Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E10ADEE67E3911EFBA759E95762E951A.roa
File: E10ADEE67E3911EFBA759E95762E951A.roa (raw, json)
Hash identifier: PeAgT+dCRBnar7LKWT3lbGX4qMeiswqVi4SQ4nLtb+8=
Subject key identifier: 13:A6:89:52:A8:A2:66:00:64:56:E7:55:D1:CD:82:DC:29:F5:63:3E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: BC5F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E10ADEE67E3911EFBA759E95762E951A.roa
Signing time: Sun 29 Sep 2024 08:07:33 +0000
ROA not before: Sun 29 Sep 2024 08:07:29 +0000
ROA not after: Mon 30 Dec 2024 08:07:29 +0000
asID: 17561
IP address blocks: 45.200.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 48223 (0xbc5f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 29 08:07:29 2024 GMT
Not After : Dec 30 08:07:29 2024 GMT
Subject: CN=66f90ac4-63e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:5b:89:1a:3d:7d:28:e2:a8:ad:69:1e:d8:b4:
d5:00:02:9b:20:86:84:c9:1a:21:0a:ac:92:7c:87:
44:8f:7e:4d:6c:7c:8f:2e:3d:99:59:dd:ac:55:84:
2c:e3:a9:fd:8a:1f:66:50:3c:18:d4:89:d7:53:bd:
b3:ae:e7:a8:b4:db:25:9e:b2:b5:12:e2:23:f0:6d:
af:c7:87:51:69:cd:e2:4f:17:83:50:f0:a5:86:c5:
5f:e1:2a:10:d0:a7:7b:5c:63:a6:56:f2:9c:bc:ec:
20:c0:6f:e3:75:15:9f:ea:d8:fb:63:e7:d6:96:fa:
fc:c4:d0:bf:c0:18:64:0c:14:3a:49:ea:e6:4f:ca:
f4:43:33:13:da:5e:48:5b:68:1d:73:8a:18:80:1f:
46:72:eb:c5:6f:f1:a7:4f:30:eb:52:3d:52:33:90:
56:29:30:35:69:10:ed:f9:31:4d:4c:f9:d3:2b:1c:
cc:81:66:bc:82:da:b1:ff:45:c0:bc:90:d4:be:63:
bc:4c:6b:33:01:37:83:77:20:b2:53:77:59:57:02:
4a:a8:d5:36:07:21:ef:51:52:f0:61:a2:5a:f8:b0:
75:36:fb:1c:ca:7c:f5:82:6f:2f:f2:12:c2:f9:22:
d4:9c:8b:10:68:ce:cd:dc:25:8d:34:9e:47:d8:c3:
1e:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:A6:89:52:A8:A2:66:00:64:56:E7:55:D1:CD:82:DC:29:F5:63:3E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E10ADEE67E3911EFBA759E95762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.200.3.0/24
Signature Algorithm: sha256WithRSAEncryption
89:53:50:aa:bf:8c:dd:86:0c:1c:7e:6d:c6:0a:6e:ed:eb:3b:
ae:cb:05:9c:c2:a5:e7:21:cd:75:e5:38:a0:c4:d8:d0:58:77:
42:0c:db:d4:55:55:06:03:82:37:75:86:b1:e8:74:cd:82:3b:
40:ee:0f:c1:62:a8:99:c3:43:f1:9c:62:20:3e:11:97:48:69:
4b:a7:cf:48:e8:4b:18:c8:64:9a:96:52:71:ce:e8:e8:cd:14:
22:bf:78:fe:8d:ce:9f:b9:b5:a2:6a:21:6f:58:08:3d:c3:b7:
c8:29:7d:d6:68:aa:71:70:1f:a4:4b:6e:bc:6f:b4:a1:0f:e0:
9d:e7:7a:0d:cb:b8:cb:97:ff:ef:df:8a:8b:54:b9:10:70:b9:
86:85:b6:0c:77:38:10:05:f8:a3:82:27:54:02:48:1f:06:12:
f2:fc:5a:2f:ac:a5:14:ae:38:ab:8c:c3:49:7f:06:ac:ce:54:
5e:f1:27:d0:de:91:1a:33:96:5b:66:9d:76:23:16:d3:06:8e:
91:b5:55:73:3d:59:c6:f5:fc:b3:6e:15:15:3f:38:05:21:d9:
07:5b:70:53:18:6f:53:50:79:66:2c:eb:4e:82:b0:40:a6:ba:
e2:4e:d5:e0:67:d0:0e:3f:02:96:86:4c:40:3b:33:7f:80:a4:
a8:38:80:8f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDALxfMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwOTI5MDgwNzI5WhcNMjQxMjMwMDgwNzI5WjAYMRYw
FAYDVQQDEw02NmY5MGFjNC02M2U3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAs1uJGj19KOKorWke2LTVAAKbIIaEyRohCqySfIdEj35NbHyPLj2ZWd2s
VYQs46n9ih9mUDwY1InXU72zrueotNslnrK1EuIj8G2vx4dRac3iTxeDUPClhsVf
4SoQ0Kd7XGOmVvKcvOwgwG/jdRWf6tj7Y+fWlvr8xNC/wBhkDBQ6SermT8r0QzMT
2l5IW2gdc4oYgB9GcuvFb/GnTzDrUj1SM5BWKTA1aRDt+TFNTPnTKxzMgWa8gtqx
/0XAvJDUvmO8TGszATeDdyCyU3dZVwJKqNU2ByHvUVLwYaJa+LB1Nvscynz1gm8v
8hLC+SLUnIsQaM7N3CWNNJ5H2MMeiQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBOm
iVKoomYAZFbnVdHNgtwp9WM+MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FMTBBREVFNjdFMzkxMUVGQkE3NTlFOTU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcgDMA0GCSqGSIb3DQEBCwUA
A4IBAQCJU1Cqv4zdhgwcfm3GCm7t6zuuywWcwqXnIc115TigxNjQWHdCDNvUVVUG
A4I3dYax6HTNgjtA7g/BYqiZw0PxnGIgPhGXSGlLp89I6EsYyGSallJxzujozRQi
v3j+jc6fubWiaiFvWAg9w7fIKX3WaKpxcB+kS268b7ShD+Cd53oNy7jLl//v34qL
VLkQcLmGhbYMdzgQBfijgidUAkgfBhLy/FovrKUUrjirjMNJfwaszlRe8SfQ3pEa
M5ZbZp12IxbTBo6RtVVzPVnG9fyzbhUVPzgFIdkHW3BTGG9TUHlmLOtOgrBAprri
TtXgZ9AOPwKWhkxAOzN/gKSoOICP
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:51 2024 by rpki-client on console-fra.rpki-client.org