Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DBFDE40C047C11EF987B6F6D017001B1.roa
File: DBFDE40C047C11EF987B6F6D017001B1.roa (raw, json)
Hash identifier: yDtvyULNPlUlV02nBUsigbxtS/1ts9VsiEJsHb7Mg0U=
Subject key identifier: 41:F3:BB:7E:7E:9E:B4:B7:76:AC:FB:2E:EB:E7:9E:18:F7:49:8C:F1
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 866F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DBFDE40C047C11EF987B6F6D017001B1.roa
Signing time: Sat 27 Apr 2024 09:59:38 +0000
ROA not before: Sat 27 Apr 2024 09:59:35 +0000
ROA not after: Sat 01 Mar 2025 09:59:35 +0000
asID: 41811
IP address blocks: 45.207.6.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 34415 (0x866f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 27 09:59:35 2024 GMT
Not After : Mar 1 09:59:35 2025 GMT
Subject: CN=662ccc8a-0a09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:93:bd:24:b5:b8:9e:36:19:fc:09:13:ff:76:
7c:46:25:77:bf:21:84:45:a3:f9:7f:68:54:1f:bc:
21:19:27:5c:a6:3a:8d:7d:5b:3e:63:b1:f4:93:50:
67:d3:10:73:e3:e1:9d:de:b8:e6:8c:e6:b5:30:58:
f0:76:db:8b:25:7c:87:9d:26:fa:82:3d:cd:8a:be:
7a:12:21:1b:5d:f4:63:9a:0b:2c:ee:05:b6:ba:0c:
20:ec:9a:24:4c:94:dd:f2:b1:9b:78:8b:8e:0c:ba:
29:0b:92:e8:5e:ac:e2:8f:90:ee:9c:01:7f:d5:31:
cb:04:7f:82:12:19:66:5a:67:3c:8c:dc:f6:a1:7d:
6f:62:fc:e7:aa:fb:91:b0:55:ef:b0:14:3e:aa:47:
f4:60:6b:84:3b:b6:47:fb:1a:eb:5e:cf:76:4b:5b:
5d:34:0a:1b:57:22:75:06:8b:45:c9:82:3d:93:c4:
35:28:a4:d0:30:2b:51:51:dc:19:96:33:32:1f:f1:
f4:79:2a:b0:a0:3a:1d:c3:ac:03:a3:06:f9:05:77:
51:85:59:4c:dc:75:67:b9:35:f8:a5:ee:b1:db:1c:
85:da:92:94:96:f8:22:64:96:ea:0a:ea:d3:c4:b2:
a2:42:cc:d9:28:29:c9:8b:9b:58:1b:57:68:f3:3c:
ba:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:F3:BB:7E:7E:9E:B4:B7:76:AC:FB:2E:EB:E7:9E:18:F7:49:8C:F1
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DBFDE40C047C11EF987B6F6D017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.207.6.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:30:22:4c:f8:92:0d:0a:da:c2:af:82:dc:aa:84:7a:eb:4c:
8f:41:1d:75:0b:89:84:e0:f0:db:1c:a3:c6:98:59:4a:5e:73:
5c:0a:49:27:c3:9c:2c:70:3c:33:52:ca:cd:32:97:b7:b2:75:
ff:5f:f5:a8:ba:14:6c:f5:ae:91:9c:17:61:06:fb:ae:ed:e4:
77:76:b4:42:2f:b6:03:b5:43:72:e1:d9:dc:70:27:ac:29:85:
d7:69:ef:d2:5f:a5:d9:3c:ef:1a:a6:f0:f3:e9:c6:6e:47:f6:
8d:00:81:86:45:fb:d0:89:4a:c8:16:b9:8c:10:3e:af:ab:1b:
9f:1f:2b:b9:dc:7c:20:23:10:31:c4:67:18:80:24:d4:93:54:
8c:76:83:ef:39:f3:b2:3d:e5:25:06:33:12:a1:6f:83:57:36:
ec:07:d2:2f:b2:7b:a9:e7:69:62:03:4e:a2:76:bf:70:4c:af:
ea:ee:51:7f:f8:fd:2e:82:99:c5:1c:0a:42:69:b1:17:a6:14:
f3:16:78:ef:98:49:b0:dd:16:a3:9a:12:a8:82:1f:03:08:ef:
16:7f:ee:b7:bd:32:b9:e3:9c:15:e5:7d:61:a1:d2:ec:86:75:
c2:38:89:e3:f2:b2:1a:f7:03:f9:fb:01:03:d4:44:c4:bd:a6:
8b:64:50:3f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAIZvMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNDI3MDk1OTM1WhcNMjUwMzAxMDk1OTM1WjAYMRYw
FAYDVQQDEw02NjJjY2M4YS0wYTA5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAn5O9JLW4njYZ/AkT/3Z8RiV3vyGERaP5f2hUH7whGSdcpjqNfVs+Y7H0
k1Bn0xBz4+Gd3rjmjOa1MFjwdtuLJXyHnSb6gj3Nir56EiEbXfRjmgss7gW2ugwg
7JokTJTd8rGbeIuODLopC5LoXqzij5DunAF/1THLBH+CEhlmWmc8jNz2oX1vYvzn
qvuRsFXvsBQ+qkf0YGuEO7ZH+xrrXs92S1tdNAobVyJ1BotFyYI9k8Q1KKTQMCtR
UdwZljMyH/H0eSqwoDodw6wDowb5BXdRhVlM3HVnuTX4pe6x2xyF2pKUlvgiZJbq
CurTxLKiQszZKCnJi5tYG1do8zy6EwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEHz
u35+nrS3dqz7Luvnnhj3SYzxMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EQkZERTQwQzA0N0MxMUVGOTg3QjZGNkQwMTcwMDFCMS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc8GMA0GCSqGSIb3DQEBCwUA
A4IBAQBrMCJM+JINCtrCr4LcqoR660yPQR11C4mE4PDbHKPGmFlKXnNcCkknw5ws
cDwzUsrNMpe3snX/X/WouhRs9a6RnBdhBvuu7eR3drRCL7YDtUNy4dnccCesKYXX
ae/SX6XZPO8apvDz6cZuR/aNAIGGRfvQiUrIFrmMED6vqxufHyu53HwgIxAxxGcY
gCTUk1SMdoPvOfOyPeUlBjMSoW+DVzbsB9Ivsnup52liA06idr9wTK/q7lF/+P0u
gpnFHApCabEXphTzFnjvmEmw3RajmhKogh8DCO8Wf+63vTK545wV5X1hodLshnXC
OInj8rIa9wP5+wED1ETEvaaLZFA/
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:50 2024 by rpki-client on console-fra.rpki-client.org