Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CDC9889A0DC911EFA23E1044017001B1.roa
File: CDC9889A0DC911EFA23E1044017001B1.roa (raw, json)
Hash identifier: IjnbEKp6odUr9AheA9JiNViCR/BU6ROqYjhWOVXVbG8=
Subject key identifier: 2C:A3:4B:EF:8D:7E:AA:53:F4:D0:78:8D:F7:E7:3C:6C:C2:D1:AD:A5
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 88F7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CDC9889A0DC911EFA23E1044017001B1.roa
Signing time: Thu 09 May 2024 06:03:07 +0000
ROA not before: Thu 09 May 2024 06:03:03 +0000
ROA not after: Tue 13 May 2025 06:03:03 +0000
asID: 55720
IP address blocks: 45.204.20.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 09 Sep 2024 00:16:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35063 (0x88f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 9 06:03:03 2024 GMT
Not After : May 13 06:03:03 2025 GMT
Subject: CN=663c671a-cce0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:7d:8c:ac:fb:7c:d5:c4:82:2c:fc:ee:0c:4a:
7a:22:7d:49:34:bf:48:a8:27:5a:50:40:91:07:5c:
e6:6f:15:25:cd:98:f8:b3:65:a7:bc:d9:4a:73:c3:
36:24:94:ab:fe:9a:8d:6b:3e:ed:a9:7e:3e:7a:7a:
6d:e8:13:5e:c6:1e:cf:65:a4:38:46:9d:71:50:bb:
df:08:4c:9e:f2:cf:45:37:86:d9:d7:0c:3c:5e:ec:
3a:1e:44:ee:32:b8:e6:c0:51:e9:05:4f:27:a9:f3:
81:ec:d8:ae:3a:78:bd:be:da:73:3d:01:1e:52:91:
42:a8:66:d1:e0:41:a0:6a:9f:4e:34:b9:e0:32:64:
dd:12:50:16:53:f1:e1:67:3c:c6:fe:6b:d4:b3:e1:
37:e6:07:39:15:21:1a:99:7f:48:7a:50:99:de:ab:
ae:2b:58:d0:5b:ec:a9:0d:aa:02:98:6a:09:19:1e:
2c:a5:cb:f6:f4:d5:8a:6b:b1:d4:77:b0:9c:96:af:
ae:9b:5f:c0:90:02:98:d2:25:be:db:fa:c0:89:42:
6f:ca:65:bb:48:c0:42:cf:bb:de:1a:91:5a:34:1c:
b0:7e:a7:d7:09:25:bf:65:d5:3f:3b:96:4c:62:a1:
50:c6:d4:fb:4a:1e:2c:b3:68:e9:19:10:a8:72:2c:
ff:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:A3:4B:EF:8D:7E:AA:53:F4:D0:78:8D:F7:E7:3C:6C:C2:D1:AD:A5
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CDC9889A0DC911EFA23E1044017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.204.20.0/24
Signature Algorithm: sha256WithRSAEncryption
50:90:19:09:3b:af:0e:81:0c:b4:8c:8a:2c:10:41:eb:39:4e:
7c:7b:19:fb:c3:99:89:8a:75:0d:58:63:20:90:1d:dc:ef:ad:
4f:7a:24:0e:e1:4e:4f:55:3f:19:45:81:4f:b0:1e:1f:db:74:
46:4e:09:65:fa:fd:d5:b6:93:75:4d:f5:73:0b:84:3a:dc:0b:
80:42:1a:69:58:70:20:82:84:78:65:71:fd:9a:f2:5b:89:db:
4f:32:7e:11:89:8a:7d:84:79:8b:9b:eb:49:a2:36:75:c4:a9:
e6:62:e7:17:b9:69:e4:7f:fa:ae:a4:65:f7:45:a0:ed:d5:39:
b6:dc:e5:8a:1f:bf:38:6f:0b:55:0f:89:94:ed:4c:9f:25:81:
87:59:d6:22:29:80:6b:32:7b:70:45:77:8e:45:78:2e:f7:d3:
f1:1d:a5:dd:60:97:0e:df:e6:e4:03:3e:67:b0:d8:5e:5f:c9:
55:9d:ed:5a:a6:cd:a3:de:dd:b3:08:40:00:b1:f7:06:d0:a2:
6e:b7:2a:44:21:95:a5:d1:1d:8e:3c:b2:40:70:ff:0d:87:41:
86:2f:3d:07:a9:6d:37:8e:24:fd:84:5c:5d:74:94:a5:85:dc:
0a:da:73:da:bc:4d:fe:e9:21:4c:12:c5:a6:b9:b4:90:fa:df:
46:8f:d6:37
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAIj3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNTA5MDYwMzAzWhcNMjUwNTEzMDYwMzAzWjAYMRYw
FAYDVQQDEw02NjNjNjcxYS1jY2UwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwH2MrPt81cSCLPzuDEp6In1JNL9IqCdaUECRB1zmbxUlzZj4s2WnvNlK
c8M2JJSr/pqNaz7tqX4+enpt6BNexh7PZaQ4Rp1xULvfCEye8s9FN4bZ1ww8Xuw6
HkTuMrjmwFHpBU8nqfOB7NiuOni9vtpzPQEeUpFCqGbR4EGgap9ONLngMmTdElAW
U/HhZzzG/mvUs+E35gc5FSEamX9IelCZ3quuK1jQW+ypDaoCmGoJGR4spcv29NWK
a7HUd7Cclq+um1/AkAKY0iW+2/rAiUJvymW7SMBCz7veGpFaNBywfqfXCSW/ZdU/
O5ZMYqFQxtT7Sh4ss2jpGRCociz/uwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCyj
S++NfqpT9NB4jffnPGzC0a2lMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DREM5ODg5QTBEQzkxMUVGQTIzRTEwNDQwMTcwMDFCMS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcwUMA0GCSqGSIb3DQEBCwUA
A4IBAQBQkBkJO68OgQy0jIosEEHrOU58exn7w5mJinUNWGMgkB3c761PeiQO4U5P
VT8ZRYFPsB4f23RGTgll+v3VtpN1TfVzC4Q63AuAQhppWHAggoR4ZXH9mvJbidtP
Mn4RiYp9hHmLm+tJojZ1xKnmYucXuWnkf/qupGX3RaDt1Tm23OWKH784bwtVD4mU
7UyfJYGHWdYiKYBrMntwRXeORXgu99PxHaXdYJcO3+bkAz5nsNheX8lVne1aps2j
3t2zCEAAsfcG0KJutypEIZWl0R2OPLJAcP8Nh0GGLz0HqW03jiT9hFxddJSlhdwK
2nPavE3+6SFMEsWmubSQ+t9Gj9Y3
-----END CERTIFICATE-----
Generated at Sat Sep 7 11:12:10 2024 by rpki-client on console-ams.rpki-client.org