Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1926C438AD5C11EF877CAABD762E951A.roa
File: 1926C438AD5C11EF877CAABD762E951A.roa (raw, json)
Hash identifier: TKo+RmrDs88w+jENC7O1qdoPHu9djonabU8U4dOGvP8=
Subject key identifier: 75:06:B9:20:30:C6:35:C2:6D:CE:56:54:BF:2E:C3:BB:0E:61:22:BB
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: DC55
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1926C438AD5C11EF877CAABD762E951A.roa
Signing time: Thu 28 Nov 2024 07:40:54 +0000
ROA not before: Thu 28 Nov 2024 07:40:50 +0000
ROA not after: Tue 11 Feb 2025 07:40:50 +0000
asID: 9009
IP address blocks: 45.192.152.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 28 Dec 2024 00:21:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 56405 (0xdc55)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 28 07:40:50 2024 GMT
Not After : Feb 11 07:40:50 2025 GMT
Subject: CN=67481e86-56ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:07:63:b8:12:76:65:b9:8e:34:59:9a:cd:d7:
48:d7:97:3d:a8:5d:56:af:70:52:1e:ef:57:5b:c4:
ea:48:0b:f8:21:f6:42:61:85:46:7a:80:13:8e:7e:
e7:53:d7:42:9f:65:52:3f:81:9b:88:4c:a7:9b:59:
dc:4c:43:38:05:71:a0:7c:39:90:7e:01:6b:5c:45:
0d:97:5a:f8:14:a5:ae:7c:be:42:53:c5:b1:4c:cb:
bc:36:dc:d2:94:c0:05:ac:1a:27:9c:b9:b1:f9:70:
4f:a2:ff:ae:6b:18:66:cc:3e:79:fc:4c:49:71:68:
37:fd:d0:e0:e7:aa:67:28:d8:e4:5c:a8:35:ec:eb:
4a:7f:52:43:26:7f:92:00:80:f0:99:46:b6:bb:29:
ca:b4:09:0f:bf:5f:c9:56:f6:59:58:af:ff:d1:77:
a2:19:81:e7:0a:bc:8d:98:a1:21:4b:5a:48:d7:8d:
fe:18:ae:b8:ae:56:d2:99:87:f1:42:37:31:cf:eb:
d9:54:95:21:8e:77:6a:64:fd:2d:0f:3a:4a:76:e4:
b1:4c:83:8b:bc:ee:1c:c9:b5:cf:68:c0:46:21:31:
49:f5:7f:51:4f:4d:63:80:98:e9:36:94:1a:76:a5:
c7:78:99:db:22:5a:de:87:5b:64:51:30:63:30:1f:
dd:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:06:B9:20:30:C6:35:C2:6D:CE:56:54:BF:2E:C3:BB:0E:61:22:BB
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1926C438AD5C11EF877CAABD762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.192.152.0/22
Signature Algorithm: sha256WithRSAEncryption
91:19:54:4e:95:5d:d2:12:e5:02:8b:3f:71:38:70:af:95:23:
0f:9e:0b:b5:9d:13:79:98:b7:70:19:69:47:d5:2d:41:94:1b:
71:d2:90:fa:2f:b4:9b:14:09:fe:a8:2b:6f:f6:8d:6e:bd:e1:
27:d4:8e:7a:3e:5b:d4:76:fe:82:71:8d:ee:d6:f8:45:c9:84:
d7:b3:d7:69:4d:98:50:01:5d:bb:a8:5f:b3:17:34:53:2e:ad:
28:50:fa:f0:42:c0:d2:8a:b4:57:46:27:bd:cd:27:98:4d:e2:
a7:2d:53:21:62:d4:d9:e4:3b:57:fa:67:a1:0c:76:33:fb:42:
cf:d9:6a:f9:b3:c0:e8:18:02:df:9b:78:a1:95:98:8b:8a:ee:
95:82:a0:ef:85:9d:e6:3c:94:c2:43:66:6e:c7:cb:a8:dd:c7:
eb:9d:b7:63:c7:c5:cf:4c:dc:3a:23:ff:aa:cc:d8:cb:97:df:
50:4d:1b:3c:1d:c5:6b:6c:76:ca:f0:40:6f:42:9e:20:37:5d:
1c:14:d1:c8:fb:ad:9e:eb:f1:6c:19:03:a7:1c:79:3b:d5:18:
7f:e6:45:6d:48:58:82:a6:24:28:6f:3a:f1:75:f4:ed:aa:a7:
e4:20:3d:c5:57:1a:2e:6e:f9:1f:40:3d:ca:85:03:de:91:f5:
9f:e0:d5:49
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANxVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTI4MDc0MDUwWhcNMjUwMjExMDc0MDUwWjAYMRYw
FAYDVQQDEw02NzQ4MWU4Ni01NmFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0gdjuBJ2ZbmONFmazddI15c9qF1Wr3BSHu9XW8TqSAv4IfZCYYVGeoAT
jn7nU9dCn2VSP4GbiEynm1ncTEM4BXGgfDmQfgFrXEUNl1r4FKWufL5CU8WxTMu8
NtzSlMAFrBonnLmx+XBPov+uaxhmzD55/ExJcWg3/dDg56pnKNjkXKg17OtKf1JD
Jn+SAIDwmUa2uynKtAkPv1/JVvZZWK//0XeiGYHnCryNmKEhS1pI143+GK64rlbS
mYfxQjcxz+vZVJUhjndqZP0tDzpKduSxTIOLvO4cybXPaMBGITFJ9X9RT01jgJjp
NpQadqXHeJnbIlreh1tkUTBjMB/dhQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHUG
uSAwxjXCbc5WVL8uw7sOYSK7MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xOTI2QzQzOEFENUMxMUVGODc3Q0FBQkQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLcCYMA0GCSqGSIb3DQEBCwUA
A4IBAQCRGVROlV3SEuUCiz9xOHCvlSMPngu1nRN5mLdwGWlH1S1BlBtx0pD6L7Sb
FAn+qCtv9o1uveEn1I56PlvUdv6CcY3u1vhFyYTXs9dpTZhQAV27qF+zFzRTLq0o
UPrwQsDSirRXRie9zSeYTeKnLVMhYtTZ5DtX+mehDHYz+0LP2Wr5s8DoGALfm3ih
lZiLiu6VgqDvhZ3mPJTCQ2Zux8uo3cfrnbdjx8XPTNw6I/+qzNjLl99QTRs8HcVr
bHbK8EBvQp4gN10cFNHI+62e6/FsGQOnHHk71Rh/5kVtSFiCpiQobzrxdfTtqqfk
ID3FVxoubvkfQD3KhQPekfWf4NVJ
-----END CERTIFICATE-----
Generated at Thu Dec 26 15:15:55 2024 by rpki-client on console-ams.rpki-client.org