Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CAA7907874C411EFB32EDF8E762E951A.roa
File: CAA7907874C411EFB32EDF8E762E951A.roa (raw, json)
Hash identifier: l3GdpFg2RALaNNG6czocaImkcsndARfACKKpLCzHZPM=
Subject key identifier: 18:20:EC:51:B1:10:AE:5B:EB:69:38:BD:95:5E:B1:FD:D4:D6:00:10
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: B78E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CAA7907874C411EFB32EDF8E762E951A.roa
Signing time: Tue 17 Sep 2024 07:16:43 +0000
ROA not before: Tue 17 Sep 2024 07:16:40 +0000
ROA not after: Fri 08 Aug 2025 07:16:40 +0000
asID: 133861
IP address blocks: 45.207.40.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46990 (0xb78e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 17 07:16:40 2024 GMT
Not After : Aug 8 07:16:40 2025 GMT
Subject: CN=66e92cdb-1e47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:ee:24:85:72:2d:9e:55:12:61:eb:49:52:58:
5a:d7:1f:77:7e:c2:00:49:77:27:53:79:4e:f5:1e:
c3:bc:61:2e:ee:88:c6:b2:94:89:ca:46:38:54:28:
0d:c8:57:0e:a8:41:d3:fe:39:21:90:67:de:13:8f:
c3:99:67:09:c3:48:f7:e4:b0:c3:c1:ac:d4:88:b8:
9f:70:fa:79:fe:19:e8:7b:e3:d8:dc:6c:ee:4d:98:
fb:26:e1:80:33:b0:1e:45:39:bb:e2:96:06:d0:77:
e6:1a:ce:dd:ec:f8:90:b0:cc:a1:82:47:d7:55:76:
31:5a:fa:ed:b0:2d:60:8e:72:7a:36:0d:c0:c0:11:
79:19:58:b6:4d:0e:67:2c:87:e5:90:33:e1:8c:bd:
61:f1:a1:49:8a:99:56:ce:a9:86:7c:46:fd:0b:b0:
51:3f:32:17:aa:5b:75:f7:61:a5:b9:8a:31:cb:40:
fe:c8:5a:ac:b5:f5:17:87:5f:13:e4:3a:72:fa:a8:
c5:84:33:c3:40:37:fe:ff:b5:05:a5:6f:a5:43:ca:
9c:87:62:96:63:b9:e3:19:a3:98:0a:79:3e:4d:58:
61:45:85:af:1b:8c:ab:2d:1c:53:7d:1b:f5:f1:88:
b8:f5:07:7e:dd:8c:65:69:57:84:bd:e1:a2:d2:c4:
8f:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:20:EC:51:B1:10:AE:5B:EB:69:38:BD:95:5E:B1:FD:D4:D6:00:10
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CAA7907874C411EFB32EDF8E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.207.40.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:8a:f4:5a:df:67:b8:d2:cc:80:46:8f:f5:c2:9f:34:3f:c5:
54:40:df:aa:1c:77:7c:27:f8:49:0b:89:51:7d:9f:76:3a:1e:
2c:d0:67:64:c5:fd:0f:9e:15:cd:7b:ec:2c:cd:0e:27:81:35:
a2:8e:a2:31:bc:87:78:1d:3a:ba:b0:d1:3d:10:79:2f:85:7d:
a6:2e:33:fe:42:ab:5d:ad:4e:91:92:87:c9:cf:0b:06:c7:90:
b0:f0:91:6b:e1:bd:eb:b4:9e:bc:ad:06:43:f4:ad:1c:69:ea:
ce:5f:79:05:ab:ae:00:67:52:c2:aa:e4:d4:f3:0a:49:bd:dc:
83:d2:2a:6e:ad:fb:7d:27:90:a8:26:94:38:80:7c:98:6f:48:
a9:ca:8b:73:e8:bf:1a:0d:8e:c2:1b:a5:28:d5:95:29:22:3b:
e3:37:f1:98:29:e6:54:fd:98:3b:f5:1a:0f:82:83:b3:03:50:
4a:2f:a6:10:62:30:55:4b:e6:42:0b:f4:ef:ed:61:d0:b1:52:
13:be:33:67:5e:cd:ee:70:8c:ac:72:24:92:a0:a9:8d:35:c2:
a5:2d:49:f1:d5:f1:61:87:3f:ca:7d:bb:1d:38:73:2c:11:a9:
22:23:77:d1:da:05:d1:9b:36:de:f2:7d:cb:18:07:c7:17:3c:
31:78:ae:a3
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDALeOMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwOTE3MDcxNjQwWhcNMjUwODA4MDcxNjQwWjAYMRYw
FAYDVQQDEw02NmU5MmNkYi0xZTQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0u4khXItnlUSYetJUlha1x93fsIASXcnU3lO9R7DvGEu7ojGspSJykY4
VCgNyFcOqEHT/jkhkGfeE4/DmWcJw0j35LDDwazUiLifcPp5/hnoe+PY3GzuTZj7
JuGAM7AeRTm74pYG0HfmGs7d7PiQsMyhgkfXVXYxWvrtsC1gjnJ6Ng3AwBF5GVi2
TQ5nLIflkDPhjL1h8aFJiplWzqmGfEb9C7BRPzIXqlt192GluYoxy0D+yFqstfUX
h18T5Dpy+qjFhDPDQDf+/7UFpW+lQ8qch2KWY7njGaOYCnk+TVhhRYWvG4yrLRxT
fRv18Yi49Qd+3YxlaVeEveGi0sSPMwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBgg
7FGxEK5b62k4vZVesf3U1gAQMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DQUE3OTA3ODc0QzQxMUVGQjMyRURGOEU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc8oMA0GCSqGSIb3DQEBCwUA
A4IBAQCfivRa32e40syARo/1wp80P8VUQN+qHHd8J/hJC4lRfZ92Oh4s0Gdkxf0P
nhXNe+wszQ4ngTWijqIxvId4HTq6sNE9EHkvhX2mLjP+QqtdrU6RkofJzwsGx5Cw
8JFr4b3rtJ68rQZD9K0caerOX3kFq64AZ1LCquTU8wpJvdyD0ipurft9J5CoJpQ4
gHyYb0ipyotz6L8aDY7CG6Uo1ZUpIjvjN/GYKeZU/Zg79RoPgoOzA1BKL6YQYjBV
S+ZCC/Tv7WHQsVITvjNnXs3ucIysciSSoKmNNcKlLUnx1fFhhz/KfbsdOHMsEaki
I3fR2gXRmzbe8n3LGAfHFzwxeK6j
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:47 2024 by rpki-client on console-fra.rpki-client.org