Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C5C264EE74C311EF9B833A8A762E951A.roa
File: C5C264EE74C311EF9B833A8A762E951A.roa (raw, json)
Hash identifier: ZIkd3PVKyCcrFU3ISKR71rioeC01mV6jjmP1M7NdWgI=
Subject key identifier: B4:0D:7E:B7:AF:45:E0:40:4B:67:02:84:DB:A3:DD:70:A8:D4:B7:8B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: B780
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C5C264EE74C311EF9B833A8A762E951A.roa
Signing time: Tue 17 Sep 2024 07:09:26 +0000
ROA not before: Tue 17 Sep 2024 07:09:22 +0000
ROA not after: Fri 08 Aug 2025 07:09:22 +0000
asID: 133199
IP address blocks: 45.207.43.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46976 (0xb780)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 17 07:09:22 2024 GMT
Not After : Aug 8 07:09:22 2025 GMT
Subject: CN=66e92b26-b31c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:1f:76:3b:4f:71:6c:82:4d:8f:40:f7:91:15:
42:99:76:01:3e:08:5a:c7:0b:c5:8f:a9:df:a7:f3:
b6:46:cd:6d:bf:d8:62:f6:a9:c5:57:38:f2:f1:5f:
1d:b4:9e:0c:15:49:69:cf:8f:f0:e5:6d:8e:17:db:
98:93:0d:5f:36:93:43:6a:11:3c:a4:83:16:8a:07:
16:50:a8:3f:75:13:dd:f5:c5:69:73:37:a4:6c:fb:
40:5a:d5:0c:34:8e:16:96:da:8c:95:15:8c:6a:a0:
ee:d2:7a:33:d6:3f:7e:58:2b:b9:7b:33:4d:1d:d1:
cb:43:be:4d:5d:77:7c:90:4e:2e:78:4e:78:4e:30:
89:61:c4:d1:3a:e8:dd:6e:17:8c:b6:97:33:fd:cb:
fa:5e:a1:d6:ce:3e:a3:e2:4d:12:bd:fb:98:2a:d4:
3b:31:7a:cc:f6:1b:e0:ab:80:6f:a0:ff:d5:ec:80:
44:20:bc:4c:f8:5e:bf:cc:d3:bb:a0:e2:7b:84:1b:
04:78:46:ba:5d:f2:ba:15:db:c2:43:8a:8d:58:d0:
d8:8a:39:1f:55:d2:dc:22:8c:f0:d7:b8:42:21:d7:
95:6c:62:2d:6f:bf:be:0b:d0:3e:f4:0b:25:7f:49:
5d:ed:b8:9a:80:cf:9d:21:90:7c:62:fc:60:f2:bc:
ca:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:0D:7E:B7:AF:45:E0:40:4B:67:02:84:DB:A3:DD:70:A8:D4:B7:8B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C5C264EE74C311EF9B833A8A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.207.43.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:48:23:3e:be:3f:a6:3c:16:0a:34:34:42:2e:eb:ca:16:83:
c7:68:ab:61:02:d4:ab:4d:03:43:65:4e:d4:9a:46:48:6e:62:
0e:df:bc:14:6b:03:19:91:6d:c9:9a:b8:16:7d:f3:94:5f:e9:
95:87:c0:77:d5:90:24:ac:97:9e:18:78:fb:92:73:f7:00:ed:
c8:96:87:e4:16:89:7f:99:e3:1b:1c:61:e9:e8:1b:d3:09:36:
2e:8f:84:1e:ef:56:94:bd:b2:1d:8c:34:a3:1b:8e:58:2d:79:
9d:4c:22:1b:99:d0:18:86:95:df:68:d4:85:47:e7:cb:2d:ba:
ad:fa:c4:ce:2a:bb:ee:65:56:c1:2d:17:25:20:15:bd:35:f5:
05:fb:5c:2d:65:ef:2c:92:ca:0e:c7:58:c4:6a:d9:a5:3f:23:
20:11:42:0c:ee:6b:1d:b6:dd:a4:2d:fb:31:71:b0:bf:28:c4:
18:3e:a7:63:cf:3c:8a:2c:e4:1d:ab:19:91:0f:b6:8c:2f:d8:
17:92:70:0b:4e:4d:e8:7a:19:ef:33:c8:75:34:3d:83:2a:6c:
04:45:5f:a7:e1:a3:0a:10:ff:6e:31:a9:f9:62:d8:d8:f1:6a:
29:b2:d9:65:50:10:51:d8:c8:a8:3c:94:a4:41:8b:6b:df:a7:
21:ac:bf:84
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDALeAMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwOTE3MDcwOTIyWhcNMjUwODA4MDcwOTIyWjAYMRYw
FAYDVQQDEw02NmU5MmIyNi1iMzFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqh92O09xbIJNj0D3kRVCmXYBPghaxwvFj6nfp/O2Rs1tv9hi9qnFVzjy
8V8dtJ4MFUlpz4/w5W2OF9uYkw1fNpNDahE8pIMWigcWUKg/dRPd9cVpczekbPtA
WtUMNI4WltqMlRWMaqDu0noz1j9+WCu5ezNNHdHLQ75NXXd8kE4ueE54TjCJYcTR
OujdbheMtpcz/cv6XqHWzj6j4k0SvfuYKtQ7MXrM9hvgq4BvoP/V7IBEILxM+F6/
zNO7oOJ7hBsEeEa6XfK6FdvCQ4qNWNDYijkfVdLcIozw17hCIdeVbGItb7++C9A+
9Aslf0ld7biagM+dIZB8Yvxg8rzKFQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLQN
frevReBAS2cChNuj3XCo1LeLMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DNUMyNjRFRTc0QzMxMUVGOUI4MzNBOEE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc8rMA0GCSqGSIb3DQEBCwUA
A4IBAQCpSCM+vj+mPBYKNDRCLuvKFoPHaKthAtSrTQNDZU7UmkZIbmIO37wUawMZ
kW3JmrgWffOUX+mVh8B31ZAkrJeeGHj7knP3AO3IlofkFol/meMbHGHp6BvTCTYu
j4Qe71aUvbIdjDSjG45YLXmdTCIbmdAYhpXfaNSFR+fLLbqt+sTOKrvuZVbBLRcl
IBW9NfUF+1wtZe8sksoOx1jEatmlPyMgEUIM7msdtt2kLfsxcbC/KMQYPqdjzzyK
LOQdqxmRD7aML9gXknALTk3oehnvM8h1ND2DKmwERV+n4aMKEP9uMan5YtjY8Wop
stllUBBR2MioPJSkQYtr36chrL+E
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:47 2024 by rpki-client on console-fra.rpki-client.org