f:06:a2:9d:50:80:c8:63:86:a5:5c:ac:31:0e:3d:5f:49:
4d:0c:e5:8e:b9:0f:47:37:16:c9:8c:f1:e5:67:5a:4d:2c:e5:
f6:c5:46:ed:3d:a1:ef:f6:ab:60:ce:bd:f7:30:b2:de:f2:6b:
3c:2b:11:15:14:46:fc:d4:dc:28:37:d2:b7:5e:90:b6:25:95:
6d:bd:28:63:f1:5f:57:62:5e:2d:68:c0:4e:1c:a3:28:b4:41:
85:8a:73:d3:5f:80:b9:08:93:d9:06:6f:e9:8c:c2:51:af:8b:
1e:c8:a5:a6:0d:6d:88:95:68:81:6c:d2:b5:f2:cd:1e:64:4c:
cd:ab:61:a0:86:0c:ad:3f:16:a7:50:8e:89:52:da:a3:60:e0:
e0:20:e1:48:c6:22:98:9d:32:11:cb:ff:85:15:4f:7f:77:e8:
c8:2e:8e:07:87:39:d7:1b:da:54:6f:35:8b:f2:b9:2e:70:c6:
96:9a:fc:3f:d3:b5:ac:58:52:39:7a:8e:54:de:f9:df:55:16:
bc:c4:b6:4d:c8:ed:b1:b4:69:b8:d7:2f:09:4a:a1:57:cf:68:
0a:61:1e:b6:b6:83:87:d2:8d:b9:c3:56:20:ae:9d:0b:01:b3:
00:a1:dc:7b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANLVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTE1MDUzMDA5WhcNMjUwNDA3MDUzMDA5WjAYMRYw
FAYDVQQDEw02NzM2ZGM2NS03MjY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAw0ZNg3mRYZSgElSfxYM3tU2HJWcruu0D2mHRB7M4K+RHNNKZS8UObEdX
kUFSHDv3FdyqwrwLAzXfSMPbzmrcFXM0nv+A6hRpNCrgkPLxg0BCfJLKwsA1vf6X
QgE8if6bnAkwx5zhPikLFkpjKbrGC55GKusVxND2hPTw1jD1BIhV2wIR46PeXn07
OX09J/2Db++sJRU6IYb8G7hxJtsp+u3pe1ewCs1zc+SRH2aja8KQ6km1eIwvQCzK
aG4Nb8YE/V0vt8Wzb6pYkyq43uy027uQZwdtA8Jc0WrXL+TM5KOWgoS6qY8QWClU
f0iBNVwKXTuPArfWa/zus8eZ52sRywIDAQABo4ICojCCAp4wHQYDVR0OBBYEFECn
EyPuevg18p5nEvtTRVF9tEJxMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CMDA2NDJCMEEzMTIxMUVGQjBDN0MzOEE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc0AMA0GCSqGSIb3DQEBCwUA
A4IBAQBXEX9qaITUaMaYOl2KGK8qpA14LwainVCAyGOGpVysMQ49X0lNDOWOuQ9H
NxbJjPHlZ1pNLOX2xUbtPaHv9qtgzr33MLLe8ms8KxEVFEb81NwoN9K3XpC2JZVt
vShj8V9XYl4taMBOHKMotEGFinPTX4C5CJPZBm/pjMJRr4seyKWmDW2IlWiBbNK1
8s0eZEzNq2GghgytPxanUI6JUtqjYODgIOFIxiKYnTIRy/+FFU9/d+jILo4HhznX
G9pUbzWL8rkucMaWmvw/07WsWFI5eo5U3vnfVRa8xLZNyO2xtGm41y8JSqFXz2gK
YR62toOH0o25w1Ygrp0LAbMAodx7
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:44 2024 by rpki-client on console-fra.rpki-client.org