Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E6FC33AA5DCC11EF827DA281762E951A.roa
File: E6FC33AA5DCC11EF827DA281762E951A.roa (raw, json)
Hash identifier: LAFohLNogARWK60YdVln7VNNP+IzKauG/ISgayqropk=
Subject key identifier: 99:CD:60:4D:EC:24:4A:8C:89:35:73:CA:5E:C7:84:89:A8:08:EB:0D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: A861
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E6FC33AA5DCC11EF827DA281762E951A.roa
Signing time: Mon 19 Aug 2024 01:46:50 +0000
ROA not before: Mon 19 Aug 2024 01:46:47 +0000
ROA not after: Thu 31 Dec 2026 01:46:47 +0000
asID: 17561
IP address blocks: 45.206.1.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43105 (0xa861)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Aug 19 01:46:47 2024 GMT
Not After : Dec 31 01:46:47 2026 GMT
Subject: CN=66c2a40a-aca7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:fa:ca:ba:8c:52:8c:cc:a8:cb:07:38:cf:83:
e5:02:46:7d:75:62:af:6c:e9:b3:67:a7:a2:08:77:
34:84:c7:c3:e7:78:b1:54:4b:bc:15:ab:43:2a:cb:
77:aa:8e:e0:f8:21:75:86:4c:0a:a4:3f:21:30:07:
17:91:62:ad:8c:88:18:eb:e4:26:5b:f1:61:b4:f5:
99:db:00:d6:e6:f5:e2:5e:6e:a4:da:0f:4b:29:12:
e9:0f:0b:04:06:02:37:93:41:89:d9:dc:c1:da:cb:
cd:36:42:2e:32:43:cd:2b:7b:a8:3a:fc:35:e3:9f:
37:66:48:d2:ca:2f:4b:a9:1b:84:13:99:37:75:ee:
91:09:f7:e0:a5:fd:1d:07:fe:31:05:fd:c3:98:02:
5a:3c:92:2b:c1:a4:9c:78:6a:6c:8d:d3:5c:b4:cf:
61:12:7c:da:e7:37:b5:29:43:85:c8:45:6b:b5:b2:
a8:91:26:72:21:1f:1f:3f:10:12:3c:3c:be:61:b2:
c8:bc:08:4b:6e:7b:31:9a:41:63:31:08:b7:e6:72:
23:3e:09:a1:fb:80:6a:1e:7a:c3:e0:68:50:64:6f:
46:78:1a:9a:1b:51:85:13:24:41:67:87:fa:77:34:
3a:61:c9:6d:93:57:13:5d:a1:af:03:4e:22:64:ac:
98:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:CD:60:4D:EC:24:4A:8C:89:35:73:CA:5E:C7:84:89:A8:08:EB:0D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E6FC33AA5DCC11EF827DA281762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.206.1.0/24
Signature Algorithm: sha256WithRSAEncryption
63:48:2f:38:ad:35:ca:b5:b8:e9:fc:f9:d6:b4:79:19:6f:bd:
89:15:5d:fe:d2:b2:43:2d:85:2f:46:cb:ee:b9:c8:56:6d:5c:
af:5c:16:fe:a9:63:1f:4a:7f:44:2a:d5:8b:24:b1:f4:c0:70:
04:b2:8e:52:0f:4f:3b:5c:55:fd:9d:d2:6e:1d:8a:67:6a:37:
ad:49:ea:3a:84:2a:9a:1f:f3:35:be:5b:da:23:0f:ba:ea:ef:
f7:93:14:88:34:45:ed:6b:51:97:25:2e:78:b5:ae:ac:00:7e:
a8:05:d3:89:70:2f:15:e4:4f:20:b5:42:cd:55:18:ec:95:90:
2a:ff:b0:37:a1:31:07:40:39:93:0a:95:6f:6d:d6:d9:6c:15:
6e:20:53:e5:79:ba:3d:94:70:8a:2d:3b:20:81:8e:50:ec:1f:
fc:23:a2:88:6a:db:1c:fe:e7:b3:5d:66:51:4f:f4:f2:15:1c:
00:85:ae:23:d5:92:27:6b:71:de:6b:21:e8:06:44:10:43:9e:
45:89:0f:ed:98:f4:83:53:c8:0f:c6:b6:e1:c7:05:1a:92:36:
62:4a:aa:52:47:72:8b:44:91:ef:11:63:ff:66:26:34:73:ee:
c4:a3:44:52:2e:a3:52:d2:42:d3:73:61:15:39:9a:00:78:b3:
39:54:3a:c8
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAKhhMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwODE5MDE0NjQ3WhcNMjYxMjMxMDE0NjQ3WjAYMRYw
FAYDVQQDEw02NmMyYTQwYS1hY2E3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7/rKuoxSjMyoywc4z4PlAkZ9dWKvbOmzZ6eiCHc0hMfD53ixVEu8FatD
Kst3qo7g+CF1hkwKpD8hMAcXkWKtjIgY6+QmW/FhtPWZ2wDW5vXiXm6k2g9LKRLp
DwsEBgI3k0GJ2dzB2svNNkIuMkPNK3uoOvw14583ZkjSyi9LqRuEE5k3de6RCffg
pf0dB/4xBf3DmAJaPJIrwaSceGpsjdNctM9hEnza5ze1KUOFyEVrtbKokSZyIR8f
PxASPDy+YbLIvAhLbnsxmkFjMQi35nIjPgmh+4BqHnrD4GhQZG9GeBqaG1GFEyRB
Z4f6dzQ6Ycltk1cTXaGvA04iZKyYqQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJnN
YE3sJEqMiTVzyl7HhImoCOsNMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FNkZDMzNBQTVEQ0MxMUVGODI3REEyODE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc4BMA0GCSqGSIb3DQEBCwUA
A4IBAQBjSC84rTXKtbjp/PnWtHkZb72JFV3+0rJDLYUvRsvuuchWbVyvXBb+qWMf
Sn9EKtWLJLH0wHAEso5SD087XFX9ndJuHYpnajetSeo6hCqaH/M1vlvaIw+66u/3
kxSINEXta1GXJS54ta6sAH6oBdOJcC8V5E8gtULNVRjslZAq/7A3oTEHQDmTCpVv
bdbZbBVuIFPlebo9lHCKLTsggY5Q7B/8I6KIatsc/uezXWZRT/TyFRwAha4j1ZIn
a3HeayHoBkQQQ55FiQ/tmPSDU8gPxrbhxwUakjZiSqpSR3KLRJHvEWP/ZiY0c+7E
o0RSLqNS0kLTc2EVOZoAeLM5VDrI
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:52 2024 by rpki-client on console-fra.rpki-client.org