Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D36EA5DC983411EFACE40E5A762E951A.roa
File: D36EA5DC983411EFACE40E5A762E951A.roa (raw, json)
Hash identifier: T8FhOqrs74GEldUgrsbs+trcI6ZwpntuEJmSCyPcOU4=
Subject key identifier: F4:BE:5D:38:79:D8:E5:59:75:20:EF:43:DC:30:F1:66:5E:D8:95:0D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: CB7B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D36EA5DC983411EFACE40E5A762E951A.roa
Signing time: Fri 01 Nov 2024 09:36:53 +0000
ROA not before: Fri 01 Nov 2024 09:36:49 +0000
ROA not after: Sun 01 Dec 2024 09:36:49 +0000
asID: 54600
IP address blocks: 45.202.80.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 52091 (0xcb7b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 1 09:36:49 2024 GMT
Not After : Dec 1 09:36:49 2024 GMT
Subject: CN=6724a134-af96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:f5:77:69:b8:c6:58:dd:3d:0a:1d:01:3b:ce:
f2:e6:3a:11:77:55:3f:74:fe:ee:78:9d:28:40:37:
ec:8e:44:20:e5:29:cd:b7:b0:33:73:c7:8e:b9:77:
f6:61:d1:45:f9:eb:67:d4:2c:43:ff:f9:fc:b3:f7:
bb:f9:1d:25:b9:38:83:a7:df:ef:1d:b1:5f:68:91:
05:0c:3e:f7:54:9e:53:4c:0e:be:22:d9:ca:60:e5:
bd:66:ed:37:b3:b4:69:c0:6c:7c:88:73:9e:ff:f5:
df:b0:8e:23:75:1d:b2:6b:ff:ff:ef:f3:d6:1b:48:
85:3c:1c:de:61:11:d5:ce:71:a7:94:a8:f3:ec:a5:
04:2e:db:fe:ac:2b:a3:62:2f:e8:6d:34:34:36:60:
b4:f2:13:8f:26:5f:f2:4f:6b:d6:c0:e7:95:5c:15:
34:bb:b1:17:6f:ac:3a:3e:91:1c:76:0f:79:03:be:
b1:20:8e:32:6f:37:97:9e:51:e6:80:26:05:a1:cb:
68:9d:3b:80:cc:94:1b:ce:b3:af:b1:ab:54:cb:e5:
e2:f1:43:b1:ef:aa:15:fd:d8:5b:46:d3:ff:35:67:
89:d4:37:31:51:79:d8:fe:26:45:8d:31:50:14:76:
d4:cc:c5:89:5d:35:82:30:aa:06:43:bd:86:d1:d4:
13:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:BE:5D:38:79:D8:E5:59:75:20:EF:43:DC:30:F1:66:5E:D8:95:0D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D36EA5DC983411EFACE40E5A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.202.80.0/21
Signature Algorithm: sha256WithRSAEncryption
6d:c0:0e:e9:a7:86:bd:ed:ff:36:c9:46:54:fd:cd:f4:fb:ca:
01:5a:47:6b:f7:c7:a2:48:a9:f4:df:c7:42:c0:0c:7c:86:f4:
c8:21:b2:bb:fb:a7:67:69:8a:2f:db:e7:53:57:ee:db:09:15:
7a:c2:30:a1:37:cf:04:07:df:bb:30:42:67:e7:27:c1:a3:f3:
1b:57:b9:34:e0:8a:b0:02:98:fa:61:bb:1c:f4:f8:61:54:85:
ba:29:4e:cf:ae:f3:2b:30:ae:b4:45:4a:51:17:e5:07:8c:b8:
ad:70:d1:86:2f:a9:bf:56:40:ca:73:93:9a:6d:ff:40:f2:f7:
c9:7d:cc:62:63:6a:48:5c:c0:38:98:38:20:fe:be:ae:b1:db:
28:0b:99:18:7d:49:d3:76:98:01:55:03:62:5b:4c:60:95:68:
e5:2b:77:8d:8f:dd:56:9d:d9:2d:4d:78:c6:d4:66:4f:5c:7a:
42:d9:59:18:19:19:44:c5:a3:74:6f:c6:44:10:5f:ee:b2:ed:
76:5b:ef:dc:1c:ea:f5:76:0e:be:02:43:03:18:9c:10:e1:a8:
44:0b:13:b9:c2:4b:18:96:12:29:fb:90:47:7c:27:30:c9:87:
a5:54:e3:ad:72:4c:fa:93:79:06:3a:5b:ff:88:bc:28:2d:f8:
b6:4a:8f:30
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAMt7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTAxMDkzNjQ5WhcNMjQxMjAxMDkzNjQ5WjAYMRYw
FAYDVQQDEw02NzI0YTEzNC1hZjk2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvfV3abjGWN09Ch0BO87y5joRd1U/dP7ueJ0oQDfsjkQg5SnNt7Azc8eO
uXf2YdFF+etn1CxD//n8s/e7+R0luTiDp9/vHbFfaJEFDD73VJ5TTA6+ItnKYOW9
Zu03s7RpwGx8iHOe//XfsI4jdR2ya///7/PWG0iFPBzeYRHVznGnlKjz7KUELtv+
rCujYi/obTQ0NmC08hOPJl/yT2vWwOeVXBU0u7EXb6w6PpEcdg95A76xII4ybzeX
nlHmgCYFoctonTuAzJQbzrOvsatUy+Xi8UOx76oV/dhbRtP/NWeJ1DcxUXnY/iZF
jTFQFHbUzMWJXTWCMKoGQ72G0dQTpQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPS+
XTh52OVZdSDvQ9ww8WZe2JUNMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EMzZFQTVEQzk4MzQxMUVGQUNFNDBFNUE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDLcpQMA0GCSqGSIb3DQEBCwUA
A4IBAQBtwA7pp4a97f82yUZU/c30+8oBWkdr98eiSKn038dCwAx8hvTIIbK7+6dn
aYov2+dTV+7bCRV6wjChN88EB9+7MEJn5yfBo/MbV7k04IqwApj6Ybsc9PhhVIW6
KU7PrvMrMK60RUpRF+UHjLitcNGGL6m/VkDKc5Oabf9A8vfJfcxiY2pIXMA4mDgg
/r6usdsoC5kYfUnTdpgBVQNiW0xglWjlK3eNj91WndktTXjG1GZPXHpC2VkYGRlE
xaN0b8ZEEF/usu12W+/cHOr1dg6+AkMDGJwQ4ahECxO5wksYlhIp+5BHfCcwyYel
VOOtckz6k3kGOlv/iLwoLfi2So8w
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:51 2024 by rpki-client on console-ams.rpki-client.org