Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2AB4DE286A9111EF8B63DF88762E951A.roa
File: 2AB4DE286A9111EF8B63DF88762E951A.roa (raw, json)
Hash identifier: WJWCK/bWzAkQIFbR1YFT5wQ5ly5OGdS8BDspGB1HiLA=
Subject key identifier: 6D:2F:BC:9E:6F:2A:35:7E:E8:F0:87:F9:E9:0F:FC:12:17:75:68:BE
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: B1B7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2AB4DE286A9111EF8B63DF88762E951A.roa
Signing time: Wed 04 Sep 2024 07:41:59 +0000
ROA not before: Wed 04 Sep 2024 07:41:56 +0000
ROA not after: Fri 03 Oct 2025 07:41:56 +0000
asID: 45996
IP address blocks: 45.194.98.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 45495 (0xb1b7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 4 07:41:56 2024 GMT
Not After : Oct 3 07:41:56 2025 GMT
Subject: CN=66d80f47-c7d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:aa:b2:08:d0:89:ad:52:d3:75:ed:1e:65:64:
95:13:03:ca:25:bb:a4:c7:36:1f:16:de:93:03:d6:
9b:61:ef:bf:9f:66:e2:70:24:c5:d9:33:ef:55:04:
5e:e2:18:5c:26:7c:94:ae:76:c5:88:f9:5b:16:71:
7d:57:fb:14:fb:18:79:f9:26:b0:8b:ab:81:c6:a0:
22:40:9d:fa:46:e9:4f:23:87:6d:f7:6c:58:94:bd:
0c:dc:57:3f:d0:68:9f:a2:5d:b7:1e:1f:14:37:93:
92:2a:9e:a5:49:bf:2c:d3:a7:b2:bc:b4:ec:bc:59:
37:c9:85:dc:55:89:48:fd:df:94:de:67:35:fa:ae:
d3:c9:c1:1c:1d:16:db:4c:41:04:df:c8:f2:81:ac:
d9:78:d2:b1:73:1f:32:a9:55:8d:c7:98:e5:b4:24:
a1:58:b6:c4:77:24:85:fe:b4:4f:7f:6e:df:b7:52:
b6:62:a4:44:1c:28:61:c4:e4:85:88:e0:04:a7:b0:
5f:03:f7:35:69:58:3a:5a:4c:67:46:d1:41:49:8f:
32:a9:76:17:82:43:09:28:92:8f:30:d7:9b:23:16:
6d:d9:2a:06:d4:ce:9d:70:17:35:55:23:59:9d:82:
e3:4e:4d:7a:07:2f:c3:a9:1f:9d:b6:3d:f9:ee:ee:
f7:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:2F:BC:9E:6F:2A:35:7E:E8:F0:87:F9:E9:0F:FC:12:17:75:68:BE
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2AB4DE286A9111EF8B63DF88762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.194.98.0/23
Signature Algorithm: sha256WithRSAEncryption
8a:f4:50:e8:65:64:66:ad:1c:de:60:7e:09:14:ab:e4:c0:7c:
13:eb:97:2f:5a:7f:d2:07:6e:da:a3:db:1d:33:63:37:80:c9:
87:5a:c3:be:ad:35:44:eb:64:5d:0e:a9:2e:28:d6:0b:3a:23:
65:a7:b0:cb:82:f0:fa:d0:23:bc:98:4e:1d:be:bb:40:74:2a:
29:54:5d:47:65:68:2d:ac:ca:f2:88:7b:1e:4b:e8:11:ce:53:
a5:68:33:38:20:e9:36:b6:df:34:bd:5d:91:86:63:e0:ed:e6:
e2:ce:3f:80:88:b1:2f:51:42:3c:c4:81:81:2c:ab:52:31:90:
5e:38:84:66:5a:38:aa:a9:de:35:81:58:1a:db:c6:84:da:56:
f7:79:9d:dc:5c:07:87:33:1f:b7:71:43:68:e9:41:8f:7b:91:
1e:e3:36:58:83:38:1f:85:e1:f1:49:fa:00:25:3b:5e:7d:87:
b6:11:c1:f7:dd:3b:a7:65:ac:6e:7c:04:ea:8a:e3:0b:52:26:
89:e2:65:74:f9:ed:20:7d:4a:2b:15:71:ad:c6:01:b3:a9:cb:
a8:1f:3e:8a:03:7b:dc:83:1d:08:c5:aa:2f:34:2f:ea:56:5f:
0e:51:be:52:61:27:83:75:2a:d0:07:dd:f8:66:54:5b:57:90:
ad:19:e8:3c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDALG3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwOTA0MDc0MTU2WhcNMjUxMDAzMDc0MTU2WjAYMRYw
FAYDVQQDEw02NmQ4MGY0Ny1jN2Q0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAt6qyCNCJrVLTde0eZWSVEwPKJbukxzYfFt6TA9abYe+/n2bicCTF2TPv
VQRe4hhcJnyUrnbFiPlbFnF9V/sU+xh5+Sawi6uBxqAiQJ36RulPI4dt92xYlL0M
3Fc/0Gifol23Hh8UN5OSKp6lSb8s06eyvLTsvFk3yYXcVYlI/d+U3mc1+q7TycEc
HRbbTEEE38jygazZeNKxcx8yqVWNx5jltCShWLbEdySF/rRPf27ft1K2YqREHChh
xOSFiOAEp7BfA/c1aVg6WkxnRtFBSY8yqXYXgkMJKJKPMNebIxZt2SoG1M6dcBc1
VSNZnYLjTk16By/DqR+dtj357u736QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFG0v
vJ5vKjV+6PCH+ekP/BIXdWi+MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yQUI0REUyODZBOTExMUVGOEI2M0RGODg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLcJiMA0GCSqGSIb3DQEBCwUA
A4IBAQCK9FDoZWRmrRzeYH4JFKvkwHwT65cvWn/SB27ao9sdM2M3gMmHWsO+rTVE
62RdDqkuKNYLOiNlp7DLgvD60CO8mE4dvrtAdCopVF1HZWgtrMryiHseS+gRzlOl
aDM4IOk2tt80vV2RhmPg7ebizj+AiLEvUUI8xIGBLKtSMZBeOIRmWjiqqd41gVga
28aE2lb3eZ3cXAeHMx+3cUNo6UGPe5Ee4zZYgzgfheHxSfoAJTtefYe2EcH33Tun
ZaxufATqiuMLUiaJ4mV0+e0gfUorFXGtxgGzqcuoHz6KA3vcgx0IxaovNC/qVl8O
Ub5SYSeDdSrQB934ZlRbV5CtGeg8
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:22 2024 by rpki-client on console-fra.rpki-client.org