Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C8CA50E0A33311EF9B603357762E951A.roa
File: C8CA50E0A33311EF9B603357762E951A.roa (raw, json)
Hash identifier: 1EKekdXjRI0t5W0+8DJ8Q2dgsuqmWaTf5zEMJP4ZHrI=
Subject key identifier: 79:C8:DC:56:FB:90:42:A0:13:CD:29:A2:35:E7:F7:DF:52:0A:4A:A6
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D307
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C8CA50E0A33311EF9B603357762E951A.roa
Signing time: Fri 15 Nov 2024 09:27:08 +0000
ROA not before: Fri 15 Nov 2024 09:27:04 +0000
ROA not after: Sat 17 Oct 2026 09:27:04 +0000
asID: 132813
IP address blocks: 45.204.8.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 54023 (0xd307)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 15 09:27:04 2024 GMT
Not After : Oct 17 09:27:04 2026 GMT
Subject: CN=673713ec-8f34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:29:82:eb:b8:d8:e1:bc:cd:27:d6:26:7a:26:
d0:59:01:58:f3:e5:11:24:55:e1:5c:be:3e:59:a6:
54:3d:fe:01:44:33:36:3a:3d:33:23:6e:7f:73:c1:
6b:8a:a9:b4:48:25:63:75:22:8f:6b:6c:f2:25:90:
28:05:4c:1f:a2:c6:6e:04:ca:b6:3a:7d:b2:9a:f1:
94:de:df:c9:2d:df:70:39:ed:19:1d:de:ab:2e:8a:
8a:19:36:04:42:4c:f2:86:d4:97:69:5b:c0:66:ef:
89:fe:f7:81:dd:0f:22:66:d5:fa:c9:fe:0f:f7:55:
f6:72:53:f8:af:8c:12:34:46:d4:9a:35:dd:3d:46:
08:86:d4:d9:1d:63:95:cb:2f:81:b4:1d:63:f2:1c:
20:ee:c4:7d:bd:38:74:60:e7:1e:cb:62:f0:09:fc:
95:6b:44:a0:6f:fe:85:72:d1:d4:4a:6b:e4:4f:d3:
d9:eb:6b:ff:7c:ec:89:47:12:ef:6e:ce:6b:fc:dc:
45:4e:cb:fe:02:80:05:e1:2d:aa:97:8d:49:86:19:
dc:3e:e6:f0:57:28:a3:57:e3:01:73:0a:c3:5c:85:
74:9e:43:7a:17:e7:64:39:b8:9f:fb:ac:14:50:16:
ee:5f:75:0c:68:62:12:51:32:be:d7:f2:1d:9f:09:
08:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:C8:DC:56:FB:90:42:A0:13:CD:29:A2:35:E7:F7:DF:52:0A:4A:A6
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C8CA50E0A33311EF9B603357762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.204.8.0/21
Signature Algorithm: sha256WithRSAEncryption
6c:95:52:0e:f8:d1:a5:ea:28:fd:09:0a:0b:33:66:8b:6e:cb:
de:f4:55:1c:c4:4b:c8:b2:cd:0a:fc:7d:7a:93:68:12:ef:5a:
91:6c:b1:47:5b:ce:9c:26:86:84:8b:c9:78:63:aa:e4:af:93:
8e:c0:89:e7:57:16:5c:37:38:59:4c:72:d0:6e:aa:e8:b2:fe:
58:cb:4b:91:13:73:4a:c5:7a:bf:d9:af:b1:8a:25:fa:40:28:
a5:fa:c5:e5:3d:4e:8b:2f:76:fb:57:8e:6b:09:98:ff:cb:3e:
a5:f2:fe:e3:48:76:4e:b9:c2:99:85:c7:c8:7a:26:9c:65:97:
42:9d:a9:39:81:3d:e0:41:09:49:6c:cd:80:39:a0:d5:90:0e:
74:07:ea:28:2b:b0:07:d3:e5:6a:42:f0:ec:90:94:a6:75:7a:
e9:ae:16:ef:f3:1f:21:a3:0f:97:2c:21:59:81:69:44:c1:47:
00:82:d8:1c:a7:fe:78:98:cf:fc:9b:14:a2:5a:d9:af:82:2c:
c0:be:f8:9d:5a:59:bd:fc:28:f2:a7:86:24:2e:dd:f9:d2:94:
4c:70:4f:b9:52:49:56:dd:b9:65:af:ed:e9:c6:71:ca:97:5d:
a0:b4:97:bf:ab:a3:c1:b9:db:a7:94:fa:ea:72:0c:7f:60:58:
70:b3:f3:cd
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANMHMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTE1MDkyNzA0WhcNMjYxMDE3MDkyNzA0WjAYMRYw
FAYDVQQDEw02NzM3MTNlYy04ZjM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyCmC67jY4bzNJ9YmeibQWQFY8+URJFXhXL4+WaZUPf4BRDM2Oj0zI25/
c8Friqm0SCVjdSKPa2zyJZAoBUwfosZuBMq2On2ymvGU3t/JLd9wOe0ZHd6rLoqK
GTYEQkzyhtSXaVvAZu+J/veB3Q8iZtX6yf4P91X2clP4r4wSNEbUmjXdPUYIhtTZ
HWOVyy+BtB1j8hwg7sR9vTh0YOcey2LwCfyVa0Sgb/6FctHUSmvkT9PZ62v/fOyJ
RxLvbs5r/NxFTsv+AoAF4S2ql41JhhncPubwVyijV+MBcwrDXIV0nkN6F+dkObif
+6wUUBbuX3UMaGISUTK+1/IdnwkIxwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHnI
3Fb7kEKgE80pojXn999SCkqmMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DOENBNTBFMEEzMzMxMUVGOUI2MDMzNTc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDLcwIMA0GCSqGSIb3DQEBCwUA
A4IBAQBslVIO+NGl6ij9CQoLM2aLbsve9FUcxEvIss0K/H16k2gS71qRbLFHW86c
JoaEi8l4Y6rkr5OOwInnVxZcNzhZTHLQbqrosv5Yy0uRE3NKxXq/2a+xiiX6QCil
+sXlPU6LL3b7V45rCZj/yz6l8v7jSHZOucKZhcfIeiacZZdCnak5gT3gQQlJbM2A
OaDVkA50B+ooK7AH0+VqQvDskJSmdXrprhbv8x8how+XLCFZgWlEwUcAgtgcp/54
mM/8mxSiWtmvgizAvvidWlm9/Cjyp4YkLt350pRMcE+5UklW3bllr+3pxnHKl12g
tJe/q6PBudunlPrqcgx/YFhws/PN
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:47 2024 by rpki-client on console-fra.rpki-client.org