Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D7B0C906A33111EFBED7314C762E951A.roa
File: D7B0C906A33111EFBED7314C762E951A.roa (raw, json)
Hash identifier: uVNBVwKjvrG5tMwWdSlxFhChUA1rh379yNPJCTU9yew=
Subject key identifier: 05:92:7F:E6:C7:C9:F9:B1:92:AA:60:71:2A:DE:A8:21:9B:5D:F8:DF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D2F5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D7B0C906A33111EFBED7314C762E951A.roa
Signing time: Fri 15 Nov 2024 09:13:14 +0000
ROA not before: Fri 15 Nov 2024 09:13:10 +0000
ROA not after: Sat 17 Oct 2026 09:13:10 +0000
asID: 137443
IP address blocks: 45.204.8.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 54005 (0xd2f5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 15 09:13:10 2024 GMT
Not After : Oct 17 09:13:10 2026 GMT
Subject: CN=673710aa-166a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:be:53:11:bb:fb:37:3e:a3:e6:2a:9e:36:64:
f1:2c:31:25:dd:13:14:8c:fd:0b:24:44:e3:1e:2d:
5a:64:69:33:7a:64:88:38:31:06:b2:01:78:05:a8:
df:79:b5:e8:a4:91:90:30:e3:a5:35:94:6a:e7:e4:
45:d6:d9:27:17:7c:78:51:f8:83:fe:42:89:d4:91:
58:da:a7:f5:13:bb:10:7e:ba:dc:d2:a9:ff:b5:4d:
f1:1d:0e:3f:2a:80:d3:8f:03:4c:b7:0f:4c:0d:18:
17:bc:9a:a1:8f:44:e3:fe:39:11:36:0e:33:da:a3:
53:fc:ff:65:6b:c3:f1:52:0c:f7:9d:a6:69:f4:5b:
17:ad:b9:4f:d7:96:72:22:f4:c1:18:2f:7d:8d:ec:
75:2a:67:07:ae:39:c6:84:26:29:ab:6b:96:6f:bf:
38:ee:e3:17:b8:a8:dc:21:54:e2:67:14:15:bf:e8:
e3:82:08:5f:03:37:be:cb:ca:10:9c:46:e6:ec:69:
1d:43:09:f7:9c:6b:93:58:8d:ca:ca:54:7c:46:22:
ad:d1:72:fb:4a:b0:a3:b7:c7:fc:3e:3f:0c:77:88:
db:93:ad:d0:76:f3:15:25:4c:cc:5b:cb:bc:1d:7a:
b2:af:bb:ca:e6:84:2e:58:97:4f:51:c0:e3:c7:98:
97:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:92:7F:E6:C7:C9:F9:B1:92:AA:60:71:2A:DE:A8:21:9B:5D:F8:DF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D7B0C906A33111EFBED7314C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.204.8.0/21
Signature Algorithm: sha256WithRSAEncryption
69:e3:15:6f:7f:9f:78:83:4d:4d:46:c6:3b:98:1b:f0:28:c1:
55:57:7b:fe:8f:86:8f:db:93:28:03:fa:9f:7a:0b:ff:b3:54:
bf:df:ef:fc:32:30:c9:6c:17:d4:6f:aa:7e:55:0a:34:4f:b8:
74:c4:35:7b:44:1f:b5:69:b8:1e:71:bc:95:5d:e6:7f:6a:6f:
0d:69:54:b5:47:21:64:92:e3:b6:3b:d9:d5:50:d8:c7:53:1d:
2a:1e:fc:c5:1d:62:fc:59:de:06:0e:f5:8f:04:f7:95:7a:b9:
8d:0a:8d:c2:6d:50:73:7d:a9:45:a8:14:a6:36:16:e2:57:42:
fe:38:7e:5f:af:16:92:fb:dc:51:f5:fe:95:cc:24:74:23:59:
01:9b:b7:7c:01:14:d3:d3:cd:be:f2:c7:2b:2f:b9:a7:7a:3a:
3e:6e:3a:d2:d9:19:8a:72:8c:56:f7:ad:8c:57:27:91:e0:ed:
9b:53:5b:7b:b3:dd:08:0a:38:90:04:fb:d6:54:59:e8:4a:24:
91:7e:15:b4:d9:39:5c:dc:9c:c4:df:a0:2f:29:01:80:e8:08:
1f:f2:19:b6:b9:96:3a:8f:33:21:42:80:43:b6:de:f1:f4:25:
bd:37:53:ed:17:4d:ce:bf:1c:86:24:3e:2e:da:b8:83:f2:89:
81:ed:9c:85
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANL1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTE1MDkxMzEwWhcNMjYxMDE3MDkxMzEwWjAYMRYw
FAYDVQQDEw02NzM3MTBhYS0xNjZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA375TEbv7Nz6j5iqeNmTxLDEl3RMUjP0LJETjHi1aZGkzemSIODEGsgF4
BajfebXopJGQMOOlNZRq5+RF1tknF3x4UfiD/kKJ1JFY2qf1E7sQfrrc0qn/tU3x
HQ4/KoDTjwNMtw9MDRgXvJqhj0Tj/jkRNg4z2qNT/P9la8PxUgz3naZp9FsXrblP
15ZyIvTBGC99jex1KmcHrjnGhCYpq2uWb7847uMXuKjcIVTiZxQVv+jjgghfAze+
y8oQnEbm7GkdQwn3nGuTWI3KylR8RiKt0XL7SrCjt8f8Pj8Md4jbk63QdvMVJUzM
W8u8HXqyr7vK5oQuWJdPUcDjx5iXLwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAWS
f+bHyfmxkqpgcSreqCGbXfjfMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EN0IwQzkwNkEzMzExMUVGQkVENzMxNEM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDLcwIMA0GCSqGSIb3DQEBCwUA
A4IBAQBp4xVvf594g01NRsY7mBvwKMFVV3v+j4aP25MoA/qfegv/s1S/3+/8MjDJ
bBfUb6p+VQo0T7h0xDV7RB+1abgecbyVXeZ/am8NaVS1RyFkkuO2O9nVUNjHUx0q
HvzFHWL8Wd4GDvWPBPeVermNCo3CbVBzfalFqBSmNhbiV0L+OH5frxaS+9xR9f6V
zCR0I1kBm7d8ARTT082+8scrL7mnejo+bjrS2RmKcoxW962MVyeR4O2bU1t7s90I
CjiQBPvWVFnoSiSRfhW02Tlc3JzE36AvKQGA6Agf8hm2uZY6jzMhQoBDtt7x9CW9
N1PtF03OvxyGJD4u2riD8omB7ZyF
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:49 2024 by rpki-client on console-fra.rpki-client.org