Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BA97AD24719C11EFA171FA4E762E951A.roa
File: BA97AD24719C11EFA171FA4E762E951A.roa (raw, json)
Hash identifier: oYH9GKTBDUp3g4MJLbhTyRMofMZRErq2v1mw/vayCNU=
Subject key identifier: 32:DB:FE:B2:36:18:6A:C7:63:2D:3C:8E:8A:AB:3D:F1:BC:23:1A:D6
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: B516
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BA97AD24719C11EFA171FA4E762E951A.roa
Signing time: Fri 13 Sep 2024 06:52:23 +0000
ROA not before: Fri 13 Sep 2024 06:52:19 +0000
ROA not after: Fri 08 Aug 2025 06:52:19 +0000
asID: 133861
IP address blocks: 45.207.56.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46358 (0xb516)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 13 06:52:19 2024 GMT
Not After : Aug 8 06:52:19 2025 GMT
Subject: CN=66e3e127-462f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:cb:fe:9b:95:f4:f9:3e:c3:b9:65:c9:70:61:
c6:c4:89:2b:dc:0e:8f:40:8f:9e:53:a8:8e:fa:77:
d0:f1:51:36:a4:4e:26:04:74:f7:83:b8:6f:db:ca:
05:d1:8e:4f:5e:01:55:82:cc:bb:c2:33:db:0d:9e:
a1:ca:cd:e5:88:2f:28:ef:90:f3:16:71:02:87:b3:
c6:5f:ba:17:9d:d4:ad:a6:b2:84:13:2e:36:a7:a2:
b4:e4:e6:57:1a:db:a6:a7:6e:04:04:76:08:f7:6e:
98:38:a7:a8:6b:32:f1:1b:fa:69:b2:be:93:5e:8d:
2b:a6:60:3a:f7:bf:f2:90:a3:24:95:6b:b6:c8:67:
d8:88:3a:52:77:33:e6:ba:b0:35:bc:da:42:42:6a:
8e:c7:05:03:ea:73:70:21:66:65:c1:bf:4b:6f:16:
22:4c:2a:76:7b:97:51:7d:8d:55:bd:35:1f:7e:97:
28:0e:44:fb:fe:4d:d0:a9:4d:fd:1f:39:c7:2b:e6:
62:75:a6:95:ad:fa:94:f8:22:a1:ea:da:d1:4b:8d:
cf:bc:a7:02:98:94:d4:34:af:94:c1:7a:4f:74:41:
91:77:68:43:ee:d4:4c:a7:ac:88:38:68:6b:2d:66:
6e:fb:7c:cc:d5:8e:f3:53:35:93:4b:ec:33:4b:13:
1b:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:DB:FE:B2:36:18:6A:C7:63:2D:3C:8E:8A:AB:3D:F1:BC:23:1A:D6
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BA97AD24719C11EFA171FA4E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.207.56.0/24
Signature Algorithm: sha256WithRSAEncryption
79:27:c8:47:cb:e2:76:78:de:fa:46:cd:f2:69:c4:8f:77:b2:
ac:86:e6:39:ee:16:28:91:04:ff:e6:36:7e:24:6c:9a:39:46:
b2:ad:2a:3a:8e:e0:76:9c:9a:80:c6:bf:6e:ad:2b:68:95:b0:
15:de:dd:da:4c:86:e4:35:15:49:c8:28:0b:40:17:73:bf:8f:
5d:aa:c9:50:44:c2:26:83:a5:17:bb:95:bb:e4:7b:5c:37:e8:
a6:b6:07:50:14:65:d1:c1:03:0d:a9:ba:bf:c5:ec:b2:62:94:
f1:4b:98:10:ae:4a:ba:23:b9:7d:53:34:a6:fd:d2:7c:d4:bb:
ec:7d:a4:8c:73:f3:78:6c:ef:1d:8b:7d:4a:6d:c0:a9:04:23:
2c:d3:53:bd:9e:86:c0:37:51:89:f1:fe:fe:a2:50:78:1c:7a:
72:8f:67:24:f3:33:29:f7:32:85:aa:55:84:19:db:ad:09:d2:
81:b0:72:1f:6b:48:6c:ba:c6:f3:39:07:93:59:5d:4d:40:5b:
fc:bf:46:86:4e:4f:6c:68:c9:da:93:4a:41:99:eb:9d:8a:ac:
48:c8:a4:cb:36:63:43:77:88:d1:78:23:8b:0b:0d:4c:6f:9c:
60:43:f8:97:26:eb:1c:f9:7d:9a:5b:dc:b8:af:3e:74:e1:54:
a2:2d:7e:02
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDALUWMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwOTEzMDY1MjE5WhcNMjUwODA4MDY1MjE5WjAYMRYw
FAYDVQQDEw02NmUzZTEyNy00NjJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzcv+m5X0+T7DuWXJcGHGxIkr3A6PQI+eU6iO+nfQ8VE2pE4mBHT3g7hv
28oF0Y5PXgFVgsy7wjPbDZ6hys3liC8o75DzFnECh7PGX7oXndStprKEEy42p6K0
5OZXGtump24EBHYI926YOKeoazLxG/ppsr6TXo0rpmA697/ykKMklWu2yGfYiDpS
dzPmurA1vNpCQmqOxwUD6nNwIWZlwb9LbxYiTCp2e5dRfY1VvTUffpcoDkT7/k3Q
qU39HznHK+ZidaaVrfqU+CKh6trRS43PvKcCmJTUNK+UwXpPdEGRd2hD7tRMp6yI
OGhrLWZu+3zM1Y7zUzWTS+wzSxMbswIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDLb
/rI2GGrHYy08joqrPfG8IxrWMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CQTk3QUQyNDcxOUMxMUVGQTE3MUZBNEU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc84MA0GCSqGSIb3DQEBCwUA
A4IBAQB5J8hHy+J2eN76Rs3yacSPd7KshuY57hYokQT/5jZ+JGyaOUayrSo6juB2
nJqAxr9urStolbAV3t3aTIbkNRVJyCgLQBdzv49dqslQRMImg6UXu5W75HtcN+im
tgdQFGXRwQMNqbq/xeyyYpTxS5gQrkq6I7l9UzSm/dJ81LvsfaSMc/N4bO8di31K
bcCpBCMs01O9nobAN1GJ8f7+olB4HHpyj2ck8zMp9zKFqlWEGdutCdKBsHIfa0hs
usbzOQeTWV1NQFv8v0aGTk9saMnak0pBmeudiqxIyKTLNmNDd4jReCOLCw1Mb5xg
Q/iXJusc+X2aW9y4rz504VSiLX4C
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:45 2024 by rpki-client on console-fra.rpki-client.org