Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D229A0DCA64E11EFBE02A555762E951A.roa
File: D229A0DCA64E11EFBE02A555762E951A.roa (raw, json)
Hash identifier: dZI3gHO18ZnCEXiglC4uqoYEL8xknDgulpeyeXl/n/M=
Subject key identifier: 2E:FF:A8:B7:F0:2C:5F:0A:09:69:06:E1:98:F1:07:85:64:98:27:81
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D56E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D229A0DCA64E11EFBE02A555762E951A.roa
Signing time: Tue 19 Nov 2024 08:18:13 +0000
ROA not before: Tue 19 Nov 2024 08:18:10 +0000
ROA not after: Sun 15 Dec 2024 08:18:10 +0000
asID: 215208
IP address blocks: 45.202.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 54638 (0xd56e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 19 08:18:10 2024 GMT
Not After : Dec 15 08:18:10 2024 GMT
Subject: CN=673c49c5-3d22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:28:d2:7d:62:89:1b:47:18:89:c9:a5:2a:ed:
02:9a:3d:20:9e:cd:c0:75:92:cc:ec:35:fc:d1:27:
16:51:a5:f4:9b:52:e5:a5:b9:64:8c:a0:f0:93:1c:
a2:76:24:97:b6:cf:8e:c2:29:80:67:3b:8d:7f:3a:
89:ec:a0:cd:c5:be:95:a4:1a:5e:14:56:bf:d3:33:
5d:c5:88:71:13:d3:be:c0:4d:97:5d:78:b7:7a:be:
d9:16:08:98:2e:34:37:25:fb:fd:2a:fa:64:ac:48:
df:98:8f:2a:ae:35:26:eb:81:06:4b:4a:28:62:ea:
8a:a1:d1:c3:f3:f4:ce:bc:fc:b7:0f:44:3b:38:17:
e5:0e:ae:40:11:77:4f:23:2a:58:37:52:54:8c:bb:
f0:f8:53:51:a1:b4:24:b0:7e:8d:82:c8:6c:04:66:
46:6f:47:9d:f9:39:1c:9b:5c:d3:00:ad:f0:bf:e9:
9e:ea:1c:5c:c7:6b:7b:49:4f:4a:1e:16:44:b3:05:
ef:29:bb:b1:3f:08:79:1b:13:a6:e4:69:94:26:c3:
db:88:c7:47:f5:d3:7a:f7:dd:ff:d0:42:ff:fe:33:
b7:31:92:e6:c4:ea:3c:6d:df:4d:25:ca:02:63:2c:
cd:ec:ee:a4:63:54:a0:3c:cb:f7:20:e3:d8:ce:5c:
fa:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:FF:A8:B7:F0:2C:5F:0A:09:69:06:E1:98:F1:07:85:64:98:27:81
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D229A0DCA64E11EFBE02A555762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.202.35.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:a1:88:c5:f6:15:41:cc:28:99:47:93:30:0b:be:bd:4f:4c:
55:ad:17:b2:f8:48:ff:51:44:70:c2:4a:5d:2c:18:40:ae:25:
22:68:33:c1:b5:5b:44:ff:32:b5:e5:84:53:7e:17:42:ca:dc:
56:89:c1:50:e5:43:c2:b8:70:1b:7e:26:55:c5:b2:bd:03:2f:
8b:7b:5d:ea:21:48:ab:06:1c:75:76:b1:49:b8:5b:24:06:04:
d4:bd:d2:54:f9:9a:d3:89:cc:ee:ae:22:63:7e:9d:74:81:0c:
53:27:ab:c6:06:83:66:fa:b2:b8:d5:45:6b:5c:38:a6:69:bd:
34:20:20:5e:2d:65:ae:97:24:d2:44:76:c4:e0:bc:b9:c0:dd:
a2:f7:43:7c:1c:68:76:23:5d:43:6a:28:89:d3:c2:1f:0d:fa:
98:7f:70:dc:fc:dc:fa:53:8d:1c:c4:a6:8c:60:51:b6:d1:55:
0c:da:27:84:ba:13:4a:7d:56:d6:02:63:a7:a2:d1:4c:fd:a3:
8f:83:3b:55:7f:e3:3e:80:a5:0e:86:2a:07:c8:05:6d:6b:81:
0c:f3:4b:95:6f:6f:e8:e2:e1:10:e0:1e:dd:61:7a:68:41:d8:
37:d7:8d:d9:32:34:10:be:67:3b:87:20:3d:63:32:6e:60:fb:
03:79:64:a8
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANVuMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTE5MDgxODEwWhcNMjQxMjE1MDgxODEwWjAYMRYw
FAYDVQQDEw02NzNjNDljNS0zZDIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsyjSfWKJG0cYicmlKu0Cmj0gns3AdZLM7DX80ScWUaX0m1LlpblkjKDw
kxyidiSXts+OwimAZzuNfzqJ7KDNxb6VpBpeFFa/0zNdxYhxE9O+wE2XXXi3er7Z
FgiYLjQ3Jfv9KvpkrEjfmI8qrjUm64EGS0ooYuqKodHD8/TOvPy3D0Q7OBflDq5A
EXdPIypYN1JUjLvw+FNRobQksH6NgshsBGZGb0ed+Tkcm1zTAK3wv+me6hxcx2t7
SU9KHhZEswXvKbuxPwh5GxOm5GmUJsPbiMdH9dN6993/0EL//jO3MZLmxOo8bd9N
JcoCYyzN7O6kY1SgPMv3IOPYzlz6nwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFC7/
qLfwLF8KCWkG4ZjxB4VkmCeBMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EMjI5QTBEQ0E2NEUxMUVGQkUwMkE1NTU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcojMA0GCSqGSIb3DQEBCwUA
A4IBAQCsoYjF9hVBzCiZR5MwC769T0xVrRey+Ej/UURwwkpdLBhAriUiaDPBtVtE
/zK15YRTfhdCytxWicFQ5UPCuHAbfiZVxbK9Ay+Le13qIUirBhx1drFJuFskBgTU
vdJU+ZrTiczuriJjfp10gQxTJ6vGBoNm+rK41UVrXDimab00ICBeLWWulyTSRHbE
4Ly5wN2i90N8HGh2I11DaiiJ08IfDfqYf3Dc/Nz6U40cxKaMYFG20VUM2ieEuhNK
fVbWAmOnotFM/aOPgztVf+M+gKUOhioHyAVta4EM80uVb2/o4uEQ4B7dYXpoQdg3
143ZMjQQvmc7hyA9YzJuYPsDeWSo
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:48 2024 by rpki-client on console-fra.rpki-client.org