Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BFD13C2A5BC511EF9C9A9B69762E951A.roa
File: BFD13C2A5BC511EF9C9A9B69762E951A.roa (raw, json)
Hash identifier: d63gTx9wVQpinujPs5nbf23EbPw1FQpuAPmTy2gWLOw=
Subject key identifier: ED:1A:FE:F6:3D:51:2B:34:28:70:D7:91:05:CB:B2:E8:E0:B6:E9:E2
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: A840
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BFD13C2A5BC511EF9C9A9B69762E951A.roa
Signing time: Fri 16 Aug 2024 11:50:36 +0000
ROA not before: Fri 16 Aug 2024 11:50:32 +0000
ROA not after: Thu 31 Dec 2026 11:50:32 +0000
asID: 17561
IP address blocks: 45.203.129.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43072 (0xa840)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Aug 16 11:50:32 2024 GMT
Not After : Dec 31 11:50:32 2026 GMT
Subject: CN=66bf3d0c-8891
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:58:a6:c4:54:ad:32:5e:ae:e9:81:22:83:5b:
cf:1c:f5:8b:1c:fc:aa:27:d1:ac:0e:3b:ef:d2:a1:
b4:bc:c7:1d:30:30:f9:03:a5:c1:e5:f6:30:17:49:
c0:08:0e:77:c4:08:36:a8:cf:0e:1a:37:39:c5:7a:
73:a9:8b:9f:3b:23:84:5d:5a:32:26:13:31:5d:a8:
be:96:66:34:46:38:29:ab:57:ac:7b:4a:53:75:a9:
5c:b7:7a:66:65:84:00:10:b9:d4:a1:bb:7e:de:88:
0e:07:a5:6c:bf:5d:21:80:91:4f:77:2b:08:2f:58:
ce:c4:9a:d4:ae:56:00:81:9c:7b:0f:3d:39:6c:0c:
bd:84:b0:56:f3:b8:7b:e4:44:45:e6:03:19:8f:2e:
4e:c1:62:45:c9:0e:a5:b8:87:7d:da:9b:fe:b9:df:
7b:62:e6:68:78:ea:5d:1f:84:26:3d:42:51:43:01:
da:ec:51:51:c7:d8:c7:35:05:8b:fb:91:e0:2a:e3:
98:52:32:de:d5:32:a0:1c:4f:2d:73:95:6c:11:6b:
d8:6d:d0:6a:2b:76:ea:d1:3c:4f:ff:15:03:d9:2e:
7c:05:82:4f:34:c9:b4:b7:1b:ae:e1:59:b1:a4:4e:
cb:a5:59:2e:3f:5d:df:7d:9a:6c:d3:ba:c6:9f:55:
f1:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:1A:FE:F6:3D:51:2B:34:28:70:D7:91:05:CB:B2:E8:E0:B6:E9:E2
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BFD13C2A5BC511EF9C9A9B69762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.203.129.0/24
Signature Algorithm: sha256WithRSAEncryption
67:6f:45:50:9f:1c:f7:cb:8f:20:09:fe:8d:4e:a2:74:12:4b:
12:9a:e3:65:ad:06:3b:8f:19:b5:e2:15:ac:0c:f1:96:29:4f:
ed:ca:fe:47:8e:ac:04:6f:e1:83:b1:71:9c:37:34:da:da:1a:
f6:11:8c:79:e1:ef:6a:c4:c4:ad:14:1c:04:2b:d9:5e:f3:0b:
0e:8f:38:5f:21:91:42:38:9d:df:80:40:d7:3c:01:da:e8:87:
aa:1a:82:21:c5:55:05:d2:b4:ed:75:02:a0:a5:0c:5c:16:a5:
e9:74:0c:49:10:25:04:09:2e:66:6d:c2:33:34:79:e9:49:ef:
3b:f3:ca:5d:9e:fe:73:1b:d1:e9:28:80:3d:fb:36:76:9a:d4:
42:71:12:4f:16:b5:d7:91:1a:12:b5:cb:78:eb:96:04:ae:68:
4d:76:ab:de:eb:5f:97:cc:85:e3:ea:47:a0:7f:6d:94:df:08:
7a:5d:80:ee:20:bf:9c:cf:5d:b7:6d:26:0f:9c:86:78:05:36:
1d:e9:35:a9:ce:e9:b6:94:5d:10:0f:9e:ef:d1:92:73:df:29:
15:e5:71:88:1b:82:fd:22:5f:30:bb:82:45:ef:90:f2:59:e3:
d6:e0:d4:47:7b:7b:bb:14:bd:7f:a9:70:7a:0f:b1:5a:4a:96:
79:57:fe:dd
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAKhAMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwODE2MTE1MDMyWhcNMjYxMjMxMTE1MDMyWjAYMRYw
FAYDVQQDEw02NmJmM2QwYy04ODkxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmlimxFStMl6u6YEig1vPHPWLHPyqJ9GsDjvv0qG0vMcdMDD5A6XB5fYw
F0nACA53xAg2qM8OGjc5xXpzqYufOyOEXVoyJhMxXai+lmY0Rjgpq1ese0pTdalc
t3pmZYQAELnUobt+3ogOB6Vsv10hgJFPdysIL1jOxJrUrlYAgZx7Dz05bAy9hLBW
87h75ERF5gMZjy5OwWJFyQ6luId92pv+ud97YuZoeOpdH4QmPUJRQwHa7FFRx9jH
NQWL+5HgKuOYUjLe1TKgHE8tc5VsEWvYbdBqK3bq0TxP/xUD2S58BYJPNMm0txuu
4VmxpE7LpVkuP13ffZps07rGn1Xx2QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFO0a
/vY9USs0KHDXkQXLsujgtuniMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CRkQxM0MyQTVCQzUxMUVGOUM5QTlCNjk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcuBMA0GCSqGSIb3DQEBCwUA
A4IBAQBnb0VQnxz3y48gCf6NTqJ0EksSmuNlrQY7jxm14hWsDPGWKU/tyv5HjqwE
b+GDsXGcNzTa2hr2EYx54e9qxMStFBwEK9le8wsOjzhfIZFCOJ3fgEDXPAHa6Ieq
GoIhxVUF0rTtdQKgpQxcFqXpdAxJECUECS5mbcIzNHnpSe8788pdnv5zG9HpKIA9
+zZ2mtRCcRJPFrXXkRoStct465YErmhNdqve61+XzIXj6kegf22U3wh6XYDuIL+c
z123bSYPnIZ4BTYd6TWpzum2lF0QD57v0ZJz3ykV5XGIG4L9Il8wu4JF75DyWePW
4NRHe3u7FL1/qXB6D7FaSpZ5V/7d
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:46 2024 by rpki-client on console-fra.rpki-client.org