Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D5CF59DA5DCD11EFB3167E89762E951A.roa
File: D5CF59DA5DCD11EFB3167E89762E951A.roa (raw, json)
Hash identifier: psWqZujSINsuz9+h9Mg8Zk4a+Kf7YewZya9M7EWs1ko=
Subject key identifier: 25:F8:9C:0F:0E:D0:4D:A1:9A:84:FE:B2:0E:F7:BE:C9:8A:D5:C6:F5
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: A869
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D5CF59DA5DCD11EFB3167E89762E951A.roa
Signing time: Mon 19 Aug 2024 01:53:31 +0000
ROA not before: Mon 19 Aug 2024 01:53:28 +0000
ROA not after: Thu 31 Dec 2026 01:53:28 +0000
asID: 17561
IP address blocks: 45.198.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43113 (0xa869)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Aug 19 01:53:28 2024 GMT
Not After : Dec 31 01:53:28 2026 GMT
Subject: CN=66c2a59b-bf54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:e2:ad:ed:5b:0d:8e:a4:f4:cf:32:97:77:68:
65:2f:1e:22:db:8a:42:5d:d6:0f:35:3e:f8:5f:74:
44:81:9b:cd:6f:45:48:40:98:14:43:42:16:d6:4f:
d3:52:37:2a:e5:0c:58:4c:df:59:f9:74:9c:4b:9b:
77:bb:e3:a6:41:74:3f:86:1f:c2:28:6e:fe:49:41:
c6:65:26:a5:9d:7b:a6:16:9c:fb:21:53:81:85:ba:
e4:9e:83:05:b4:da:09:a9:d9:84:b6:7f:a0:ad:98:
35:3a:44:9d:3a:d7:f5:88:de:93:1e:9e:fc:0b:c9:
ee:38:7b:4c:8c:d1:fd:f9:2a:46:d4:63:7b:d2:fc:
20:f8:73:28:40:25:11:d4:0d:86:ec:b3:04:02:d9:
92:90:57:0c:1f:24:bf:b1:eb:52:ae:50:aa:46:36:
82:b4:8a:1d:37:9a:44:f4:d0:93:c8:6b:ec:23:0d:
b2:af:a3:84:37:68:21:3e:20:21:73:ac:34:70:86:
01:4b:ac:e8:4a:c0:56:63:f0:45:ee:47:33:3a:3c:
70:b1:bc:f8:1c:22:d9:43:c1:56:97:23:d8:e3:30:
6f:5c:b3:52:c4:3d:0d:4b:d4:2b:30:db:80:16:e5:
90:9c:97:9c:2c:79:84:a0:c5:84:70:89:f1:a2:78:
c1:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:F8:9C:0F:0E:D0:4D:A1:9A:84:FE:B2:0E:F7:BE:C9:8A:D5:C6:F5
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D5CF59DA5DCD11EFB3167E89762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.198.3.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:93:ac:fc:01:01:a2:e6:cb:cb:f6:97:c2:43:3f:82:38:ad:
44:5a:c2:b8:c9:da:1a:2e:25:f6:c7:36:81:f3:ee:71:87:f4:
71:74:db:dd:aa:1f:ae:aa:0f:eb:2f:d6:ac:e5:b8:5b:37:99:
1d:56:6a:93:c0:4f:66:c8:93:5c:86:9e:d4:79:6d:b4:61:3a:
f9:67:bc:2b:39:3d:0b:e1:cf:66:8c:ce:62:64:f5:6c:60:72:
d4:b7:cb:aa:8b:3e:90:26:8b:f1:55:9a:1c:57:e0:56:e0:f1:
2f:ac:b4:fb:c8:0b:0a:75:1c:2b:d4:89:13:1e:3f:a4:4d:2b:
7e:d4:f8:53:1e:a0:b3:2e:08:86:05:f8:f7:be:79:71:c8:a0:
0e:3c:fd:8f:0d:56:89:f3:68:5d:29:df:07:aa:9f:5b:a5:79:
f5:6d:d9:6a:15:b2:5b:63:19:81:0c:66:50:93:1d:c8:c6:b6:
4d:c7:b2:6e:3c:3c:a7:c6:d7:ef:da:38:67:49:42:46:1a:15:
78:5b:98:01:32:33:9b:de:55:7c:02:f7:26:8d:88:80:a8:60:
5a:d1:de:8e:53:ef:a4:27:8e:24:14:82:de:95:e6:3d:33:ed:
ae:c7:94:46:09:34:6b:72:68:b3:a9:48:06:d4:b0:6a:6a:57:
43:a1:95:3b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAKhpMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwODE5MDE1MzI4WhcNMjYxMjMxMDE1MzI4WjAYMRYw
FAYDVQQDEw02NmMyYTU5Yi1iZjU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3+Kt7VsNjqT0zzKXd2hlLx4i24pCXdYPNT74X3REgZvNb0VIQJgUQ0IW
1k/TUjcq5QxYTN9Z+XScS5t3u+OmQXQ/hh/CKG7+SUHGZSalnXumFpz7IVOBhbrk
noMFtNoJqdmEtn+grZg1OkSdOtf1iN6THp78C8nuOHtMjNH9+SpG1GN70vwg+HMo
QCUR1A2G7LMEAtmSkFcMHyS/setSrlCqRjaCtIodN5pE9NCTyGvsIw2yr6OEN2gh
PiAhc6w0cIYBS6zoSsBWY/BF7kczOjxwsbz4HCLZQ8FWlyPY4zBvXLNSxD0NS9Qr
MNuAFuWQnJecLHmEoMWEcInxonjBCQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCX4
nA8O0E2hmoT+sg73vsmK1cb1MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9ENUNGNTlEQTVEQ0QxMUVGQjMxNjdFODk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcYDMA0GCSqGSIb3DQEBCwUA
A4IBAQBek6z8AQGi5svL9pfCQz+COK1EWsK4ydoaLiX2xzaB8+5xh/RxdNvdqh+u
qg/rL9as5bhbN5kdVmqTwE9myJNchp7UeW20YTr5Z7wrOT0L4c9mjM5iZPVsYHLU
t8uqiz6QJovxVZocV+BW4PEvrLT7yAsKdRwr1IkTHj+kTSt+1PhTHqCzLgiGBfj3
vnlxyKAOPP2PDVaJ82hdKd8Hqp9bpXn1bdlqFbJbYxmBDGZQkx3IxrZNx7JuPDyn
xtfv2jhnSUJGGhV4W5gBMjOb3lV8AvcmjYiAqGBa0d6OU++kJ44kFILeleY9M+2u
x5RGCTRrcmizqUgG1LBqaldDoZU7
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:51 2024 by rpki-client on console-ams.rpki-client.org