Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F4E86D60726911EF908B9856762E951A.roa
File: F4E86D60726911EF908B9856762E951A.roa (raw, json)
Hash identifier: 2gCc2oPdhlq7XQA4+NkAFSQo9IqYZMR+6IBZ3DiDdTI=
Subject key identifier: 2E:5F:81:2B:7E:09:F6:F2:E4:46:FD:CD:7C:21:31:93:77:72:D2:BF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: B59F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F4E86D60726911EF908B9856762E951A.roa
Signing time: Sat 14 Sep 2024 07:21:28 +0000
ROA not before: Sat 14 Sep 2024 07:21:25 +0000
ROA not after: Fri 08 Aug 2025 07:21:25 +0000
asID: 133861
IP address blocks: 45.207.33.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46495 (0xb59f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 14 07:21:25 2024 GMT
Not After : Aug 8 07:21:25 2025 GMT
Subject: CN=66e53978-90c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:67:c6:a1:ce:d9:4e:10:54:94:d7:c8:bd:7d:
8a:ce:fb:c0:a5:cb:0f:91:6e:b5:2e:15:32:98:3a:
ef:cd:50:77:22:69:06:ff:71:3d:d6:b2:6c:9e:91:
61:98:20:b0:dc:47:86:8b:8a:ec:40:25:90:13:9b:
d3:21:56:3b:83:b2:0e:5d:25:8b:eb:5a:fa:26:2f:
b8:28:3b:2f:cf:53:f6:56:d8:8d:3f:5b:69:de:77:
04:48:f5:cb:12:d5:33:d5:8f:c6:58:28:7b:f3:92:
90:d7:df:45:c8:b2:7c:3a:18:2a:20:74:11:11:49:
29:47:73:26:93:42:29:09:c7:31:18:2f:5e:ff:43:
22:a9:f5:6e:f2:f6:73:dd:3c:9c:44:64:99:6f:bf:
cb:8d:29:b8:82:dd:cd:cb:76:97:da:8c:21:40:77:
d6:10:db:ee:cf:ce:39:a4:1d:24:8a:4b:bd:bc:1b:
04:11:44:fc:9d:87:c2:77:c4:65:92:3b:50:c4:2f:
a2:aa:af:df:e0:47:b8:6e:91:4c:b4:85:0d:4c:f5:
80:ed:c1:e7:6e:ba:f8:2f:4b:9e:70:ae:87:23:16:
8d:0e:06:18:bd:de:22:ce:c6:9e:34:02:a9:7a:d3:
31:1d:b5:9b:b4:da:4a:70:c6:54:ae:cd:47:ba:e2:
69:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:5F:81:2B:7E:09:F6:F2:E4:46:FD:CD:7C:21:31:93:77:72:D2:BF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F4E86D60726911EF908B9856762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.207.33.0/24
Signature Algorithm: sha256WithRSAEncryption
99:57:f1:cd:e3:12:a3:64:22:22:b4:f0:b9:ac:46:af:c1:ee:
3f:66:7d:d3:cd:0a:a7:f8:2d:4c:6b:b2:68:d5:1a:14:f4:64:
d2:c9:00:52:9d:fe:51:5e:70:c3:a2:13:61:cd:db:e9:a3:ff:
5c:9b:dd:0d:5a:ec:24:b2:c6:0d:1a:db:03:32:1e:f6:bc:99:
0d:bc:dd:f9:29:33:ae:e1:2e:eb:d4:71:64:4f:68:0b:3a:d4:
6f:9c:81:e9:ea:5c:20:55:11:3a:dc:55:d0:47:17:27:63:fd:
6e:1c:8f:ac:17:f5:92:d5:3d:05:9f:92:06:6c:d3:45:45:eb:
ce:34:80:f5:63:e3:6d:57:76:cc:e9:46:43:3d:74:c7:31:bc:
b6:7b:f5:a7:75:7a:49:a3:8e:b3:64:c1:c2:fd:3c:1f:ff:1a:
df:2d:2e:37:4c:82:b1:fe:ca:41:87:08:e4:48:fb:48:3f:91:
5d:92:90:7b:18:c9:47:26:38:82:f2:b3:20:73:54:ce:58:ad:
22:ec:3e:39:e8:4f:d6:b7:c9:f1:25:f1:98:80:87:93:ea:dc:
f6:0d:26:a9:64:86:7a:99:e6:3d:24:f8:32:91:3d:9c:9d:53:
79:34:1b:c0:3c:c1:f1:04:9f:f7:79:3c:cd:d1:b1:74:9f:08:
b3:ac:eb:2c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDALWfMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwOTE0MDcyMTI1WhcNMjUwODA4MDcyMTI1WjAYMRYw
FAYDVQQDEw02NmU1Mzk3OC05MGM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA32fGoc7ZThBUlNfIvX2KzvvApcsPkW61LhUymDrvzVB3ImkG/3E91rJs
npFhmCCw3EeGi4rsQCWQE5vTIVY7g7IOXSWL61r6Ji+4KDsvz1P2VtiNP1tp3ncE
SPXLEtUz1Y/GWCh785KQ199FyLJ8OhgqIHQREUkpR3Mmk0IpCccxGC9e/0MiqfVu
8vZz3TycRGSZb7/LjSm4gt3Ny3aX2owhQHfWENvuz845pB0kiku9vBsEEUT8nYfC
d8RlkjtQxC+iqq/f4Ee4bpFMtIUNTPWA7cHnbrr4L0uecK6HIxaNDgYYvd4izsae
NAKpetMxHbWbtNpKcMZUrs1HuuJpEQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFC5f
gSt+Cfby5Eb9zXwhMZN3ctK/MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GNEU4NkQ2MDcyNjkxMUVGOTA4Qjk4NTY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc8hMA0GCSqGSIb3DQEBCwUA
A4IBAQCZV/HN4xKjZCIitPC5rEavwe4/Zn3TzQqn+C1Ma7Jo1RoU9GTSyQBSnf5R
XnDDohNhzdvpo/9cm90NWuwkssYNGtsDMh72vJkNvN35KTOu4S7r1HFkT2gLOtRv
nIHp6lwgVRE63FXQRxcnY/1uHI+sF/WS1T0Fn5IGbNNFRevONID1Y+NtV3bM6UZD
PXTHMby2e/WndXpJo46zZMHC/Twf/xrfLS43TIKx/spBhwjkSPtIP5FdkpB7GMlH
JjiC8rMgc1TOWK0i7D456E/Wt8nxJfGYgIeT6tz2DSapZIZ6meY9JPgykT2cnVN5
NBvAPMHxBJ/3eTzN0bF0nwizrOss
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:54 2024 by rpki-client on console-fra.rpki-client.org