Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CCBC435AA74A11EF9189EC7D762E951A.roa
File: CCBC435AA74A11EF9189EC7D762E951A.roa (raw, json)
Hash identifier: bJm3z/hLSe1tSV8CPVhRE2KyNsjbqwXaAYICFE7DO84=
Subject key identifier: F9:7A:0C:7D:FA:65:A7:7A:A9:EE:69:B3:13:77:63:F4:75:0C:54:18
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D6A8
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CCBC435AA74A11EF9189EC7D762E951A.roa
Signing time: Wed 20 Nov 2024 14:21:58 +0000
ROA not before: Wed 20 Nov 2024 14:21:54 +0000
ROA not after: Sat 30 Nov 2024 14:21:54 +0000
asID: 202656
IP address blocks: 45.199.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 54952 (0xd6a8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 20 14:21:54 2024 GMT
Not After : Nov 30 14:21:54 2024 GMT
Subject: CN=673df085-7f22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:75:5a:90:ea:94:04:fc:a1:02:95:4d:b7:55:
84:dc:74:dd:19:45:10:4b:ac:ba:a2:b3:4f:db:23:
fa:44:d8:35:ba:6f:2b:df:aa:83:f7:4e:52:df:5d:
2d:80:af:43:5c:eb:81:3c:fe:83:7a:86:f0:48:d9:
0c:97:4a:1a:01:27:e6:da:06:44:e6:b6:47:3b:6f:
25:cc:4b:07:b8:15:f7:e4:da:a4:99:4a:fb:18:0c:
8d:cf:5e:e3:e0:ed:5f:b6:0d:22:2a:e2:49:61:fa:
d9:1a:c0:8a:c9:8a:c2:03:7d:74:b0:5f:0c:f5:75:
15:b3:94:23:d0:2c:0e:27:e3:48:2b:e9:4c:34:d1:
57:f0:e3:24:28:20:f5:8f:7b:81:44:54:c0:76:e2:
4d:74:e2:04:98:57:01:11:ca:40:09:54:20:bb:e4:
57:34:e6:dc:eb:6a:c0:1f:64:e9:d0:ea:46:ea:72:
a2:76:db:e9:54:52:8b:3a:ae:21:12:b9:a1:75:3b:
8b:23:cb:49:21:40:b7:9f:03:2f:f1:d0:61:9b:97:
c0:89:a1:dc:32:32:bb:4e:fd:ac:35:7a:74:11:7b:
64:24:da:05:84:2f:3b:ec:2c:32:f3:e9:dd:b5:ce:
9f:17:a0:c3:e0:64:8f:8f:38:14:e4:5a:43:b1:fe:
58:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:7A:0C:7D:FA:65:A7:7A:A9:EE:69:B3:13:77:63:F4:75:0C:54:18
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CCBC435AA74A11EF9189EC7D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.199.198.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:02:a9:c1:a1:46:8b:6b:6d:26:b8:c5:cd:3f:d9:90:dc:7c:
7f:a6:a2:46:2b:fb:35:a4:c2:12:8d:6b:7c:67:87:28:22:26:
a3:bd:6d:f7:86:db:a9:2a:5d:56:80:b8:8a:1d:51:bd:b7:ac:
1b:ad:74:15:d2:4e:cf:86:c9:1b:b5:d5:ee:87:55:46:6b:4b:
2f:5a:e3:44:8e:bb:0e:ad:98:f6:e0:98:ae:09:79:d8:e2:8d:
ff:24:e8:27:d5:31:6f:b3:a2:f7:1c:44:4a:81:f0:31:48:49:
44:e6:8b:0f:3f:3c:5d:91:95:b5:a3:d8:cb:48:8c:c2:4c:3a:
0c:49:38:a3:fc:53:33:e1:1f:9b:7c:7f:03:85:71:57:31:20:
17:9c:c5:c8:97:98:64:70:6d:8b:47:67:de:c5:10:2d:44:49:
b4:7e:08:59:dc:b7:e1:a1:02:9b:fc:5e:41:1c:f4:de:b8:08:
73:56:df:37:c1:f3:8f:4d:c4:f2:c3:ef:e8:df:22:c5:89:2d:
f7:e7:f8:8b:9c:92:6e:1c:0c:d3:e2:c4:3d:f7:a5:84:28:d7:
e5:a7:b6:5e:2e:88:cd:71:90:95:d6:fc:37:05:db:bc:e8:5d:
d1:cc:91:4d:e9:ad:44:b1:f2:ac:93:bd:02:39:8b:9f:fd:2a:
cb:06:7d:a9
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANaoMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTIwMTQyMTU0WhcNMjQxMTMwMTQyMTU0WjAYMRYw
FAYDVQQDEw02NzNkZjA4NS03ZjIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzHVakOqUBPyhApVNt1WE3HTdGUUQS6y6orNP2yP6RNg1um8r36qD905S
310tgK9DXOuBPP6DeobwSNkMl0oaASfm2gZE5rZHO28lzEsHuBX35NqkmUr7GAyN
z17j4O1ftg0iKuJJYfrZGsCKyYrCA310sF8M9XUVs5Qj0CwOJ+NIK+lMNNFX8OMk
KCD1j3uBRFTAduJNdOIEmFcBEcpACVQgu+RXNObc62rAH2Tp0OpG6nKidtvpVFKL
Oq4hErmhdTuLI8tJIUC3nwMv8dBhm5fAiaHcMjK7Tv2sNXp0EXtkJNoFhC877Cwy
8+ndtc6fF6DD4GSPjzgU5FpDsf5YNQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPl6
DH36Zad6qe5psxN3Y/R1DFQYMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DQ0JDNDM1QUE3NEExMUVGOTE4OUVDN0Q3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcfGMA0GCSqGSIb3DQEBCwUA
A4IBAQANAqnBoUaLa20muMXNP9mQ3Hx/pqJGK/s1pMISjWt8Z4coIiajvW33htup
Kl1WgLiKHVG9t6wbrXQV0k7PhskbtdXuh1VGa0svWuNEjrsOrZj24JiuCXnY4o3/
JOgn1TFvs6L3HERKgfAxSElE5osPPzxdkZW1o9jLSIzCTDoMSTij/FMz4R+bfH8D
hXFXMSAXnMXIl5hkcG2LR2fexRAtREm0fghZ3LfhoQKb/F5BHPTeuAhzVt83wfOP
TcTyw+/o3yLFiS335/iLnJJuHAzT4sQ996WEKNflp7ZeLojNcZCV1vw3Bdu86F3R
zJFN6a1EsfKsk70COYuf/SrLBn2p
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:50 2024 by rpki-client on console-ams.rpki-client.org