Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2421AA621F0211EFA40C503F7DDC24C2.roa
File: 2421AA621F0211EFA40C503F7DDC24C2.roa (raw, json)
Hash identifier: ohcFOl5hfcRnXoL16+m588K+taXYD4PzMg+cZn3vlHI=
Subject key identifier: 2D:68:BD:25:AF:77:2C:89:71:30:E5:33:23:14:CB:F1:35:B0:45:0F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 8DAB
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2421AA621F0211EFA40C503F7DDC24C2.roa
Signing time: Fri 31 May 2024 03:59:13 +0000
ROA not before: Fri 31 May 2024 03:59:09 +0000
ROA not after: Fri 23 May 2025 03:59:09 +0000
asID: 59134
IP address blocks: 45.195.248.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 36267 (0x8dab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 31 03:59:09 2024 GMT
Not After : May 23 03:59:09 2025 GMT
Subject: CN=66594b11-244a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:1b:f9:7e:a4:f7:c3:89:77:28:3e:7a:2b:f3:
de:2e:74:39:22:e8:c8:42:3a:c5:b1:7c:43:af:ab:
84:05:5a:db:5e:6f:ba:55:01:68:68:5b:e3:e2:15:
3d:ed:39:4a:ab:78:dd:61:e7:e2:b5:a2:1a:2d:e7:
76:78:76:89:9b:fa:e4:c0:94:c9:65:af:54:13:17:
d7:7f:85:02:f7:61:05:a3:1c:21:94:9e:ab:f5:d8:
c5:c4:fe:fc:4d:ab:69:73:96:e3:13:36:07:94:ab:
ca:dc:e1:61:a7:0a:78:cb:90:0d:3e:2c:70:e2:18:
f1:7f:99:03:7e:45:78:53:a6:a5:30:5c:9a:82:02:
b3:5d:ee:81:7a:29:b8:42:be:53:d3:02:77:6f:96:
c6:b8:63:a0:6c:4e:dc:a8:4a:37:21:47:8b:e6:11:
77:16:75:68:b0:61:6e:29:37:53:17:df:7f:09:5a:
5e:e1:ab:78:9b:48:da:13:1c:cf:7b:ef:72:4d:9a:
a2:cb:92:78:e0:ca:be:a0:7a:e2:69:7b:26:d2:3e:
ff:0f:b2:97:e6:a9:ff:cf:61:fb:e4:b0:7e:16:d4:
34:bd:ba:c1:8f:e0:2c:ef:0b:7b:8f:7c:e0:07:11:
e3:a3:1b:b0:62:0f:71:ba:1d:39:ec:95:29:d7:ae:
38:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:68:BD:25:AF:77:2C:89:71:30:E5:33:23:14:CB:F1:35:B0:45:0F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2421AA621F0211EFA40C503F7DDC24C2.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.195.248.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:bb:98:41:56:52:59:6c:8b:7d:cc:50:ce:ce:a3:ac:5c:98:
d4:fb:54:96:d5:7e:2e:86:6b:e4:39:51:53:ae:9f:a3:12:55:
22:22:2f:73:a1:86:14:21:ae:cf:06:ee:53:c8:78:36:37:8a:
3b:90:bb:fe:cd:16:24:06:d6:fe:e0:0c:96:48:f8:ea:d9:ce:
3d:b1:2e:d6:d6:71:2d:82:d1:17:5c:08:d3:b2:6b:a9:33:37:
fc:15:02:ea:84:5e:82:24:05:9e:99:e2:f4:65:f3:8b:e2:d3:
d8:38:5d:e2:e2:17:70:78:17:ad:2d:5b:87:0d:29:cd:0f:7d:
12:b0:81:13:0c:15:91:dd:6f:5b:c3:82:a8:2f:af:f3:0c:3f:
95:66:0a:36:67:6c:b5:e4:e7:6a:57:eb:36:31:93:47:93:cc:
18:67:8d:86:82:0b:bb:ea:07:08:99:07:46:bd:cd:13:2f:5e:
d6:34:f5:7d:de:53:f7:7a:d7:92:71:46:11:7c:22:13:e5:f7:
8b:db:66:18:f9:22:b2:e8:2c:f5:cc:a3:65:7c:8e:63:1d:a2:
e5:56:52:b7:17:ca:25:88:bd:8e:68:d0:9e:f1:f1:cb:83:35:
3e:25:45:e6:76:18:e3:e7:f8:34:e0:23:07:7c:63:eb:74:1f:
d6:fe:39:3e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAI2rMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNTMxMDM1OTA5WhcNMjUwNTIzMDM1OTA5WjAYMRYw
FAYDVQQDEw02NjU5NGIxMS0yNDRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3Rv5fqT3w4l3KD56K/PeLnQ5IujIQjrFsXxDr6uEBVrbXm+6VQFoaFvj
4hU97TlKq3jdYefitaIaLed2eHaJm/rkwJTJZa9UExfXf4UC92EFoxwhlJ6r9djF
xP78Tatpc5bjEzYHlKvK3OFhpwp4y5ANPixw4hjxf5kDfkV4U6alMFyaggKzXe6B
eim4Qr5T0wJ3b5bGuGOgbE7cqEo3IUeL5hF3FnVosGFuKTdTF99/CVpe4at4m0ja
ExzPe+9yTZqiy5J44Mq+oHriaXsm0j7/D7KX5qn/z2H75LB+FtQ0vbrBj+As7wt7
j3zgBxHjoxuwYg9xuh057JUp16443QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFC1o
vSWvdyyJcTDlMyMUy/E1sEUPMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yNDIxQUE2MjFGMDIxMUVGQTQwQzUwM0Y3RERDMjRDMi5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcP4MA0GCSqGSIb3DQEBCwUA
A4IBAQBKu5hBVlJZbIt9zFDOzqOsXJjU+1SW1X4uhmvkOVFTrp+jElUiIi9zoYYU
Ia7PBu5TyHg2N4o7kLv+zRYkBtb+4AyWSPjq2c49sS7W1nEtgtEXXAjTsmupMzf8
FQLqhF6CJAWemeL0ZfOL4tPYOF3i4hdweBetLVuHDSnND30SsIETDBWR3W9bw4Ko
L6/zDD+VZgo2Z2y15OdqV+s2MZNHk8wYZ42Gggu76gcImQdGvc0TL17WNPV93lP3
eteScUYRfCIT5feL22YY+SKy6Cz1zKNlfI5jHaLlVlK3F8oliL2OaNCe8fHLgzU+
JUXmdhjj5/g04CMHfGPrdB/W/jk+
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:21 2024 by rpki-client on console-fra.rpki-client.org