Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D4793608A4BF11EF96EBD48B762E951A.roa
File: D4793608A4BF11EF96EBD48B762E951A.roa (raw, json)
Hash identifier: g/9aO6JHdM6OyjHsWQp2/ncqdIaDtxNzcl7qrK4XTtI=
Subject key identifier: 16:6E:CE:41:6C:AB:20:62:6D:26:92:F2:54:59:3D:AF:C0:7F:B3:3C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D46F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D4793608A4BF11EF96EBD48B762E951A.roa
Signing time: Sun 17 Nov 2024 08:42:08 +0000
ROA not before: Sun 17 Nov 2024 08:42:05 +0000
ROA not after: Mon 17 Feb 2025 08:42:05 +0000
asID: 272018
IP address blocks: 45.198.56.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 54383 (0xd46f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 17 08:42:05 2024 GMT
Not After : Feb 17 08:42:05 2025 GMT
Subject: CN=6739ac60-cca0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:13:5c:1e:92:01:4f:ad:30:2a:62:50:95:bc:
fc:88:a1:f3:b3:18:81:d9:24:3a:f2:21:db:92:d5:
e6:c3:8f:39:9a:cd:d6:70:e2:be:20:a0:10:90:03:
41:38:4b:0c:8f:e9:1e:a6:cc:15:6f:67:44:e0:f9:
f2:ad:f0:60:50:7c:37:d2:94:62:a5:94:12:8a:45:
a2:77:8f:c0:86:c3:9f:18:69:09:16:9c:32:c3:d8:
fd:be:ba:2f:ea:52:2d:66:06:15:fc:58:1d:6d:45:
a9:99:6a:49:75:93:91:20:80:c1:52:72:92:65:d3:
54:4b:de:a3:88:5e:26:06:0c:fe:d9:43:82:b5:04:
b2:35:b4:d3:7b:ed:fe:14:82:46:13:3b:18:71:2b:
b4:f5:a0:ff:70:e4:20:4b:aa:23:3b:a3:b5:06:0d:
fb:ac:2d:9d:1d:67:29:bd:5d:63:97:4f:1c:7b:00:
8d:f7:f7:ce:62:f2:2e:da:39:3f:26:f6:59:ed:9b:
2b:1e:1a:fe:c0:ab:1c:59:04:3d:3e:1b:26:37:0e:
d5:9a:92:f6:54:e8:1c:82:d8:74:76:f5:c4:0d:02:
7d:e0:e1:a4:a1:1d:b3:6c:dc:46:df:72:8d:cc:4c:
72:b6:04:57:90:f9:13:23:71:53:90:b8:7e:85:63:
0f:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:6E:CE:41:6C:AB:20:62:6D:26:92:F2:54:59:3D:AF:C0:7F:B3:3C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D4793608A4BF11EF96EBD48B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.198.56.0/23
Signature Algorithm: sha256WithRSAEncryption
9c:d2:74:7b:ab:a5:98:75:fd:cb:09:e7:d4:7c:b8:73:2a:d4:
8b:4d:61:22:41:aa:3a:5f:02:f5:26:3a:dc:09:80:ba:a7:b6:
67:46:5b:a6:f8:1e:ee:e6:bb:32:44:4d:c5:6a:4b:75:83:f5:
d4:99:9c:c9:44:43:08:3a:cd:44:98:a8:24:a6:80:f1:d8:f7:
5b:6f:f4:58:35:b9:b1:ca:b0:9c:57:16:d2:18:2c:9e:a5:fb:
58:10:4a:83:96:6f:f2:53:80:92:e8:5d:fa:bb:7f:fb:4e:c1:
6a:bc:d0:e1:28:59:9f:da:cf:78:eb:8c:58:07:17:8e:e7:b2:
7c:bd:62:7d:f1:e4:36:de:a2:38:83:26:fd:9c:4b:b3:67:83:
29:33:40:e8:2f:5f:ff:ba:99:86:3e:0e:6f:8c:9e:62:ab:9b:
39:42:68:74:e9:10:1a:77:44:cc:c1:cf:d9:8b:c2:d6:a9:a6:
20:52:a1:5d:0c:47:d9:7a:70:2b:d7:5f:30:0b:d2:af:54:c8:
e9:c8:b1:55:59:92:7c:0b:08:8e:69:7c:4a:c7:ce:87:e4:27:
5a:79:88:59:a2:63:b0:a6:44:74:25:cc:5f:ff:0e:3e:be:e7:
39:16:00:c1:47:13:b5:79:4c:ca:ce:39:f1:65:69:df:ad:d9:
1c:1c:ec:95
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANRvMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTE3MDg0MjA1WhcNMjUwMjE3MDg0MjA1WjAYMRYw
FAYDVQQDEw02NzM5YWM2MC1jY2EwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4BNcHpIBT60wKmJQlbz8iKHzsxiB2SQ68iHbktXmw485ms3WcOK+IKAQ
kANBOEsMj+kepswVb2dE4PnyrfBgUHw30pRipZQSikWid4/AhsOfGGkJFpwyw9j9
vrov6lItZgYV/FgdbUWpmWpJdZORIIDBUnKSZdNUS96jiF4mBgz+2UOCtQSyNbTT
e+3+FIJGEzsYcSu09aD/cOQgS6ojO6O1Bg37rC2dHWcpvV1jl08cewCN9/fOYvIu
2jk/JvZZ7ZsrHhr+wKscWQQ9PhsmNw7VmpL2VOgcgth0dvXEDQJ94OGkoR2zbNxG
33KNzExytgRXkPkTI3FTkLh+hWMPwwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBZu
zkFsqyBibSaS8lRZPa/Af7M8MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9ENDc5MzYwOEE0QkYxMUVGOTZFQkQ0OEI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLcY4MA0GCSqGSIb3DQEBCwUA
A4IBAQCc0nR7q6WYdf3LCefUfLhzKtSLTWEiQao6XwL1JjrcCYC6p7ZnRlum+B7u
5rsyRE3Fakt1g/XUmZzJREMIOs1EmKgkpoDx2Pdbb/RYNbmxyrCcVxbSGCyepftY
EEqDlm/yU4CS6F36u3/7TsFqvNDhKFmf2s9464xYBxeO57J8vWJ98eQ23qI4gyb9
nEuzZ4MpM0DoL1//upmGPg5vjJ5iq5s5Qmh06RAad0TMwc/Zi8LWqaYgUqFdDEfZ
enAr118wC9KvVMjpyLFVWZJ8CwiOaXxKx86H5CdaeYhZomOwpkR0Jcxf/w4+vuc5
FgDBRxO1eUzKzjnxZWnfrdkcHOyV
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:49 2024 by rpki-client on console-fra.rpki-client.org