Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0B588F426CF911EFA3BA71A8762E951A.roa
File: 0B588F426CF911EFA3BA71A8762E951A.roa (raw, json)
Hash identifier: 7z7+TY2+n3BimbmwylH840H3/YKWItDn0qJp/E96BHw=
Subject key identifier: 1E:AA:C2:28:EF:E3:90:24:53:51:55:A3:43:A3:DE:2E:3C:39:4D:50
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: B2F0
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0B588F426CF911EFA3BA71A8762E951A.roa
Signing time: Sat 07 Sep 2024 09:10:37 +0000
ROA not before: Sat 07 Sep 2024 09:10:33 +0000
ROA not after: Tue 13 May 2025 09:10:33 +0000
asID: 132825
IP address blocks: 45.204.19.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 45808 (0xb2f0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 7 09:10:33 2024 GMT
Not After : May 13 09:10:33 2025 GMT
Subject: CN=66dc188c-b279
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:ff:75:bb:f1:bb:23:c1:80:28:0c:c0:ac:1e:
f5:04:3a:5a:81:53:7d:f8:f4:58:25:cf:3d:35:01:
82:3d:9a:34:b1:c8:39:fa:d3:bd:51:51:d0:20:22:
a8:53:17:dd:c7:c7:d6:0f:da:22:3f:9f:cd:29:db:
dc:46:b6:ce:ad:f7:06:60:90:5d:3b:02:23:bf:30:
c8:a3:a0:96:f9:9d:ad:7b:c6:79:63:ea:30:f8:e7:
8c:fe:ae:37:0a:8b:93:87:35:32:44:6a:09:56:93:
9c:e4:40:fb:eb:c5:64:8c:ee:e1:bd:45:ec:a4:ad:
a5:f6:83:c1:e3:49:6d:13:b2:27:fe:51:24:27:15:
d4:70:aa:44:08:d3:f3:a1:2e:79:cb:d0:f7:64:86:
5f:36:84:56:2f:e0:0f:ab:c4:91:5d:4b:d9:4f:3a:
f2:68:a8:bf:e4:c0:6c:2e:05:97:66:d9:bf:f3:51:
67:32:2c:87:51:10:4c:ed:07:f4:97:76:9b:b7:96:
67:10:b2:90:85:90:54:8b:70:9f:27:54:6f:14:1c:
ee:37:43:8e:06:c1:77:58:d6:3a:74:f2:df:7f:51:
5a:df:4b:17:a9:7f:e9:24:6d:46:46:dc:29:8e:a2:
b3:94:7d:0c:0a:19:f2:0b:42:2b:90:87:1b:b4:ef:
7b:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:AA:C2:28:EF:E3:90:24:53:51:55:A3:43:A3:DE:2E:3C:39:4D:50
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0B588F426CF911EFA3BA71A8762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.204.19.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:e2:50:67:05:20:b4:d7:92:9d:6f:2e:89:ad:62:ca:3c:4e:
07:71:0a:62:00:94:41:0e:76:01:f1:f7:e0:a2:21:80:85:a6:
54:9f:e9:9c:96:19:5e:c9:52:db:25:27:f3:e3:0d:43:b9:f7:
c6:03:23:03:93:46:53:56:1a:7e:9c:67:b4:10:26:5b:c0:c6:
6b:79:4a:11:30:58:99:2a:4c:9b:47:bf:49:f8:26:00:14:96:
7d:bb:3f:e1:62:b1:82:b7:d4:06:fb:de:c6:ea:59:ba:aa:fe:
4d:b2:9e:4e:c5:50:cf:34:1b:24:ed:ee:14:94:ac:b9:40:d8:
20:13:54:33:a4:bb:14:7c:2e:a8:da:08:c8:8a:5d:5f:b2:41:
53:02:6b:3b:01:d0:54:7f:6c:bc:9d:56:ea:e1:71:dd:85:f8:
c1:fd:68:4d:6b:d2:29:5e:21:7a:1d:a2:ca:7a:cc:e8:dd:d2:
2e:23:64:3b:11:7b:35:5c:06:fa:bc:fc:21:29:90:56:c9:3e:
74:b9:12:7c:23:ba:d1:e4:85:3e:ae:bd:a0:16:e1:18:ea:1b:
05:26:3f:d1:c0:a4:c9:75:15:53:67:8a:1b:2c:45:cb:92:cd:
35:dd:e1:42:2d:f2:69:84:12:7e:c2:92:1f:ff:d9:8a:53:8e:
1a:0e:5b:c2
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDALLwMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwOTA3MDkxMDMzWhcNMjUwNTEzMDkxMDMzWjAYMRYw
FAYDVQQDEw02NmRjMTg4Yy1iMjc5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwv91u/G7I8GAKAzArB71BDpagVN9+PRYJc89NQGCPZo0scg5+tO9UVHQ
ICKoUxfdx8fWD9oiP5/NKdvcRrbOrfcGYJBdOwIjvzDIo6CW+Z2te8Z5Y+ow+OeM
/q43CouThzUyRGoJVpOc5ED768VkjO7hvUXspK2l9oPB40ltE7In/lEkJxXUcKpE
CNPzoS55y9D3ZIZfNoRWL+APq8SRXUvZTzryaKi/5MBsLgWXZtm/81FnMiyHURBM
7Qf0l3abt5ZnELKQhZBUi3CfJ1RvFBzuN0OOBsF3WNY6dPLff1Fa30sXqX/pJG1G
RtwpjqKzlH0MChnyC0IrkIcbtO97uQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFB6q
wijv45AkU1FVo0Oj3i48OU1QMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wQjU4OEY0MjZDRjkxMUVGQTNCQTcxQTg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcwTMA0GCSqGSIb3DQEBCwUA
A4IBAQBO4lBnBSC015Kdby6JrWLKPE4HcQpiAJRBDnYB8ffgoiGAhaZUn+mclhle
yVLbJSfz4w1DuffGAyMDk0ZTVhp+nGe0ECZbwMZreUoRMFiZKkybR79J+CYAFJZ9
uz/hYrGCt9QG+97G6lm6qv5Nsp5OxVDPNBsk7e4UlKy5QNggE1QzpLsUfC6o2gjI
il1fskFTAms7AdBUf2y8nVbq4XHdhfjB/WhNa9IpXiF6HaLKeszo3dIuI2Q7EXs1
XAb6vPwhKZBWyT50uRJ8I7rR5IU+rr2gFuEY6hsFJj/RwKTJdRVTZ4obLEXLks01
3eFCLfJphBJ+wpIf/9mKU44aDlvC
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:17 2024 by rpki-client on console-fra.rpki-client.org