Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/133CCC08A7DE11EFBACD0AA3762E951A.roa
File: 133CCC08A7DE11EFBACD0AA3762E951A.roa (raw, json)
Hash identifier: iHmtF26Fu0Phnz2/0Yhplhk22Q9LsV+iqqv5H/8/iBs=
Subject key identifier: A9:CC:DA:56:6A:98:99:8E:E4:80:D9:93:D2:18:4C:B7:2B:46:19:06
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D70B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/133CCC08A7DE11EFBACD0AA3762E951A.roa
Signing time: Thu 21 Nov 2024 07:56:12 +0000
ROA not before: Thu 21 Nov 2024 07:56:08 +0000
ROA not after: Sat 04 Jan 2025 07:56:08 +0000
asID: 42831
IP address blocks: 45.198.128.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 55051 (0xd70b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 21 07:56:08 2024 GMT
Not After : Jan 4 07:56:08 2025 GMT
Subject: CN=673ee79c-4854
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:77:f3:ac:15:17:00:09:c6:76:c0:1e:c6:7a:
c8:ac:85:56:52:2f:70:84:ab:96:ee:94:7b:b0:4b:
46:31:5d:b2:0f:5c:9f:b8:8d:5c:ae:4c:d7:cf:30:
0f:0a:a8:de:48:21:d2:1b:de:85:fb:23:23:86:52:
83:cd:92:80:41:88:c9:60:23:f4:c3:89:2e:55:8c:
9a:cd:c3:27:d2:b2:eb:07:ca:78:2d:44:37:28:c9:
fd:f0:7f:f7:92:ff:92:3b:f7:f2:da:a3:03:b8:a9:
3d:78:c6:3d:bc:fd:76:a6:05:a8:79:0c:22:2b:1f:
8c:1f:fa:4b:49:1e:2f:f9:81:23:fd:7c:6a:70:89:
4f:9f:62:4d:d9:f5:88:81:46:87:5a:e3:44:46:37:
17:98:77:a5:28:5a:d3:1b:5c:b1:6b:ee:3b:ce:54:
c4:bc:3f:f8:8f:dd:71:8d:2f:ca:62:c2:d5:ca:cd:
65:db:cd:c8:06:cb:27:f4:f8:2a:eb:f8:6a:23:4d:
45:c7:30:0c:bd:8a:b2:04:e8:94:c3:04:b0:f7:bd:
e8:13:fd:02:dd:5f:30:2f:0c:c6:fe:de:5b:52:e4:
14:77:9a:ee:49:07:ea:c5:24:93:a9:a3:f5:ac:44:
1d:be:36:4b:a2:8f:ca:a1:05:9b:0e:fa:50:91:41:
5a:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:CC:DA:56:6A:98:99:8E:E4:80:D9:93:D2:18:4C:B7:2B:46:19:06
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/133CCC08A7DE11EFBACD0AA3762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.198.128.0/19
Signature Algorithm: sha256WithRSAEncryption
12:61:fc:b9:0c:00:8f:8d:44:79:59:d8:3f:20:2d:42:e5:d8:
d7:4e:55:bb:3e:03:3e:e3:c3:45:64:34:92:a3:0e:79:0c:b0:
3f:85:b8:a9:39:55:4d:69:89:94:4f:bc:65:44:d1:49:ac:8c:
22:ae:6b:09:f4:bb:d5:d7:0c:f5:24:a1:d5:24:d1:df:1f:b9:
e5:78:b5:0b:b8:cf:d6:50:a9:3c:d3:73:a0:56:3f:af:68:ea:
83:a5:98:30:8d:ba:3a:aa:01:4f:d6:5f:79:1d:b1:30:1f:8b:
a5:21:45:28:a6:33:53:a2:35:9c:8f:c7:20:fe:11:6a:36:f3:
4f:57:64:f3:5a:2b:83:82:2b:2c:e0:85:ec:e0:74:8b:40:c0:
3f:fb:6f:96:47:2a:c8:ff:e9:74:7a:8f:d5:0b:bd:fd:f6:39:
21:a3:4f:af:b5:b2:06:bd:c1:7f:94:fa:12:3e:31:ff:d4:bd:
01:07:05:16:8c:51:34:da:2e:9e:0f:1b:de:f9:1a:cf:35:2c:
f6:de:1a:f2:bd:f0:04:74:15:9d:75:6c:60:b5:9b:20:b5:03:
02:d5:45:4a:21:f0:e4:b2:29:c9:e8:43:01:7b:5d:1a:4e:b0:
7e:a1:1c:79:4b:c9:ef:b4:eb:0c:5d:19:2a:80:aa:13:0f:c0:
90:20:16:5c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANcLMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTIxMDc1NjA4WhcNMjUwMTA0MDc1NjA4WjAYMRYw
FAYDVQQDEw02NzNlZTc5Yy00ODU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvHfzrBUXAAnGdsAexnrIrIVWUi9whKuW7pR7sEtGMV2yD1yfuI1crkzX
zzAPCqjeSCHSG96F+yMjhlKDzZKAQYjJYCP0w4kuVYyazcMn0rLrB8p4LUQ3KMn9
8H/3kv+SO/fy2qMDuKk9eMY9vP12pgWoeQwiKx+MH/pLSR4v+YEj/XxqcIlPn2JN
2fWIgUaHWuNERjcXmHelKFrTG1yxa+47zlTEvD/4j91xjS/KYsLVys1l283IBssn
9Pgq6/hqI01FxzAMvYqyBOiUwwSw973oE/0C3V8wLwzG/t5bUuQUd5ruSQfqxSST
qaP1rEQdvjZLoo/KoQWbDvpQkUFaiwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKnM
2lZqmJmO5IDZk9IYTLcrRhkGMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xMzNDQ0MwOEE3REUxMUVGQkFDRDBBQTM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFLcaAMA0GCSqGSIb3DQEBCwUA
A4IBAQASYfy5DACPjUR5Wdg/IC1C5djXTlW7PgM+48NFZDSSow55DLA/hbipOVVN
aYmUT7xlRNFJrIwirmsJ9LvV1wz1JKHVJNHfH7nleLULuM/WUKk803OgVj+vaOqD
pZgwjbo6qgFP1l95HbEwH4ulIUUopjNTojWcj8cg/hFqNvNPV2TzWiuDgiss4IXs
4HSLQMA/+2+WRyrI/+l0eo/VC7399jkho0+vtbIGvcF/lPoSPjH/1L0BBwUWjFE0
2i6eDxve+RrPNSz23hryvfAEdBWddWxgtZsgtQMC1UVKIfDksinJ6EMBe10aTrB+
oRx5S8nvtOsMXRkqgKoTD8CQIBZc
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:19 2024 by rpki-client on console-fra.rpki-client.org