Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B7B3F9B8A25D11EFB75B8581762E951A.roa
File: B7B3F9B8A25D11EFB75B8581762E951A.roa (raw, json)
Hash identifier: MvGWuWWFwGcHGWG2CrPs7pdwOw201Mco8c5naGWn1s4=
Subject key identifier: 78:43:F1:28:02:D8:8D:CD:C8:06:05:0D:17:04:29:86:F1:7A:24:5A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D281
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B7B3F9B8A25D11EFB75B8581762E951A.roa
Signing time: Thu 14 Nov 2024 07:54:47 +0000
ROA not before: Thu 14 Nov 2024 07:54:43 +0000
ROA not after: Sat 14 Dec 2024 07:54:43 +0000
asID: 6079
IP address blocks: 45.205.88.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 53889 (0xd281)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 14 07:54:43 2024 GMT
Not After : Dec 14 07:54:43 2024 GMT
Subject: CN=6735acc7-4665
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:bf:39:22:49:1b:d3:53:46:ed:45:7d:be:13:
97:96:7c:32:5c:ac:8d:57:2e:18:8e:3b:ee:06:b0:
b5:2a:73:55:51:56:cf:e9:3d:87:c9:ee:d1:d3:91:
c1:06:e7:db:1f:f6:c7:f7:67:18:32:5e:fe:65:f1:
c3:04:a4:3d:90:fc:f8:77:38:4b:fc:d4:3c:54:1f:
1e:c0:37:16:ee:44:40:63:64:e7:26:24:2d:9a:54:
6f:51:a6:1b:79:2f:ee:58:fd:3a:7b:e4:6f:bb:07:
66:1c:dd:5e:75:e8:d0:0e:38:78:e4:eb:c2:2e:e0:
c4:e9:cd:37:ef:47:c5:8c:37:cb:59:39:c9:9f:6d:
0b:10:a0:c1:ce:a8:2e:77:b8:d5:2c:8f:93:16:51:
4e:9d:4e:4a:34:7f:6e:fd:8d:1e:dd:08:72:cb:ff:
9b:4a:ac:65:57:52:fe:0d:86:49:e2:52:f5:e0:6e:
56:b8:c3:b1:9d:f3:81:9e:42:31:6f:93:3c:4d:0b:
61:3c:e6:7a:2b:99:4a:a4:57:9b:c8:46:df:58:b2:
f4:75:ca:d0:e6:41:20:f4:82:7f:73:1f:16:05:8e:
05:e1:1b:50:b0:90:25:d1:24:e3:20:e2:08:e8:3f:
f0:c4:3a:14:03:88:a7:7f:17:7d:04:20:65:60:ba:
02:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:43:F1:28:02:D8:8D:CD:C8:06:05:0D:17:04:29:86:F1:7A:24:5A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B7B3F9B8A25D11EFB75B8581762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.205.88.0/21
Signature Algorithm: sha256WithRSAEncryption
3e:13:91:7b:c9:95:5a:f9:f3:18:70:10:31:5e:23:ba:b6:18:
4e:e0:18:4e:52:c5:df:c3:05:89:58:22:99:ef:67:f2:5a:4e:
46:c3:10:23:27:1f:96:a7:a0:e1:f7:9f:59:68:56:4f:31:fa:
fd:ed:36:02:f5:52:d8:5a:c5:41:ff:32:64:ff:06:c9:24:e1:
40:41:8a:88:f2:d7:6e:27:fa:fe:a2:c9:01:32:73:20:d2:0e:
fc:9f:0f:1d:81:c5:96:05:fd:1d:15:5b:71:0f:98:2f:e0:a7:
f2:c2:f9:c4:b3:73:f5:83:da:2e:73:2a:74:d9:38:c1:c1:61:
ef:2b:6c:4e:3f:b6:10:d6:4e:1a:89:c1:7e:e8:8e:0f:6f:5b:
d1:83:0d:89:62:5a:9d:fa:d4:6b:ed:78:fe:9a:de:48:a4:b9:
68:72:e2:06:bf:ef:03:ba:f5:6b:e6:4a:5e:3f:f7:72:5b:79:
dc:aa:39:33:70:8c:8a:54:81:76:61:76:0b:f8:b9:1b:de:a4:
a9:7a:3c:17:22:d2:9d:c5:9b:34:4e:a3:bf:34:02:c6:b1:7d:
24:ca:2e:b5:0f:9f:e4:fa:88:e9:35:58:15:9a:67:a4:4c:97:
a9:e8:5f:c7:eb:e5:5a:f6:ee:98:4d:29:5e:f6:b2:4c:3b:76:
da:28:91:7d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANKBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTE0MDc1NDQzWhcNMjQxMjE0MDc1NDQzWjAYMRYw
FAYDVQQDEw02NzM1YWNjNy00NjY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAub85Ikkb01NG7UV9vhOXlnwyXKyNVy4YjjvuBrC1KnNVUVbP6T2Hye7R
05HBBufbH/bH92cYMl7+ZfHDBKQ9kPz4dzhL/NQ8VB8ewDcW7kRAY2TnJiQtmlRv
UaYbeS/uWP06e+RvuwdmHN1edejQDjh45OvCLuDE6c0370fFjDfLWTnJn20LEKDB
zqgud7jVLI+TFlFOnU5KNH9u/Y0e3Qhyy/+bSqxlV1L+DYZJ4lL14G5WuMOxnfOB
nkIxb5M8TQthPOZ6K5lKpFebyEbfWLL0dcrQ5kEg9IJ/cx8WBY4F4RtQsJAl0STj
IOII6D/wxDoUA4infxd9BCBlYLoCdwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHhD
8SgC2I3NyAYFDRcEKYbxeiRaMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CN0IzRjlCOEEyNUQxMUVGQjc1Qjg1ODE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDLc1YMA0GCSqGSIb3DQEBCwUA
A4IBAQA+E5F7yZVa+fMYcBAxXiO6thhO4BhOUsXfwwWJWCKZ72fyWk5GwxAjJx+W
p6Dh959ZaFZPMfr97TYC9VLYWsVB/zJk/wbJJOFAQYqI8tduJ/r+oskBMnMg0g78
nw8dgcWWBf0dFVtxD5gv4KfywvnEs3P1g9oucyp02TjBwWHvK2xOP7YQ1k4aicF+
6I4Pb1vRgw2JYlqd+tRr7Xj+mt5IpLlocuIGv+8DuvVr5kpeP/dyW3ncqjkzcIyK
VIF2YXYL+Lkb3qSpejwXItKdxZs0TqO/NALGsX0kyi61D5/k+ojpNVgVmmekTJep
6F/H6+Va9u6YTSle9rJMO3baKJF9
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:45 2024 by rpki-client on console-fra.rpki-client.org