Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5EB88A829AAA11EF95A0C65C762E951A.roa
File: 5EB88A829AAA11EF95A0C65C762E951A.roa (raw, json)
Hash identifier: D0xay9/1tXAVXCRPpk4uG3bQIytoSHSEK41zUFoKwcs=
Subject key identifier: CB:B8:8E:1A:7B:4F:DC:3E:07:41:86:AB:4E:14:5C:4C:1D:D2:17:D0
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: CD86
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5EB88A829AAA11EF95A0C65C762E951A.roa
Signing time: Mon 04 Nov 2024 12:43:20 +0000
ROA not before: Mon 04 Nov 2024 12:43:16 +0000
ROA not after: Tue 03 Dec 2024 12:43:16 +0000
asID: 54801
IP address blocks: 45.207.224.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 52614 (0xcd86)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 4 12:43:16 2024 GMT
Not After : Dec 3 12:43:16 2024 GMT
Subject: CN=6728c168-d632
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:4b:9a:ee:3a:45:aa:87:e7:aa:df:a5:cd:60:
85:4d:ea:2c:c6:30:76:c8:5c:36:4b:fd:c2:f7:c2:
92:e6:fe:ad:07:d6:fd:ca:ce:42:5f:10:89:46:59:
c4:13:5c:a8:da:04:c5:cb:2c:c1:59:0b:51:3c:bc:
f1:b4:89:20:cd:9b:c4:fc:a2:a7:bc:e4:e9:af:3b:
d5:92:0c:a1:80:dc:3c:1b:72:be:e9:eb:b0:9b:02:
f7:65:50:83:46:66:31:72:48:3a:51:b6:1d:b8:87:
bd:33:fe:f8:c5:e9:3d:4b:4d:25:71:32:e2:ea:5c:
dd:55:ef:fd:29:3d:af:e4:51:9c:ad:9b:28:5f:59:
bd:48:66:0d:96:bd:87:53:cf:10:2e:58:97:d4:ea:
13:18:b8:d3:81:f6:a5:7f:1f:4c:4f:ff:8d:09:55:
1c:cb:e2:49:7d:03:c1:56:2e:1c:b0:ce:fd:a1:25:
71:94:ef:27:38:8e:d6:3d:18:ae:aa:53:c0:a3:5c:
cc:dc:8f:00:1b:9b:47:5f:5a:4c:b7:40:65:a5:b6:
27:e2:ec:a5:5a:a1:ed:69:89:ae:e2:15:69:20:0a:
25:dd:a3:cc:78:2c:f9:ff:e6:49:08:db:6f:5f:c3:
96:9f:aa:85:fd:ba:c6:34:5b:63:1a:db:62:8d:a2:
a4:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:B8:8E:1A:7B:4F:DC:3E:07:41:86:AB:4E:14:5C:4C:1D:D2:17:D0
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5EB88A829AAA11EF95A0C65C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.207.224.0/20
Signature Algorithm: sha256WithRSAEncryption
9a:ff:e3:10:05:22:dd:97:37:a1:bc:d5:73:0b:51:d8:1d:99:
5b:be:d9:eb:8c:8f:38:44:90:ef:43:dc:26:1d:76:d9:00:37:
ae:29:e4:5c:dc:40:43:ab:9d:89:f2:ea:d1:c7:34:76:b7:ef:
18:c8:83:a1:3c:f9:62:12:30:fb:ba:fe:f7:33:78:d7:32:c8:
e7:a8:4e:84:55:8a:2b:b6:b0:a7:53:2f:7f:57:e9:8b:37:a3:
1a:9c:e2:fa:f5:dd:62:63:9d:3e:ad:ae:00:76:71:30:32:4e:
b5:c2:68:6e:59:d3:34:51:f7:69:f8:e8:99:73:7c:a4:61:c5:
92:03:df:be:3f:4a:84:16:89:7d:fe:9c:74:0e:de:17:21:0c:
48:d3:5c:e0:0b:cb:10:4d:9f:1c:6d:ad:98:ac:c1:05:a8:62:
8d:87:5d:94:71:5f:1f:c2:22:01:de:79:a0:81:94:7b:7b:4c:
7a:35:d7:c9:41:f3:22:6b:c2:aa:4d:34:e9:11:b3:f3:19:79:
34:a2:43:80:92:c8:82:60:f8:c9:ce:aa:0c:6d:ed:21:94:b7:
7a:fb:6c:ed:77:14:c6:46:00:db:de:5f:db:a7:7a:0a:d4:a9:
3e:7f:34:77:0d:91:7f:26:7a:15:1e:0f:c2:2f:1d:f1:dc:29:
44:da:45:68
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAM2GMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTA0MTI0MzE2WhcNMjQxMjAzMTI0MzE2WjAYMRYw
FAYDVQQDEw02NzI4YzE2OC1kNjMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvUua7jpFqofnqt+lzWCFTeosxjB2yFw2S/3C98KS5v6tB9b9ys5CXxCJ
RlnEE1yo2gTFyyzBWQtRPLzxtIkgzZvE/KKnvOTprzvVkgyhgNw8G3K+6euwmwL3
ZVCDRmYxckg6UbYduIe9M/74xek9S00lcTLi6lzdVe/9KT2v5FGcrZsoX1m9SGYN
lr2HU88QLliX1OoTGLjTgfalfx9MT/+NCVUcy+JJfQPBVi4csM79oSVxlO8nOI7W
PRiuqlPAo1zM3I8AG5tHX1pMt0BlpbYn4uylWqHtaYmu4hVpIAol3aPMeCz5/+ZJ
CNtvX8OWn6qF/brGNFtjGttijaKkywIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMu4
jhp7T9w+B0GGq04UXEwd0hfQMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81RUI4OEE4MjlBQUExMUVGOTVBMEM2NUM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQELc/gMA0GCSqGSIb3DQEBCwUA
A4IBAQCa/+MQBSLdlzehvNVzC1HYHZlbvtnrjI84RJDvQ9wmHXbZADeuKeRc3EBD
q52J8urRxzR2t+8YyIOhPPliEjD7uv73M3jXMsjnqE6EVYortrCnUy9/V+mLN6Ma
nOL69d1iY50+ra4AdnEwMk61wmhuWdM0Ufdp+OiZc3ykYcWSA9++P0qEFol9/px0
Dt4XIQxI01zgC8sQTZ8cba2YrMEFqGKNh12UcV8fwiIB3nmggZR7e0x6NdfJQfMi
a8KqTTTpEbPzGXk0okOAksiCYPjJzqoMbe0hlLd6+2ztdxTGRgDb3l/bp3oK1Kk+
fzR3DZF/JnoVHg/CLx3x3ClE2kVo
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:31 2024 by rpki-client on console-fra.rpki-client.org