Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CAFD72A08ACB11EFA493BB5C762E951A.roa
File: CAFD72A08ACB11EFA493BB5C762E951A.roa (raw, json)
Hash identifier: 6zixxely8pE/g3qRMBjA6vAaEasmyj9SmzjeOvE7AOA=
Subject key identifier: FE:60:23:A8:66:EF:25:CC:AE:EB:40:16:D6:7F:AE:1E:86:AF:52:E0
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: C4BB
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CAFD72A08ACB11EFA493BB5C762E951A.roa
Signing time: Tue 15 Oct 2024 08:02:16 +0000
ROA not before: Tue 15 Oct 2024 08:02:12 +0000
ROA not after: Wed 27 Nov 2024 08:02:12 +0000
asID: 20473
IP address blocks: 45.200.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 50363 (0xc4bb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Oct 15 08:02:12 2024 GMT
Not After : Nov 27 08:02:12 2024 GMT
Subject: CN=670e2188-98fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:fb:27:60:d3:cb:78:a7:22:0b:77:c9:16:59:
07:8b:46:18:56:5b:8a:c3:3c:d9:60:be:56:ad:f9:
3f:d8:95:e0:0e:b5:92:27:1c:38:3e:ab:30:c3:2a:
c0:dd:eb:ae:b3:f9:a0:7f:ef:aa:85:e4:17:a1:be:
ad:49:64:78:94:4d:67:c5:1b:c9:b1:ea:76:88:03:
ed:6a:71:59:70:c5:1f:73:41:ed:7f:df:39:28:f0:
b8:e6:48:b2:b9:b4:39:a8:ce:e4:e1:3b:1d:a1:d1:
fe:28:81:c3:58:e4:a7:e3:de:00:c2:7d:6f:ab:6c:
e4:0e:bc:6b:22:1b:14:56:65:04:f5:28:0d:ed:af:
60:1c:71:02:04:d5:57:08:80:2a:54:bd:c1:e7:70:
2f:11:b2:b1:aa:34:c2:d5:84:62:28:3a:8c:59:28:
4e:83:c9:3e:dd:ba:a5:91:42:b8:33:ab:23:67:7c:
e5:d2:d9:44:39:5e:8c:09:ca:30:0d:49:68:06:bb:
06:81:03:b2:93:a2:7e:bc:76:43:f2:79:db:5e:45:
ca:98:20:ca:21:d8:68:17:e9:82:b3:68:9f:29:5e:
12:2a:93:a6:56:5b:ef:18:0c:6a:d0:0a:b5:e4:d2:
cb:ca:2e:cd:8e:ec:65:d2:fd:8a:d4:1f:ac:53:00:
8f:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:60:23:A8:66:EF:25:CC:AE:EB:40:16:D6:7F:AE:1E:86:AF:52:E0
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CAFD72A08ACB11EFA493BB5C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.200.121.0/24
Signature Algorithm: sha256WithRSAEncryption
92:25:a7:d3:ce:e7:59:79:12:d9:14:64:e0:e1:92:85:7c:45:
d0:24:9e:f9:f5:44:31:38:a1:33:b6:25:29:7a:7b:0e:0c:d2:
9e:ea:05:43:19:ff:e1:7f:9b:8f:1e:0e:a2:3a:48:2d:d7:51:
b7:3f:4e:9d:56:47:68:37:d1:3f:1a:3b:9e:e9:ac:c1:95:39:
d7:7c:47:60:50:4a:fc:5d:14:b3:bc:5d:6f:c4:1e:27:72:35:
23:ec:bf:8a:d6:29:a6:52:5a:f4:b7:12:01:32:ed:65:91:96:
f6:82:3f:47:98:ba:59:29:a8:b7:6c:37:d9:67:79:1c:17:5c:
5d:dc:b0:8d:c0:9a:a9:c0:05:e6:fb:1d:a7:10:89:cc:49:ca:
a5:b2:89:a5:81:dd:cf:46:8c:76:97:57:c6:d9:b3:df:fc:42:
38:76:27:bf:bd:45:0e:54:2b:af:51:73:40:05:04:99:b2:ac:
34:0c:f7:28:29:6d:21:d4:0b:20:cd:a0:c1:25:6d:bc:77:2a:
f9:fb:0c:85:26:29:cd:32:ff:86:02:2d:a5:a7:e6:60:4d:a0:
fe:86:5a:b8:06:17:f9:74:71:46:a8:ff:15:ca:6a:ab:33:7b:
71:08:db:1a:e0:b7:83:e9:ca:00:e5:30:6b:08:9c:7c:11:27:
57:69:24:e8
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAMS7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMDE1MDgwMjEyWhcNMjQxMTI3MDgwMjEyWjAYMRYw
FAYDVQQDEw02NzBlMjE4OC05OGZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2PsnYNPLeKciC3fJFlkHi0YYVluKwzzZYL5Wrfk/2JXgDrWSJxw4Pqsw
wyrA3euus/mgf++qheQXob6tSWR4lE1nxRvJsep2iAPtanFZcMUfc0Htf985KPC4
5kiyubQ5qM7k4TsdodH+KIHDWOSn494Awn1vq2zkDrxrIhsUVmUE9SgN7a9gHHEC
BNVXCIAqVL3B53AvEbKxqjTC1YRiKDqMWShOg8k+3bqlkUK4M6sjZ3zl0tlEOV6M
CcowDUloBrsGgQOyk6J+vHZD8nnbXkXKmCDKIdhoF+mCs2ifKV4SKpOmVlvvGAxq
0Aq15NLLyi7Njuxl0v2K1B+sUwCP0wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFP5g
I6hm7yXMrutAFtZ/rh6Gr1LgMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DQUZENzJBMDhBQ0IxMUVGQTQ5M0JCNUM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALch5MA0GCSqGSIb3DQEBCwUA
A4IBAQCSJafTzudZeRLZFGTg4ZKFfEXQJJ759UQxOKEztiUpensODNKe6gVDGf/h
f5uPHg6iOkgt11G3P06dVkdoN9E/Gjue6azBlTnXfEdgUEr8XRSzvF1vxB4ncjUj
7L+K1immUlr0txIBMu1lkZb2gj9HmLpZKai3bDfZZ3kcF1xd3LCNwJqpwAXm+x2n
EInMScqlsomlgd3PRox2l1fG2bPf/EI4die/vUUOVCuvUXNABQSZsqw0DPcoKW0h
1AsgzaDBJW28dyr5+wyFJinNMv+GAi2lp+ZgTaD+hlq4Bhf5dHFGqP8VymqrM3tx
CNsa4LeD6coA5TBrCJx8ESdXaSTo
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:48 2024 by rpki-client on console-fra.rpki-client.org