Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368588E/B5F42540CB2F11E9A6292927F8AEA228/028AE0848E6511EB9F7DB66AF8AEA228.roa
File: 028AE0848E6511EB9F7DB66AF8AEA228.roa (raw, json)
Hash identifier: 0qPx7Dwu8RjdR4H81YDiJJ6f5FFJ4STm+gTVCcpfY+w=
Subject key identifier: 18:D7:8A:C2:7E:12:4B:8F:FD:88:05:B3:87:60:B1:E6:6D:B4:C4:42
Certificate issuer: /CN=F368588EAR/serialNumber=86EAEC4294DFBA7045A88642E9DFC4551B34C255
Certificate serial: 0259
Authority key identifier: 86:EA:EC:42:94:DF:BA:70:45:A8:86:42:E9:DF:C4:55:1B:34:C2:55
Authority info access: rsync://rpki.afrinic.net/repository/arin/hursQpTfunBFqIZC6d_EVRs0wlU.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368588E/B5F42540CB2F11E9A6292927F8AEA228/028AE0848E6511EB9F7DB66AF8AEA228.roa
Signing time: Fri 26 Mar 2021 18:56:45 +0000
ROA not before: Fri 26 Mar 2021 18:56:41 +0000
ROA not after: Mon 31 Mar 2031 18:56:41 +0000
asID: 42
IP address blocks: 45.221.0.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368588E/B5F42540CB2F11E9A6292927F8AEA228/hursQpTfunBFqIZC6d_EVRs0wlU.crl
rsync://rpki.afrinic.net/repository/member_repository/F368588E/B5F42540CB2F11E9A6292927F8AEA228/hursQpTfunBFqIZC6d_EVRs0wlU.mft
rsync://rpki.afrinic.net/repository/arin/hursQpTfunBFqIZC6d_EVRs0wlU.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 23 May 2024 00:16:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 601 (0x259)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368588EAR/serialNumber=86EAEC4294DFBA7045A88642E9DFC4551B34C255
Validity
Not Before: Mar 26 18:56:41 2021 GMT
Not After : Mar 31 18:56:41 2031 GMT
Subject: CN=605e2e6d-ff33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:f3:5a:af:2b:21:67:a8:0d:f5:e7:84:19:28:
fa:51:39:6f:73:f7:93:2f:65:a2:71:d8:35:9d:dc:
f9:4e:1a:6a:91:ca:a1:a4:9c:fe:87:7d:c4:15:f9:
c7:51:c8:21:c0:5a:7d:30:61:fb:72:87:26:8e:bd:
dc:5f:ed:b6:0c:1c:46:e5:5e:d0:73:d2:a8:e3:c7:
b1:fc:f1:45:c5:39:00:6b:d3:f0:d6:22:d3:74:05:
11:64:9a:71:25:dd:e7:e2:b7:b8:fd:64:1f:20:0d:
49:c0:b4:13:ab:6f:45:c3:66:dd:17:ba:82:c8:5e:
53:a3:47:d9:6f:a7:2a:c0:77:7b:9b:d7:6c:a8:b1:
f6:fd:d0:e3:73:7f:87:59:07:ae:b9:60:3b:a0:14:
97:d5:8b:75:97:4b:4c:34:e1:6a:54:24:b3:8f:d5:
11:f5:3d:a9:57:0d:c6:a7:e9:ae:18:a9:00:24:22:
24:a2:39:bc:4b:c7:93:38:88:0f:59:79:7f:03:aa:
a1:8a:b7:2f:91:1f:c3:fe:b2:cd:95:a5:a7:b4:fb:
60:1c:cd:af:e4:48:4b:25:1e:9d:52:09:27:24:da:
f7:f9:99:7c:9c:c8:0a:01:f6:39:22:5a:59:e3:01:
bc:4a:49:2d:08:4e:e2:88:1d:26:0c:d0:65:a3:04:
ea:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:D7:8A:C2:7E:12:4B:8F:FD:88:05:B3:87:60:B1:E6:6D:B4:C4:42
X509v3 Authority Key Identifier:
keyid:86:EA:EC:42:94:DF:BA:70:45:A8:86:42:E9:DF:C4:55:1B:34:C2:55
