Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/28756E4E9B5A11EF8F6FD0B3762E951A.roa
File: 28756E4E9B5A11EF8F6FD0B3762E951A.roa (raw, json)
Hash identifier: +8lIQp347JFK8FEiS0hwlSCsEeTbozD1PrraBf8Ed38=
Subject key identifier: E0:50:FB:46:F4:6F:CF:8A:E4:87:E2:59:E6:F9:DF:EE:CE:F5:D1:74
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: CE3F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/28756E4E9B5A11EF8F6FD0B3762E951A.roa
Signing time: Tue 05 Nov 2024 09:41:40 +0000
ROA not before: Tue 05 Nov 2024 09:41:36 +0000
ROA not after: Sat 07 Dec 2024 09:41:36 +0000
asID: 137897
IP address blocks: 45.204.142.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 52799 (0xce3f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 5 09:41:36 2024 GMT
Not After : Dec 7 09:41:36 2024 GMT
Subject: CN=6729e854-3916
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:99:37:ab:1d:81:6e:8b:18:2f:f9:bd:b7:fb:
ff:e2:ec:fc:7f:53:a2:7f:95:3a:4f:3d:6b:2b:4c:
44:64:e1:b2:40:27:5b:72:74:06:e9:21:22:76:54:
9f:db:c4:e2:e5:97:3c:e1:bd:6c:d1:12:8f:87:f6:
c4:c2:a0:74:44:83:7f:dd:24:45:fc:e7:71:d2:f5:
4b:2e:2f:85:92:42:e8:9f:c7:40:ed:35:ea:d7:b7:
0c:9f:06:ce:d3:d2:b8:1d:2f:7c:ce:80:fa:0d:93:
76:4f:27:02:80:12:00:99:2f:29:87:52:8e:63:db:
85:8c:f2:42:e5:ba:5f:30:cf:9e:26:aa:01:61:72:
34:61:a0:09:39:0f:52:86:33:08:b4:bd:fc:4b:6f:
1c:0e:a2:05:28:22:e1:c9:08:9e:51:78:f9:f9:ca:
0a:f9:eb:ab:1f:e5:b5:63:58:36:49:9e:87:4f:4d:
30:60:63:c0:e9:96:0b:d2:51:23:cc:0f:6b:00:a5:
ed:a3:bb:0f:4e:f6:37:b1:3a:3f:c1:42:3b:09:36:
90:40:0e:1e:ef:19:9a:50:25:dc:63:7e:dd:c9:30:
0b:8b:34:05:61:da:26:ff:18:1d:8c:30:50:04:8f:
6e:c7:70:af:95:d0:30:9e:9f:b6:63:88:9d:f3:5e:
7c:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:50:FB:46:F4:6F:CF:8A:E4:87:E2:59:E6:F9:DF:EE:CE:F5:D1:74
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/28756E4E9B5A11EF8F6FD0B3762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.204.142.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:ba:21:f7:5c:d5:81:96:23:c2:c9:6a:c0:d7:c2:a9:dc:db:
e8:d2:4f:09:60:a5:f7:66:ba:76:71:8e:79:5c:85:13:e1:9a:
06:48:bf:7f:6f:74:4f:88:bf:25:0e:b9:05:f0:1b:78:87:8c:
05:a1:d4:93:32:16:06:cb:db:9f:0f:a0:dc:73:df:ae:12:bb:
7d:92:e8:ca:9e:78:2d:06:5c:48:e9:23:a2:2c:05:08:0a:ad:
d9:72:23:af:e6:3e:b7:8f:a0:cb:11:4f:bb:ef:d2:78:49:d9:
b5:17:dc:85:27:8d:5d:04:46:80:fd:72:6c:83:13:0b:ac:7b:
21:60:1e:64:e7:b3:f8:bd:57:92:38:65:d4:a4:45:54:e2:b6:
a9:9b:60:e3:03:55:66:e9:b2:2c:f4:f4:f1:4a:d8:a3:81:e3:
fd:89:b8:6c:52:1d:e4:83:5c:5f:db:7b:cf:aa:64:d9:28:a6:
43:35:f5:95:bf:f6:a3:57:5c:c5:b9:d7:ed:27:ad:53:e6:7a:
4b:20:8b:be:60:d9:05:94:0b:b4:06:0b:a9:61:e4:8f:90:af:
8a:01:64:ae:f4:4e:b4:6a:95:c8:35:01:33:a2:d2:5d:9b:c1:
7b:18:00:44:04:e3:9a:75:f3:d2:dc:82:b3:eb:f6:d1:d3:26:
9c:11:81:25
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAM4/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTA1MDk0MTM2WhcNMjQxMjA3MDk0MTM2WjAYMRYw
FAYDVQQDEw02NzI5ZTg1NC0zOTE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzZk3qx2BbosYL/m9t/v/4uz8f1Oif5U6Tz1rK0xEZOGyQCdbcnQG6SEi
dlSf28Ti5Zc84b1s0RKPh/bEwqB0RIN/3SRF/Odx0vVLLi+FkkLon8dA7TXq17cM
nwbO09K4HS98zoD6DZN2TycCgBIAmS8ph1KOY9uFjPJC5bpfMM+eJqoBYXI0YaAJ
OQ9ShjMItL38S28cDqIFKCLhyQieUXj5+coK+eurH+W1Y1g2SZ6HT00wYGPA6ZYL
0lEjzA9rAKXto7sPTvY3sTo/wUI7CTaQQA4e7xmaUCXcY37dyTALizQFYdom/xgd
jDBQBI9ux3CvldAwnp+2Y4id8158/QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOBQ
+0b0b8+K5IfiWeb53+7O9dF0MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yODc1NkU0RTlCNUExMUVGOEY2RkQwQjM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcyOMA0GCSqGSIb3DQEBCwUA
A4IBAQA6uiH3XNWBliPCyWrA18Kp3Nvo0k8JYKX3Zrp2cY55XIUT4ZoGSL9/b3RP
iL8lDrkF8Bt4h4wFodSTMhYGy9ufD6Dcc9+uErt9kujKnngtBlxI6SOiLAUICq3Z
ciOv5j63j6DLEU+779J4Sdm1F9yFJ41dBEaA/XJsgxMLrHshYB5k57P4vVeSOGXU
pEVU4rapm2DjA1Vm6bIs9PTxStijgeP9ibhsUh3kg1xf23vPqmTZKKZDNfWVv/aj
V1zFudftJ61T5npLIIu+YNkFlAu0BgupYeSPkK+KAWSu9E60apXINQEzotJdm8F7
GABEBOOadfPS3IKz6/bR0yacEYEl
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:22 2024 by rpki-client on console-fra.rpki-client.org