Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1B2885FE719E11EFA00A9157762E951A.roa
File: 1B2885FE719E11EFA00A9157762E951A.roa (raw, json)
Hash identifier: THmSsQBclZqZDtZ8eaafq2qP8UfcjXD1RvT+weilAhs=
Subject key identifier: 89:30:FE:CE:47:FE:87:ED:5D:D9:CC:00:40:D7:38:3C:FE:B2:43:B9
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: B52A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1B2885FE719E11EFA00A9157762E951A.roa
Signing time: Fri 13 Sep 2024 07:02:15 +0000
ROA not before: Fri 13 Sep 2024 07:02:11 +0000
ROA not after: Fri 08 Aug 2025 07:02:11 +0000
asID: 133861
IP address blocks: 45.207.36.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46378 (0xb52a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 13 07:02:11 2024 GMT
Not After : Aug 8 07:02:11 2025 GMT
Subject: CN=66e3e377-a083
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:14:08:12:21:d8:d3:66:d3:f2:96:2a:49:de:
f7:8c:bf:ac:a2:95:0d:09:96:14:98:af:0a:6c:85:
bf:56:e0:21:a2:55:be:43:ee:37:84:7c:d5:f4:f6:
19:1e:e9:8b:26:d9:92:f9:ca:21:27:57:06:08:4c:
19:2b:6b:86:80:f4:66:1c:58:10:d4:33:bb:9b:2d:
03:85:a5:8a:52:db:16:1e:0c:84:47:f1:47:a6:2b:
bc:b5:38:d1:9c:c5:ef:4d:2a:04:6d:55:f3:8b:89:
d4:43:00:5e:ee:c9:c8:09:6a:d3:37:02:58:59:c4:
8a:c4:b6:e8:8c:52:b6:5b:69:1f:e5:84:4d:36:5d:
f1:cc:c1:a4:72:f1:32:f1:e3:58:2b:b8:a1:cd:08:
79:bf:fd:66:36:0c:ca:79:d0:4a:d9:71:2f:5a:19:
d6:fd:34:9b:d0:8b:2a:2f:c3:09:96:11:13:99:8c:
90:93:79:1f:c0:8f:fe:b3:c8:d3:df:e9:e5:83:90:
0b:51:ff:e2:f3:1e:77:be:16:04:4a:c4:b0:82:75:
de:1c:c2:92:02:ff:f8:15:a3:4b:80:c8:7b:a1:ef:
af:a4:17:9b:d5:f2:bf:7b:99:d5:b2:18:3d:3f:87:
bf:9f:74:1a:d0:d0:15:a3:06:8f:76:b7:1b:cc:30:
29:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:30:FE:CE:47:FE:87:ED:5D:D9:CC:00:40:D7:38:3C:FE:B2:43:B9
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1B2885FE719E11EFA00A9157762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.207.36.0/22
Signature Algorithm: sha256WithRSAEncryption
6e:bd:17:a2:5d:29:f4:19:2e:49:4d:f8:65:f1:df:b3:39:18:
3b:e1:d0:dc:ea:a2:2b:9a:64:78:59:11:63:a5:6e:2c:75:2e:
73:a5:06:4e:db:d3:73:e5:ce:98:e9:41:9c:78:25:37:4e:37:
1b:2f:a5:9c:d4:f3:49:4c:24:76:e9:86:7e:79:de:b4:ec:62:
42:a2:cc:cc:05:34:71:a0:58:db:e2:87:24:cf:41:11:7a:f0:
4b:99:b5:f0:22:ef:36:34:03:de:7d:94:c6:b5:86:2f:cd:6d:
8e:87:bb:fc:37:fc:b1:3a:1e:c0:1f:94:e8:39:ed:a3:be:db:
9e:07:c5:e1:cd:eb:37:24:fa:fc:37:30:08:c1:fc:ba:8e:79:
63:e7:3d:70:1f:5b:0a:2e:25:be:cd:06:95:56:2c:45:7f:a7:
59:a9:be:3d:a4:fd:d8:1b:b9:22:ff:25:06:a9:38:7c:ae:52:
ad:8b:8f:82:61:7c:db:9c:36:34:93:ff:bc:54:a4:10:6b:e7:
79:15:46:bc:a4:8d:ec:c8:b8:c1:06:e9:3c:40:d1:76:62:48:
c9:42:6d:c9:71:c2:65:68:7b:81:9c:b3:a3:eb:89:35:6a:85:
08:27:0a:7a:88:fe:97:c5:3d:89:41:29:d6:c5:e5:f5:7b:79:
57:3d:6c:08
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDALUqMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwOTEzMDcwMjExWhcNMjUwODA4MDcwMjExWjAYMRYw
FAYDVQQDEw02NmUzZTM3Ny1hMDgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuBQIEiHY02bT8pYqSd73jL+sopUNCZYUmK8KbIW/VuAholW+Q+43hHzV
9PYZHumLJtmS+cohJ1cGCEwZK2uGgPRmHFgQ1DO7my0DhaWKUtsWHgyER/FHpiu8
tTjRnMXvTSoEbVXzi4nUQwBe7snICWrTNwJYWcSKxLbojFK2W2kf5YRNNl3xzMGk
cvEy8eNYK7ihzQh5v/1mNgzKedBK2XEvWhnW/TSb0IsqL8MJlhETmYyQk3kfwI/+
s8jT3+nlg5ALUf/i8x53vhYESsSwgnXeHMKSAv/4FaNLgMh7oe+vpBeb1fK/e5nV
shg9P4e/n3Qa0NAVowaPdrcbzDApZQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIkw
/s5H/oftXdnMAEDXODz+skO5MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xQjI4ODVGRTcxOUUxMUVGQTAwQTkxNTc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLc8kMA0GCSqGSIb3DQEBCwUA
A4IBAQBuvReiXSn0GS5JTfhl8d+zORg74dDc6qIrmmR4WRFjpW4sdS5zpQZO29Nz
5c6Y6UGceCU3TjcbL6Wc1PNJTCR26YZ+ed607GJCoszMBTRxoFjb4ockz0ERevBL
mbXwIu82NAPefZTGtYYvzW2Oh7v8N/yxOh7AH5ToOe2jvtueB8Xhzes3JPr8NzAI
wfy6jnlj5z1wH1sKLiW+zQaVVixFf6dZqb49pP3YG7ki/yUGqTh8rlKti4+CYXzb
nDY0k/+8VKQQa+d5FUa8pI3syLjBBuk8QNF2YkjJQm3JccJlaHuBnLOj64k1aoUI
Jwp6iP6XxT2JQSnWxeX1e3lXPWwI
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:20 2024 by rpki-client on console-fra.rpki-client.org