Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C3B436EC014511EF9CE9B543017001B1.roa
File: C3B436EC014511EF9CE9B543017001B1.roa (raw, json)
Hash identifier: q84Eu+sEeFso/iEnjwRw+g7XF3ovKufHc/uPU/4f/ds=
Subject key identifier: 7C:5D:CB:11:70:AC:DE:BA:64:83:CC:11:30:1F:3C:0C:56:A6:14:F4
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 841A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C3B436EC014511EF9CE9B543017001B1.roa
Signing time: Tue 23 Apr 2024 07:47:42 +0000
ROA not before: Tue 23 Apr 2024 07:47:38 +0000
ROA not after: Sat 11 May 2024 07:47:38 +0000
asID: 7029
IP address blocks: 45.196.48.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 08 May 2024 00:16:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 33818 (0x841a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 23 07:47:38 2024 GMT
Not After : May 11 07:47:38 2024 GMT
Subject: CN=6627679e-28ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:f7:8d:6c:a0:85:c4:1c:bf:14:43:53:bc:64:
da:cd:84:71:87:5e:39:fb:67:ce:fb:48:4a:c5:99:
0d:f9:3c:19:f0:0b:79:75:d3:3a:b2:e1:98:17:76:
45:aa:b5:03:8b:f2:7f:fc:31:86:0c:54:31:93:4b:
08:e7:16:bb:f1:e3:d4:f4:7c:38:a5:38:b5:46:ca:
56:40:f2:14:bd:01:0b:8a:34:97:73:e0:40:f4:ec:
a2:c9:39:cc:e4:8e:f4:fc:6a:5c:b8:ee:54:a5:8e:
bf:32:3f:1a:51:e5:44:ec:a5:56:13:b9:ae:2a:25:
5e:5c:5a:58:e8:68:75:41:cf:aa:06:90:eb:0f:8a:
16:dc:03:b6:9c:13:38:db:2a:76:99:0c:ee:88:05:
b3:b9:72:c0:b4:61:2b:31:b2:d6:f9:f2:e7:89:16:
50:06:10:5f:4e:76:37:48:46:02:94:a5:23:55:de:
53:09:02:3c:ce:18:14:3b:36:62:ed:28:dd:d0:c3:
6d:5f:7b:fb:53:44:d5:43:23:52:0b:b7:fe:1e:97:
df:69:cc:37:53:c4:cb:5a:79:b4:2b:60:f4:16:30:
28:fb:2e:83:2c:32:6b:7e:f2:cf:0f:12:63:73:1d:
32:c6:35:e4:b3:11:a2:03:5a:e1:16:08:74:fe:f9:
42:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:5D:CB:11:70:AC:DE:BA:64:83:CC:11:30:1F:3C:0C:56:A6:14:F4
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C3B436EC014511EF9CE9B543017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.48.0/22
Signature Algorithm: sha256WithRSAEncryption
4b:11:1d:17:76:7f:18:c3:f9:5c:f3:37:65:41:1d:e5:2d:4f:
61:57:d0:da:54:b7:2a:98:03:63:7f:54:3d:ee:e8:6e:80:f4:
54:9f:f2:37:6a:e7:d3:78:39:38:42:08:51:3e:4b:49:7d:8a:
32:90:3d:ce:eb:4a:b5:96:0e:de:f8:d2:9d:dc:33:51:60:94:
76:36:cf:1f:cb:f5:2c:0d:8a:af:9b:ae:80:5e:f6:fe:8e:5f:
d4:d3:77:42:06:4e:73:69:58:4d:65:c4:1a:c8:92:fa:01:11:
b7:07:3a:84:f8:15:81:e5:f7:87:e9:73:45:da:1b:d5:2a:9d:
dd:03:2b:56:ea:68:66:8e:0a:1f:57:63:bb:a6:d4:7e:aa:4a:
52:4f:8a:e5:f6:87:21:3c:68:30:f7:61:01:e8:a6:d7:b9:40:
0e:94:e9:fc:e8:f4:14:32:9e:27:e2:ee:d8:1b:2a:8a:fc:74:
39:28:c9:fe:b3:e0:87:b0:9b:58:0d:5b:2c:a0:12:a8:dd:91:
0a:b6:b6:23:2d:3e:80:9b:22:26:5a:95:42:a4:f8:dd:8a:78:
3f:c0:65:6c:bb:a1:cb:ac:30:28:62:1a:4e:7e:94:de:b6:e6:
24:c4:bd:78:93:4e:7c:5b:11:31:b0:1a:0a:17:d0:33:99:7e:
66:b5:66:a1
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAIQaMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNDIzMDc0NzM4WhcNMjQwNTExMDc0NzM4WjAYMRYw
FAYDVQQDEw02NjI3Njc5ZS0yOGNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7PeNbKCFxBy/FENTvGTazYRxh145+2fO+0hKxZkN+TwZ8At5ddM6suGY
F3ZFqrUDi/J//DGGDFQxk0sI5xa78ePU9Hw4pTi1RspWQPIUvQELijSXc+BA9Oyi
yTnM5I70/GpcuO5UpY6/Mj8aUeVE7KVWE7muKiVeXFpY6Gh1Qc+qBpDrD4oW3AO2
nBM42yp2mQzuiAWzuXLAtGErMbLW+fLniRZQBhBfTnY3SEYClKUjVd5TCQI8zhgU
OzZi7Sjd0MNtX3v7U0TVQyNSC7f+Hpffacw3U8TLWnm0K2D0FjAo+y6DLDJrfvLP
DxJjcx0yxjXksxGiA1rhFgh0/vlCQwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHxd
yxFwrN66ZIPMETAfPAxWphT0MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DM0I0MzZFQzAxNDUxMUVGOUNFOUI1NDMwMTcwMDFCMS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLcQwMA0GCSqGSIb3DQEBCwUA
A4IBAQBLER0Xdn8Yw/lc8zdlQR3lLU9hV9DaVLcqmANjf1Q97uhugPRUn/I3aufT
eDk4QghRPktJfYoykD3O60q1lg7e+NKd3DNRYJR2Ns8fy/UsDYqvm66AXvb+jl/U
03dCBk5zaVhNZcQayJL6ARG3BzqE+BWB5feH6XNF2hvVKp3dAytW6mhmjgofV2O7
ptR+qkpST4rl9ochPGgw92EB6KbXuUAOlOn86PQUMp4n4u7YGyqK/HQ5KMn+s+CH
sJtYDVssoBKo3ZEKtrYjLT6AmyImWpVCpPjding/wGVsu6HLrDAoYhpOfpTetuYk
xL14k058WxExsBoKF9AzmX5mtWah
-----END CERTIFICATE-----
Generated at Mon May 6 09:08:16 2024 by rpki-client on console-fra.rpki-client.org