Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/20FAF81CA43F11EF80CC275A762E951A.roa
File: 20FAF81CA43F11EF80CC275A762E951A.roa (raw, json)
Hash identifier: pSP9fU4fuOt1Wi8xIOGNJoeFQwlUKenCIoiukIPyXis=
Subject key identifier: 6D:0E:72:74:EB:20:AE:B3:3C:1C:C9:63:4B:CD:05:61:B8:28:DE:75
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D354
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/20FAF81CA43F11EF80CC275A762E951A.roa
Signing time: Sat 16 Nov 2024 17:20:52 +0000
ROA not before: Sat 16 Nov 2024 17:20:48 +0000
ROA not after: Mon 17 Feb 2025 17:20:48 +0000
asID: 272018
IP address blocks: 45.198.56.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 54100 (0xd354)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 16 17:20:48 2024 GMT
Not After : Feb 17 17:20:48 2025 GMT
Subject: CN=6738d474-39af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:f9:60:e2:f2:dc:a1:e3:b7:28:6e:01:2f:b3:
95:98:6b:0a:6a:49:e0:8a:17:7c:86:71:47:e1:fe:
0a:47:d2:00:7d:01:1b:00:d0:ed:d2:36:09:f7:fe:
c1:53:79:63:fc:15:af:e2:64:01:a6:58:6a:4e:30:
a4:6c:3d:51:4f:f9:1c:a9:39:44:a1:d8:b7:ad:17:
04:33:d9:86:b3:09:e3:5b:64:69:d4:6e:bc:ba:17:
35:2a:f8:d9:60:dc:66:16:da:6e:eb:02:be:1c:f2:
65:73:15:92:ab:7a:b0:56:7c:ad:cd:ca:09:e6:04:
5d:2a:0d:15:cb:f6:4c:87:69:c8:60:41:45:61:5b:
21:d7:75:c7:65:64:ed:4f:f3:08:a7:69:ae:ea:92:
38:ae:38:e1:f8:ac:dc:41:70:e6:86:79:2b:61:65:
16:4a:b7:3d:e7:b5:1b:a3:e7:ff:84:77:5b:7e:93:
fa:9f:5c:7e:4f:a2:77:2f:0c:c4:04:e9:56:b4:d6:
3a:8e:13:ec:78:6e:0f:2b:71:86:d1:db:66:0e:d6:
7a:0f:e4:1e:f2:b3:59:a4:cb:d7:01:20:a5:f3:80:
80:09:80:68:41:0e:67:8e:d0:ca:4e:93:26:9a:79:
28:82:52:d1:87:cf:7c:44:40:2b:57:b2:d3:4c:32:
9f:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:0E:72:74:EB:20:AE:B3:3C:1C:C9:63:4B:CD:05:61:B8:28:DE:75
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/20FAF81CA43F11EF80CC275A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.198.56.0/23
Signature Algorithm: sha256WithRSAEncryption
50:e7:0d:8a:2e:e8:9c:0c:f5:65:ae:0b:89:6b:59:8a:66:29:
29:3e:2b:f3:9a:47:5e:e2:32:17:c5:78:b3:b5:28:a0:2f:2d:
e3:4b:6b:28:ce:72:e7:93:b3:29:04:03:ba:96:fc:ea:5e:f6:
d9:74:92:8c:05:bf:eb:44:8c:35:74:3e:dc:c1:7c:eb:f5:0f:
8a:39:87:ca:26:d7:74:7e:f6:77:1a:49:fd:09:7a:60:98:c9:
b2:3b:a1:4d:bb:cf:3a:84:83:e8:4e:78:30:87:a9:ab:78:29:
91:e9:61:e2:5c:88:2a:8b:12:41:d1:c3:d1:36:8b:00:05:73:
88:b2:11:58:ab:19:5a:e2:50:4e:b3:a2:c2:b3:96:f4:5c:7c:
3e:fe:53:7f:f8:52:f5:b1:8c:86:a7:b8:72:5b:79:9a:01:7e:
88:ee:b2:6e:b8:b7:3b:1c:81:ef:d0:35:66:29:ad:8e:04:f2:
87:99:c3:57:bc:c9:c9:6d:9d:e3:7e:65:60:ce:02:6c:90:98:
be:8d:a2:92:63:3d:d6:ca:af:bc:10:54:53:11:0f:46:aa:0b:
45:c9:02:10:a7:81:95:0c:ae:6c:02:bf:9e:63:b1:6c:8b:06:
a9:c1:56:eb:c4:1f:89:37:ae:05:3a:8f:8d:1b:bc:fd:3c:7b:
9c:55:75:b4
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANNUMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTE2MTcyMDQ4WhcNMjUwMjE3MTcyMDQ4WjAYMRYw
FAYDVQQDEw02NzM4ZDQ3NC0zOWFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwvlg4vLcoeO3KG4BL7OVmGsKakngihd8hnFH4f4KR9IAfQEbANDt0jYJ
9/7BU3lj/BWv4mQBplhqTjCkbD1RT/kcqTlEodi3rRcEM9mGswnjW2Rp1G68uhc1
KvjZYNxmFtpu6wK+HPJlcxWSq3qwVnytzcoJ5gRdKg0Vy/ZMh2nIYEFFYVsh13XH
ZWTtT/MIp2mu6pI4rjjh+KzcQXDmhnkrYWUWSrc957Ubo+f/hHdbfpP6n1x+T6J3
LwzEBOlWtNY6jhPseG4PK3GG0dtmDtZ6D+Qe8rNZpMvXASCl84CACYBoQQ5njtDK
TpMmmnkoglLRh898REArV7LTTDKflQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFG0O
cnTrIK6zPBzJY0vNBWG4KN51MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yMEZBRjgxQ0E0M0YxMUVGODBDQzI3NUE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLcY4MA0GCSqGSIb3DQEBCwUA
A4IBAQBQ5w2KLuicDPVlrguJa1mKZikpPivzmkde4jIXxXiztSigLy3jS2soznLn
k7MpBAO6lvzqXvbZdJKMBb/rRIw1dD7cwXzr9Q+KOYfKJtd0fvZ3Gkn9CXpgmMmy
O6FNu886hIPoTngwh6mreCmR6WHiXIgqixJB0cPRNosABXOIshFYqxla4lBOs6LC
s5b0XHw+/lN/+FL1sYyGp7hyW3maAX6I7rJuuLc7HIHv0DVmKa2OBPKHmcNXvMnJ
bZ3jfmVgzgJskJi+jaKSYz3Wyq+8EFRTEQ9GqgtFyQIQp4GVDK5sAr+eY7Fsiwap
wVbrxB+JN64FOo+NG7z9PHucVXW0
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:21 2024 by rpki-client on console-fra.rpki-client.org