Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D3427D76719D11EFA6FD6D55762E951A.roa
File: D3427D76719D11EFA6FD6D55762E951A.roa (raw, json)
Hash identifier: fCvIDx4Ah1hg+CKh+A9+zseN7+ljXhkeSsbWzcARgP0=
Subject key identifier: D8:46:F4:D8:28:24:2F:9F:74:38:45:4E:73:A2:54:C0:DD:80:95:93
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: B526
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D3427D76719D11EFA6FD6D55762E951A.roa
Signing time: Fri 13 Sep 2024 07:00:15 +0000
ROA not before: Fri 13 Sep 2024 07:00:10 +0000
ROA not after: Fri 08 Aug 2025 07:00:10 +0000
asID: 133199
IP address blocks: 45.207.48.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46374 (0xb526)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 13 07:00:10 2024 GMT
Not After : Aug 8 07:00:10 2025 GMT
Subject: CN=66e3e2fe-7eb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:4d:50:9b:0d:32:1d:12:53:4b:ac:b9:3c:97:
d6:a8:09:ba:4d:49:d2:05:1f:a9:32:3d:0a:f0:80:
23:08:f9:80:0c:32:3d:25:2b:cd:77:c2:33:be:6b:
a3:a5:f5:aa:92:84:46:ed:14:dd:55:ac:24:48:43:
91:52:b5:ac:27:95:7f:d2:f3:82:d5:ba:d2:f8:66:
7a:6f:63:5f:01:23:d7:04:97:c2:a7:e2:b1:8f:1b:
d9:af:2f:b9:38:bb:4a:18:21:2f:a9:7a:25:0e:e4:
57:02:34:8c:43:94:9c:36:78:27:6b:b1:ea:6c:f3:
ff:73:38:fc:42:27:a4:52:b5:a0:33:d8:b1:f2:44:
32:07:fe:a3:98:c9:df:95:8c:90:74:8f:4b:3e:3b:
97:c4:d9:bc:c6:40:5b:37:98:42:0a:f9:73:18:00:
43:00:71:88:87:7e:ea:22:71:c1:c3:4d:da:7b:d5:
26:87:d0:a1:76:fc:5d:d5:7f:29:c3:aa:0b:28:85:
b7:c9:20:fe:c9:d6:56:e4:e8:af:fa:78:36:d1:1a:
c5:6f:de:03:cd:25:e9:66:c9:1c:e9:f1:0f:47:38:
0c:f0:87:22:55:cb:f9:1e:ce:9a:76:14:f1:ef:74:
2b:4f:49:b9:52:7d:48:84:0f:d9:1d:96:34:73:af:
c6:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:46:F4:D8:28:24:2F:9F:74:38:45:4E:73:A2:54:C0:DD:80:95:93
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D3427D76719D11EFA6FD6D55762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.207.48.0/21
Signature Algorithm: sha256WithRSAEncryption
40:36:e4:18:77:49:fb:6b:7b:c7:17:92:28:c1:a8:91:1c:4d:
b9:a1:fe:31:83:ce:49:4b:b6:9c:f4:aa:fb:66:f4:40:71:51:
bc:83:95:24:1c:20:a7:5a:47:be:1d:86:48:0e:cc:31:91:aa:
ea:8e:0e:4f:44:d7:e8:a3:52:a2:85:af:3d:cb:37:32:f7:14:
f6:83:c0:1a:7b:40:eb:7d:14:0c:5f:07:f0:26:12:c7:64:70:
4c:17:7a:2f:f2:9f:fb:66:3c:12:2d:4d:09:a7:97:7a:1f:a3:
12:ca:9f:3e:fd:3b:e8:80:11:d2:34:8b:f0:40:c7:82:11:05:
34:2c:74:27:54:c4:c9:d9:8c:3e:18:3d:44:31:27:e6:53:eb:
3f:c9:75:7f:8b:8b:c0:b0:2c:6c:f6:6b:74:a6:1b:e1:6b:65:
81:7a:cd:53:cd:9d:5b:b5:b8:24:47:61:6b:aa:74:72:a1:3d:
a9:87:a2:3f:ae:96:d8:d6:b3:54:1e:ee:c5:4c:0f:83:a9:9d:
18:09:0c:9f:c7:c0:dc:45:42:00:d9:88:f2:f6:33:88:43:c7:
3b:8f:63:77:59:ab:92:b4:93:b1:f9:69:17:7c:a9:1c:f9:86:
90:c9:38:a0:be:33:f2:ef:cd:d0:cb:27:6a:38:de:7c:20:51:
75:9b:11:48
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDALUmMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwOTEzMDcwMDEwWhcNMjUwODA4MDcwMDEwWjAYMRYw
FAYDVQQDEw02NmUzZTJmZS03ZWI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1k1Qmw0yHRJTS6y5PJfWqAm6TUnSBR+pMj0K8IAjCPmADDI9JSvNd8Iz
vmujpfWqkoRG7RTdVawkSEORUrWsJ5V/0vOC1brS+GZ6b2NfASPXBJfCp+KxjxvZ
ry+5OLtKGCEvqXolDuRXAjSMQ5ScNngna7HqbPP/czj8QiekUrWgM9ix8kQyB/6j
mMnflYyQdI9LPjuXxNm8xkBbN5hCCvlzGABDAHGIh37qInHBw03ae9Umh9Chdvxd
1X8pw6oLKIW3ySD+ydZW5Oiv+ng20RrFb94DzSXpZskc6fEPRzgM8IciVcv5Hs6a
dhTx73QrT0m5Un1IhA/ZHZY0c6/GFwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNhG
9NgoJC+fdDhFTnOiVMDdgJWTMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EMzQyN0Q3NjcxOUQxMUVGQTZGRDZENTU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDLc8wMA0GCSqGSIb3DQEBCwUA
A4IBAQBANuQYd0n7a3vHF5IowaiRHE25of4xg85JS7ac9Kr7ZvRAcVG8g5UkHCCn
Wke+HYZIDswxkarqjg5PRNfoo1Kiha89yzcy9xT2g8Aae0DrfRQMXwfwJhLHZHBM
F3ov8p/7ZjwSLU0Jp5d6H6MSyp8+/TvogBHSNIvwQMeCEQU0LHQnVMTJ2Yw+GD1E
MSfmU+s/yXV/i4vAsCxs9mt0phvha2WBes1TzZ1btbgkR2FrqnRyoT2ph6I/rpbY
1rNUHu7FTA+DqZ0YCQyfx8DcRUIA2Yjy9jOIQ8c7j2N3WauStJOx+WkXfKkc+YaQ
yTigvjPy783QyydqON58IFF1mxFI
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:49 2024 by rpki-client on console-fra.rpki-client.org