Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BF61D1787E3911EF9B50C193762E951A.roa
File: BF61D1787E3911EF9B50C193762E951A.roa (raw, json)
Hash identifier: QBxeWNDMQkizPqgAnf5v/hTobeQSHdB71g3V1cO1sDU=
Subject key identifier: 29:A4:7E:95:80:82:F8:BD:13:C8:B6:06:A5:80:50:64:46:AA:EB:69
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: BC5D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BF61D1787E3911EF9B50C193762E951A.roa
Signing time: Sun 29 Sep 2024 08:06:36 +0000
ROA not before: Sun 29 Sep 2024 08:06:32 +0000
ROA not after: Mon 30 Dec 2024 08:06:32 +0000
asID: 17561
IP address blocks: 45.200.2.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 48221 (0xbc5d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 29 08:06:32 2024 GMT
Not After : Dec 30 08:06:32 2024 GMT
Subject: CN=66f90a8c-f511
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:49:eb:44:8e:18:a1:d4:64:13:ab:23:e3:ba:
9b:a3:12:dc:17:99:b4:33:07:ac:e5:42:f1:2b:93:
84:8b:a0:cb:ba:07:5a:6b:45:fd:cf:05:86:fc:bc:
f2:54:1d:fe:b0:b8:e9:f0:53:b0:26:92:a4:39:92:
be:56:dd:a3:b2:b1:ed:21:44:1e:6b:72:b4:21:c5:
3e:b2:ad:e7:c3:44:e1:90:a9:19:d7:2a:47:aa:68:
31:04:f2:0e:82:09:16:88:1e:47:5a:cf:c2:c4:7f:
78:cd:f6:0f:96:e7:0b:3a:e6:66:fb:54:b3:e1:96:
e2:e5:7f:d0:4a:b0:8a:ab:60:5b:84:8b:b1:85:ad:
67:2f:32:7d:99:88:67:5f:4d:dd:70:c8:84:e6:d3:
83:de:57:6c:31:b9:e2:f8:ed:cd:fd:40:01:b1:9b:
d8:b0:72:b3:7f:03:e4:0d:de:25:9d:c4:7c:90:92:
0b:9d:c6:27:be:67:13:08:3d:53:49:ce:18:6d:50:
ba:1e:c9:61:8f:cc:e5:70:00:67:e7:73:3e:57:c3:
34:cc:60:5b:15:75:ed:2e:4b:ed:c1:2a:27:f8:6f:
d8:9f:fd:ec:3e:dc:7c:e4:f3:fd:da:9b:88:43:e1:
c9:43:3b:2e:3a:4d:0b:c2:13:cd:48:28:73:e8:be:
51:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:A4:7E:95:80:82:F8:BD:13:C8:B6:06:A5:80:50:64:46:AA:EB:69
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BF61D1787E3911EF9B50C193762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.200.2.0/24
Signature Algorithm: sha256WithRSAEncryption
40:1e:ab:8c:7d:3f:7a:c8:e4:68:19:a0:b5:25:12:5c:29:8c:
31:36:a7:f8:5d:d4:b2:da:f6:29:f4:84:06:97:8a:38:d5:21:
2c:58:d6:f8:b1:73:7f:ba:44:32:6b:67:8c:38:86:ab:5b:ad:
97:90:b3:d2:f8:f8:21:26:68:2f:54:b7:d6:28:0f:39:ce:98:
15:5a:38:97:81:bd:db:11:eb:9d:cd:2d:29:34:29:93:39:40:
c0:7d:e0:f0:cc:d6:21:b5:89:63:0f:fe:2a:b7:34:d1:87:a3:
6f:65:9f:1a:56:fd:ef:da:76:30:89:82:50:de:90:37:64:88:
7c:58:1b:d4:10:c4:d6:2b:d0:8a:8b:69:cc:c2:be:62:fb:ef:
de:a4:7e:17:30:57:b2:4d:8f:df:dc:0e:37:c6:4c:19:0c:db:
14:28:20:25:24:ab:9c:60:45:13:3c:68:7c:84:e5:f2:87:00:
cd:f7:67:1d:90:5f:c5:99:e1:a8:03:0b:dd:79:c5:c0:92:34:
e4:62:90:28:41:93:8a:39:0b:53:11:ae:d5:25:3f:4c:4a:65:
00:f5:29:a4:af:28:35:bf:35:8b:25:df:97:34:a7:aa:31:54:
32:15:00:1e:08:7d:24:d3:a5:05:1a:64:2e:fd:62:10:b3:d3:
1b:f7:e5:b2
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDALxdMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwOTI5MDgwNjMyWhcNMjQxMjMwMDgwNjMyWjAYMRYw
FAYDVQQDEw02NmY5MGE4Yy1mNTExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAt0nrRI4YodRkE6sj47qboxLcF5m0Mwes5ULxK5OEi6DLugdaa0X9zwWG
/LzyVB3+sLjp8FOwJpKkOZK+Vt2jsrHtIUQea3K0IcU+sq3nw0ThkKkZ1ypHqmgx
BPIOggkWiB5HWs/CxH94zfYPlucLOuZm+1Sz4Zbi5X/QSrCKq2BbhIuxha1nLzJ9
mYhnX03dcMiE5tOD3ldsMbni+O3N/UABsZvYsHKzfwPkDd4lncR8kJILncYnvmcT
CD1TSc4YbVC6Hslhj8zlcABn53M+V8M0zGBbFXXtLkvtwSon+G/Yn/3sPtx85PP9
2puIQ+HJQzsuOk0LwhPNSChz6L5RgQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCmk
fpWAgvi9E8i2BqWAUGRGqutpMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CRjYxRDE3ODdFMzkxMUVGOUI1MEMxOTM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcgCMA0GCSqGSIb3DQEBCwUA
A4IBAQBAHquMfT96yORoGaC1JRJcKYwxNqf4XdSy2vYp9IQGl4o41SEsWNb4sXN/
ukQya2eMOIarW62XkLPS+PghJmgvVLfWKA85zpgVWjiXgb3bEeudzS0pNCmTOUDA
feDwzNYhtYljD/4qtzTRh6NvZZ8aVv3v2nYwiYJQ3pA3ZIh8WBvUEMTWK9CKi2nM
wr5i++/epH4XMFeyTY/f3A43xkwZDNsUKCAlJKucYEUTPGh8hOXyhwDN92cdkF/F
meGoAwvdecXAkjTkYpAoQZOKOQtTEa7VJT9MSmUA9Smkryg1vzWLJd+XNKeqMVQy
FQAeCH0k06UFGmQu/WIQs9Mb9+Wy
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:47 2024 by rpki-client on console-ams.rpki-client.org