Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C6234E8891DF11EF9CEEC470762E951A.roa
File: C6234E8891DF11EF9CEEC470762E951A.roa (raw, json)
Hash identifier: bXsH40AvVoDjnKszoIaMqyNA+J4ovaF+/d5tDYfRRD4=
Subject key identifier: D6:74:36:D0:6F:C3:3F:A9:B5:E2:E6:46:A7:47:3A:13:3E:13:C1:0E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: C834
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C6234E8891DF11EF9CEEC470762E951A.roa
Signing time: Thu 24 Oct 2024 08:12:56 +0000
ROA not before: Thu 24 Oct 2024 08:12:52 +0000
ROA not after: Sun 24 Nov 2024 08:12:52 +0000
asID: 138195
IP address blocks: 45.202.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 51252 (0xc834)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Oct 24 08:12:52 2024 GMT
Not After : Nov 24 08:12:52 2024 GMT
Subject: CN=671a0188-f1c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:06:0c:98:8f:7f:3b:ff:b0:a5:7a:a1:58:d9:
fb:db:3f:4c:d2:2a:ba:62:92:7f:bf:f6:f5:9e:ea:
9f:a6:d8:72:5d:e9:0b:79:6b:62:20:4f:96:bc:90:
b4:83:c7:d7:26:e4:3b:ea:c1:f5:14:ee:36:78:cc:
c7:38:d5:77:4c:71:c5:3f:86:a6:74:5c:32:f2:2e:
79:28:ea:19:24:75:5c:d4:5d:d1:e7:7c:1e:35:a9:
2a:60:8f:11:7b:9f:7b:88:c2:89:5c:66:5d:37:02:
30:45:10:ae:a1:06:53:fb:7e:70:fa:e7:27:aa:9c:
e8:20:e7:11:67:77:de:5f:43:cf:54:63:37:d5:a8:
10:13:57:3c:b5:b1:14:3f:7d:2c:2e:4b:79:ea:be:
8e:33:89:f8:6c:e5:cc:33:fb:8f:9a:d0:82:fd:18:
d8:ae:d7:c7:99:d6:4a:54:fd:10:cf:7c:c0:d8:9c:
4e:87:00:3a:cb:1a:07:f5:6b:17:8c:c3:87:cd:4e:
44:9f:17:68:e2:ed:c5:18:3d:07:0f:24:24:85:3a:
d9:70:6d:49:b6:3b:c4:0e:03:7f:5d:2b:a5:0e:33:
25:58:63:9b:38:e1:62:6d:f4:61:6b:1a:46:ff:3c:
53:3b:b2:9d:a4:17:24:47:4b:65:13:f8:17:c2:7a:
90:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:74:36:D0:6F:C3:3F:A9:B5:E2:E6:46:A7:47:3A:13:3E:13:C1:0E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C6234E8891DF11EF9CEEC470762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.202.208.0/24
Signature Algorithm: sha256WithRSAEncryption
25:d0:3d:54:7f:b7:d4:bb:0f:c5:2b:f7:f3:79:ef:47:ec:aa:
9e:b0:8f:c0:25:8a:f7:3e:47:6e:d3:8f:45:11:5c:12:12:e4:
1d:27:56:42:a2:99:31:07:06:c6:91:03:ca:a6:c5:91:53:3e:
96:c9:62:25:a3:34:c7:68:62:27:44:27:51:d5:09:7e:29:11:
c2:39:54:e0:38:e8:60:71:d3:63:09:e0:ae:0a:bb:f6:67:93:
b0:76:07:e5:e1:9e:95:fe:1f:50:1d:52:a0:bb:6c:97:06:fd:
81:1a:7f:2b:9a:62:a3:cd:49:9b:ef:4d:29:0b:9a:5e:d2:e6:
5a:29:d5:5c:3d:1e:75:04:37:4a:45:04:9c:7b:c3:a5:cf:45:
6a:86:a3:24:e4:cc:d8:a8:db:14:47:bd:ec:d7:69:ff:aa:15:
a4:bd:00:e8:05:08:61:57:75:c2:fb:1b:f6:7a:41:b9:83:b4:
f7:bc:73:ee:eb:2c:9b:3d:e8:f0:b7:d0:2c:0f:83:57:e5:ec:
44:f3:5a:10:9f:de:b1:1c:78:91:4b:52:cf:b7:4a:b8:5e:c3:
1d:fb:67:16:8d:22:a7:8e:73:09:9f:91:16:2d:78:ee:2c:5f:
72:a8:a4:5e:95:46:e9:10:b1:c8:a0:3e:90:a8:7d:b6:be:e4:
3f:6a:ae:8a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAMg0MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMDI0MDgxMjUyWhcNMjQxMTI0MDgxMjUyWjAYMRYw
FAYDVQQDEw02NzFhMDE4OC1mMWMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsQYMmI9/O/+wpXqhWNn72z9M0iq6YpJ/v/b1nuqfpthyXekLeWtiIE+W
vJC0g8fXJuQ76sH1FO42eMzHONV3THHFP4amdFwy8i55KOoZJHVc1F3R53weNakq
YI8Re597iMKJXGZdNwIwRRCuoQZT+35w+ucnqpzoIOcRZ3feX0PPVGM31agQE1c8
tbEUP30sLkt56r6OM4n4bOXMM/uPmtCC/RjYrtfHmdZKVP0Qz3zA2JxOhwA6yxoH
9WsXjMOHzU5Enxdo4u3FGD0HDyQkhTrZcG1JtjvEDgN/XSulDjMlWGObOOFibfRh
axpG/zxTO7KdpBckR0tlE/gXwnqQRwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNZ0
NtBvwz+pteLmRqdHOhM+E8EOMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DNjIzNEU4ODkxREYxMUVGOUNFRUM0NzA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcrQMA0GCSqGSIb3DQEBCwUA
A4IBAQAl0D1Uf7fUuw/FK/fzee9H7KqesI/AJYr3Pkdu049FEVwSEuQdJ1ZCopkx
BwbGkQPKpsWRUz6WyWIlozTHaGInRCdR1Ql+KRHCOVTgOOhgcdNjCeCuCrv2Z5Ow
dgfl4Z6V/h9QHVKgu2yXBv2BGn8rmmKjzUmb700pC5pe0uZaKdVcPR51BDdKRQSc
e8Olz0VqhqMk5MzYqNsUR73s12n/qhWkvQDoBQhhV3XC+xv2ekG5g7T3vHPu6yyb
Pejwt9AsD4NX5exE81oQn96xHHiRS1LPt0q4XsMd+2cWjSKnjnMJn5EWLXjuLF9y
qKRelUbpELHIoD6QqH22vuQ/aq6K
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:47 2024 by rpki-client on console-fra.rpki-client.org