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368588E/B5F42540CB2F11E9A6292927F8AEA228/hursQpTfunBFqIZC6d_EVRs0wlU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/hursQpTfunBFqIZC6d_EVRs0wlU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368588E/B5F42540CB2F11E9A6292927F8AEA228/028AE0848E6511EB9F7DB66AF8AEA228.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.221.0.0/22
Signature Algorithm: sha256WithRSAEncryption
18:6e:c9:02:e4:40:10:1c:cc:9c:c6:1a:41:ee:35:96:72:72:
d0:3d:28:55:bd:61:80:bb:46:82:fc:ba:47:c2:4a:38:76:66:
97:20:4b:97:38:e8:e5:15:31:ca:0d:6f:27:bd:2a:d5:13:40:
27:84:b1:91:a7:99:c2:12:d2:6f:71:1d:06:b7:9b:0f:6d:0d:
f1:be:c4:6e:19:16:fd:12:64:b3:3d:aa:94:ce:f4:30:c1:04:
38:10:01:25:c1:17:d4:99:1b:ff:bd:e9:6b:b2:bd:83:7f:8c:
e7:e0:f2:cf:6b:d5:5e:16:0e:1c:34:2b:e8:28:bc:ea:05:41:
f1:eb:50:af:b4:f2:e7:6f:74:c5:13:d1:d2:ff:30:76:3a:ff:
f9:a8:e8:ed:fc:48:7d:56:0e:03:8a:5d:b4:a2:e7:ff:09:5c:
e6:74:41:c2:0a:22:f6:1e:66:a9:b4:6e:99:ed:f5:5c:2e:d7:
5d:f3:e0:0b:dc:e9:c0:fc:dd:c3:a8:b2:61:98:be:f7:1e:01:
6b:44:64:ed:ae:84:0b:96:8d:7c:6d:d5:40:2d:0b:13:1c:09:
3e:a2:31:a9:b0:1d:60:60:b5:18:95:70:49:95:d6:3b:04:02:
ca:d7:f0:39:5b:eb:ff:cc:83:e4:de:d9:8d:ce:c7:43:8a:f0:
10:dc:36:ec
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAlkwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODU4OEVBUjExMC8GA1UEBRMoODZFQUVDNDI5NERGQkE3MDQ1QTg4NjQyRTlERkM0
NTUxQjM0QzI1NTAeFw0yMTAzMjYxODU2NDFaFw0zMTAzMzExODU2NDFaMBgxFjAU
BgNVBAMTDTYwNWUyZTZkLWZmMzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDB81qvKyFnqA3154QZKPpROW9z95MvZaJx2DWd3PlOGmqRyqGknP6HfcQV
+cdRyCHAWn0wYftyhyaOvdxf7bYMHEblXtBz0qjjx7H88UXFOQBr0/DWItN0BRFk
mnEl3efit7j9ZB8gDUnAtBOrb0XDZt0XuoLIXlOjR9lvpyrAd3ub12yosfb90ONz
f4dZB665YDugFJfVi3WXS0w04WpUJLOP1RH1PalXDcan6a4YqQAkIiSiObxLx5M4
iA9ZeX8DqqGKty+RH8P+ss2Vpae0+2Acza/kSEslHp1SCSck2vf5mXycyAoB9jki
WlnjAbxKSS0ITuKIHSYM0GWjBOp7AgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUGNeK
wn4SS4/9iAWzh2Cx5m20xEIwHwYDVR0jBBgwFoAUhursQpTfunBFqIZC6d/EVRs0
wlUwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjg1ODhFL0I1RjQyNTQwQ0IyRjExRTlBNjI5MjkyN0Y4QUVBMjI4L2h1cnNR
cFRmdW5CRnFJWkM2ZF9FVlJzMHdsVS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2h1cnNRcFRmdW5CRnFJWkM2ZF9FVlJzMHdsVS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjg1ODhFL0I1RjQyNTQwQ0IyRjExRTlBNjI5MjkyN0Y4QUVB
MjI4LzAyOEFFMDg0OEU2NTExRUI5RjdEQjY2QUY4QUVBMjI4LnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAIt3QAwDQYJKoZIhvcNAQELBQAD
ggEBABhuyQLkQBAczJzGGkHuNZZyctA9KFW9YYC7RoL8ukfCSjh2ZpcgS5c46OUV
McoNbye9KtUTQCeEsZGnmcIS0m9xHQa3mw9tDfG+xG4ZFv0SZLM9qpTO9DDBBDgQ
ASXBF9SZG/+96WuyvYN/jOfg8s9r1V4WDhw0K+govOoFQfHrUK+08udvdMUT0dL/
MHY6//mo6O38SH1WDgOKXbSi5/8JXOZ0QcIKIvYeZqm0bpnt9Vwu113z4Avc6cD8
3cOosmGYvvceAWtEZO2uhAuWjXxt1UAtCxMcCT6iMamwHWBgtRiVcEmV1jsEAsrX
8Dlb6//Mg+Te2Y3Ox0OK8BDcNuw=
-----END CERTIFICATE-----
Generated at Tue May 21 01:46:37 2024 by rpki-client on console-fra.rpki-client.org