Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/451B3E8EA25D11EFA25D5E7F762E951A.roa
File: 451B3E8EA25D11EFA25D5E7F762E951A.roa (raw, json)
Hash identifier: BQnOXIcriUVWsQUFhVSBaFpPXESJl/5B5EQRo9xWdWc=
Subject key identifier: 82:7C:64:40:E1:2E:FE:7C:D5:B1:66:D3:CB:08:AA:1A:BC:0F:F9:51
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D27B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/451B3E8EA25D11EFA25D5E7F762E951A.roa
Signing time: Thu 14 Nov 2024 07:51:35 +0000
ROA not before: Thu 14 Nov 2024 07:51:31 +0000
ROA not after: Sat 14 Dec 2024 07:51:31 +0000
asID: 6079
IP address blocks: 45.205.156.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 53883 (0xd27b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 14 07:51:31 2024 GMT
Not After : Dec 14 07:51:31 2024 GMT
Subject: CN=6735ac07-9e8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:55:3d:37:06:45:d1:b4:c4:57:68:9b:73:ed:
d8:45:5b:a5:a1:3e:65:c1:2a:45:26:9e:55:e8:7a:
5e:e4:2b:f7:5a:cf:f3:db:23:84:d0:23:f4:57:58:
84:a2:1d:2e:dc:1f:91:7f:90:a8:7d:e5:f5:58:2b:
3b:c0:53:43:39:ef:1f:eb:a0:da:fb:25:05:af:5d:
eb:bc:cf:2f:b7:29:f1:e3:50:fa:99:28:24:fc:94:
3d:16:46:f3:42:c6:bc:b9:5f:2c:04:63:1c:43:72:
64:3f:20:30:8d:3f:a9:21:f6:c0:fb:b4:1a:5e:ee:
f6:64:56:9e:df:2f:69:45:69:78:c3:0a:d3:f2:e7:
c6:af:93:a8:0d:24:e8:fc:0c:51:99:40:6e:c8:69:
8d:3d:02:de:70:8c:3b:22:46:03:1b:eb:60:18:93:
42:50:39:ef:a1:55:52:31:dc:47:17:6d:76:c4:e5:
52:1f:88:9b:41:9c:48:23:51:c2:ae:8e:24:35:9d:
79:54:fd:98:e2:38:d4:0b:cb:ef:16:aa:19:59:a3:
f6:d7:fd:36:d3:bb:80:bb:50:6c:b3:f0:50:44:a7:
cf:df:1e:a3:0a:1f:85:0e:75:d3:ed:ef:26:7d:bc:
8e:57:1d:39:2e:4e:65:c4:43:6a:a4:59:7f:d9:57:
a1:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:7C:64:40:E1:2E:FE:7C:D5:B1:66:D3:CB:08:AA:1A:BC:0F:F9:51
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/451B3E8EA25D11EFA25D5E7F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.205.156.0/22
Signature Algorithm: sha256WithRSAEncryption
a8:cf:44:5d:81:0e:4d:06:0b:27:75:b5:a8:ab:8f:df:ed:42:
f6:fe:2e:57:62:7e:e1:c5:d3:85:4d:11:86:7a:a7:9a:d4:27:
04:a7:8e:a8:67:fe:12:d7:75:7c:a4:70:e4:78:8e:f8:fb:18:
10:39:38:20:27:19:e9:af:5c:c2:70:3b:57:66:05:4a:a6:f6:
f8:0c:fb:4f:08:6e:4b:26:6c:71:31:d6:ac:32:22:71:57:49:
8e:d4:bb:9d:50:92:62:35:ba:82:f9:63:aa:e3:be:a5:7f:a9:
39:3f:8f:8a:d6:30:30:4a:01:60:c4:f0:c6:54:8d:25:a0:30:
a8:6a:f7:ab:1a:cd:83:43:9e:80:ca:dd:79:d2:ac:23:9e:2a:
32:d3:05:40:bf:b3:02:25:6d:4b:a6:a4:22:04:8b:a1:a0:e8:
b6:22:4f:d6:10:c2:82:51:2d:7d:dd:98:55:fa:28:96:b2:68:
54:b6:75:85:33:5e:89:c6:b1:8c:04:83:76:04:76:d6:a3:d7:
84:89:a8:a6:ac:9a:ef:c5:43:c3:73:8c:20:fc:65:53:c3:b1:
77:2f:5c:fb:b6:89:42:4f:e3:1a:b1:26:02:8a:9f:41:b5:68:
da:a4:86:fe:62:10:18:ec:4f:3d:86:a6:ed:a8:78:46:f0:aa:
ee:70:5e:b1
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANJ7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTE0MDc1MTMxWhcNMjQxMjE0MDc1MTMxWjAYMRYw
FAYDVQQDEw02NzM1YWMwNy05ZThmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7FU9NwZF0bTEV2ibc+3YRVuloT5lwSpFJp5V6Hpe5Cv3Ws/z2yOE0CP0
V1iEoh0u3B+Rf5CofeX1WCs7wFNDOe8f66Da+yUFr13rvM8vtynx41D6mSgk/JQ9
FkbzQsa8uV8sBGMcQ3JkPyAwjT+pIfbA+7QaXu72ZFae3y9pRWl4wwrT8ufGr5Oo
DSTo/AxRmUBuyGmNPQLecIw7IkYDG+tgGJNCUDnvoVVSMdxHF212xOVSH4ibQZxI
I1HCro4kNZ15VP2Y4jjUC8vvFqoZWaP21/0207uAu1Bss/BQRKfP3x6jCh+FDnXT
7e8mfbyOVx05Lk5lxENqpFl/2VehnwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIJ8
ZEDhLv581bFm08sIqhq8D/lRMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80NTFCM0U4RUEyNUQxMUVGQTI1RDVFN0Y3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLc2cMA0GCSqGSIb3DQEBCwUA
A4IBAQCoz0RdgQ5NBgsndbWoq4/f7UL2/i5XYn7hxdOFTRGGeqea1CcEp46oZ/4S
13V8pHDkeI74+xgQOTggJxnpr1zCcDtXZgVKpvb4DPtPCG5LJmxxMdasMiJxV0mO
1LudUJJiNbqC+WOq476lf6k5P4+K1jAwSgFgxPDGVI0loDCoaverGs2DQ56Ayt15
0qwjnioy0wVAv7MCJW1LpqQiBIuhoOi2Ik/WEMKCUS193ZhV+iiWsmhUtnWFM16J
xrGMBIN2BHbWo9eEiaimrJrvxUPDc4wg/GVTw7F3L1z7tolCT+MasSYCip9BtWja
pIb+YhAY7E89hqbtqHhG8KrucF6x
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:28 2024 by rpki-client on console-ams.rpki-client.org