Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A2861466A4C611EFB6BE37B6762E951A.roa
File: A2861466A4C611EFB6BE37B6762E951A.roa (raw, json)
Hash identifier: 4Op5rJ3gtI76XCauETbuhL0P724Zd5O9cs6XYRrEFkI=
Subject key identifier: A6:42:75:4E:6D:41:0E:D8:A9:EF:7C:2D:9F:21:23:C7:67:49:0F:27
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D48B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A2861466A4C611EFB6BE37B6762E951A.roa
Signing time: Sun 17 Nov 2024 09:30:51 +0000
ROA not before: Sun 17 Nov 2024 09:30:47 +0000
ROA not after: Mon 25 Nov 2024 09:30:47 +0000
asID: 5650
IP address blocks: 45.196.36.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 54411 (0xd48b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 17 09:30:47 2024 GMT
Not After : Nov 25 09:30:47 2024 GMT
Subject: CN=6739b7cb-33b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:4e:18:ac:52:6e:a1:4b:30:3a:bc:ce:7c:55:
e9:9b:13:d5:13:e8:98:c2:a5:8f:94:9e:d7:54:2c:
c6:eb:4f:5c:34:ab:6c:08:78:5e:07:04:b4:cf:9d:
55:65:18:dc:f4:b5:58:ff:34:2f:25:58:1d:00:bd:
80:1a:97:91:22:f8:df:40:52:87:ad:60:a2:5e:ff:
9d:a3:8e:68:3d:a4:45:ae:39:a8:a6:5c:86:14:3a:
83:db:a9:41:de:dc:98:c1:47:52:00:ad:e0:66:e5:
52:53:8c:96:85:41:ee:5f:07:41:4d:c7:9f:57:bc:
59:23:5c:91:26:71:d3:3a:f8:8b:88:d6:47:15:bf:
1b:60:16:1b:ec:3d:02:bc:12:a7:a5:6f:e3:41:5e:
9d:50:2c:61:c1:bb:1a:dd:1b:97:ee:9d:f0:08:f0:
1f:0d:7b:36:87:6f:2a:8c:51:48:a4:8e:7b:5f:66:
64:d6:4c:e6:7a:e0:ae:0a:89:61:f5:13:25:a7:ea:
e6:5b:9a:3d:74:99:76:69:9b:bc:12:6b:d4:43:8d:
bf:5c:45:e0:cb:30:4d:33:28:e6:86:0e:c0:77:52:
76:0a:cf:ff:d9:51:e2:11:75:39:30:d8:18:92:e3:
e8:6f:32:07:45:1a:76:1c:4e:7b:6f:ae:16:e1:9e:
80:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:42:75:4E:6D:41:0E:D8:A9:EF:7C:2D:9F:21:23:C7:67:49:0F:27
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A2861466A4C611EFB6BE37B6762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.36.0/22
Signature Algorithm: sha256WithRSAEncryption
9d:37:84:07:8b:f9:89:39:9b:9f:9c:ce:0e:fc:28:dc:13:cc:
5f:98:8f:c8:ea:46:ca:7d:06:5f:46:32:4c:ce:51:9d:41:ee:
fe:3d:17:a9:3a:f5:5c:7c:67:3a:6b:16:5d:b1:5f:9a:8b:6d:
dc:49:dd:e1:94:dd:0e:1d:9e:a8:2a:8d:fe:ac:cb:1d:ce:f8:
72:53:92:f1:79:9e:75:c5:95:70:1c:74:42:c2:cb:d3:1e:ae:
c2:20:72:3c:79:df:b7:78:87:49:ff:40:38:60:e3:b8:0f:97:
43:2f:9a:1b:92:d2:48:55:38:d6:47:33:a0:0a:6c:15:b3:fc:
2e:ee:47:9b:eb:30:ee:f1:42:57:95:c6:ca:19:bd:a1:d2:eb:
45:e1:c9:a1:87:69:0f:ee:cf:98:6e:68:c6:a1:e3:ee:27:72:
0c:1d:46:01:a6:5a:c7:ac:23:f6:d2:65:67:c6:45:09:8e:eb:
50:eb:ce:ca:e5:50:df:33:7a:aa:88:8f:6a:e2:16:86:ef:8b:
35:77:47:a0:2d:88:96:2a:85:cd:f0:6c:9d:16:2f:b9:40:d4:
4a:1d:8d:31:98:ff:d1:b5:1c:f6:01:dc:ef:6e:07:ed:71:d2:
b5:78:fb:70:7b:5b:9d:ac:38:77:51:db:6d:df:99:56:06:59:
83:9e:67:e8
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANSLMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTE3MDkzMDQ3WhcNMjQxMTI1MDkzMDQ3WjAYMRYw
FAYDVQQDEw02NzM5YjdjYi0zM2IzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAu04YrFJuoUswOrzOfFXpmxPVE+iYwqWPlJ7XVCzG609cNKtsCHheBwS0
z51VZRjc9LVY/zQvJVgdAL2AGpeRIvjfQFKHrWCiXv+do45oPaRFrjmoplyGFDqD
26lB3tyYwUdSAK3gZuVSU4yWhUHuXwdBTcefV7xZI1yRJnHTOviLiNZHFb8bYBYb
7D0CvBKnpW/jQV6dUCxhwbsa3RuX7p3wCPAfDXs2h28qjFFIpI57X2Zk1kzmeuCu
Colh9RMlp+rmW5o9dJl2aZu8EmvUQ42/XEXgyzBNMyjmhg7Ad1J2Cs//2VHiEXU5
MNgYkuPobzIHRRp2HE57b64W4Z6AaQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKZC
dU5tQQ7Yqe98LZ8hI8dnSQ8nMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BMjg2MTQ2NkE0QzYxMUVGQjZCRTM3QjY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLcQkMA0GCSqGSIb3DQEBCwUA
A4IBAQCdN4QHi/mJOZufnM4O/CjcE8xfmI/I6kbKfQZfRjJMzlGdQe7+PRepOvVc
fGc6axZdsV+ai23cSd3hlN0OHZ6oKo3+rMsdzvhyU5LxeZ51xZVwHHRCwsvTHq7C
IHI8ed+3eIdJ/0A4YOO4D5dDL5obktJIVTjWRzOgCmwVs/wu7keb6zDu8UJXlcbK
Gb2h0utF4cmhh2kP7s+YbmjGoePuJ3IMHUYBplrHrCP20mVnxkUJjutQ687K5VDf
M3qqiI9q4haG74s1d0egLYiWKoXN8GydFi+5QNRKHY0xmP/RtRz2AdzvbgftcdK1
ePtwe1udrDh3Udtt35lWBlmDnmfo
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:41 2024 by rpki-client on console-fra.rpki-client.org