Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EC755E42A4BC11EF9ED2A879762E951A.roa
File: EC755E42A4BC11EF9ED2A879762E951A.roa (raw, json)
Hash identifier: nHdGy4UCJBP7KPkDxj98Z3ect5s5XP1hOAoBOwZh6dE=
Subject key identifier: 0A:4A:C3:A8:0C:17:77:60:B2:9A:05:27:BF:AD:AC:6C:3F:10:61:0E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D45F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EC755E42A4BC11EF9ED2A879762E951A.roa
Signing time: Sun 17 Nov 2024 08:21:20 +0000
ROA not before: Sun 17 Nov 2024 08:21:16 +0000
ROA not after: Tue 10 Dec 2024 08:21:16 +0000
asID: 142062
IP address blocks: 45.192.0.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 54367 (0xd45f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 17 08:21:16 2024 GMT
Not After : Dec 10 08:21:16 2024 GMT
Subject: CN=6739a780-540e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:ce:b4:bc:e5:97:67:7d:11:c1:8a:b8:49:fd:
3b:50:22:4f:c5:c4:1f:de:98:3e:02:ba:79:d9:59:
6e:5a:1c:47:18:b8:b7:db:1d:42:10:cb:07:d1:90:
69:6a:fc:86:a0:ae:ab:fc:25:78:57:67:1d:9e:09:
81:55:b2:19:af:a2:df:a7:46:c4:f8:d1:5b:3a:38:
16:74:99:ad:f6:14:a9:f6:b2:07:0e:34:5a:7b:0a:
b0:1b:fb:10:66:25:2d:be:93:5e:e2:11:df:24:d3:
80:58:f6:3a:ed:e5:8c:45:91:7d:bc:3b:1b:35:2b:
4a:1a:04:69:2b:b8:da:fe:cb:0f:c6:64:f8:57:cf:
ad:84:47:15:93:42:ff:e5:ef:f5:84:a5:2a:e5:d4:
09:0a:0d:0c:1f:02:cd:05:5e:c3:a3:63:cd:5b:9b:
2b:51:f4:c4:6d:f4:4b:83:7e:1c:96:38:4f:4d:14:
66:10:32:d3:db:04:86:6c:57:80:bb:73:a7:33:b1:
45:96:ee:66:76:fb:bd:be:f0:15:d5:00:48:53:f2:
ae:7a:90:c1:da:35:e7:22:c7:de:64:6f:49:f1:b6:
bb:b4:b9:a3:54:2d:0c:9a:a7:98:68:a5:f3:6c:12:
56:76:65:5a:21:65:5d:02:a8:08:8e:68:68:fb:9a:
97:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:4A:C3:A8:0C:17:77:60:B2:9A:05:27:BF:AD:AC:6C:3F:10:61:0E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EC755E42A4BC11EF9ED2A879762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.192.0.0/19
Signature Algorithm: sha256WithRSAEncryption
bb:06:89:73:87:ad:d7:e0:4d:25:3f:44:2b:86:57:82:f7:ca:
66:77:a8:6d:2c:f9:f5:03:ce:e8:e0:0e:e1:23:18:4b:8d:f1:
55:52:fd:1f:63:43:66:04:6a:a7:4f:be:48:5d:f1:6e:15:36:
78:40:fa:4d:f3:0c:5a:e2:71:4a:73:c5:03:26:8a:4c:29:ce:
27:42:26:02:64:23:db:ef:b4:0e:c2:12:0c:88:4b:77:b8:17:
b0:26:57:96:e3:30:a6:56:10:36:24:5e:d8:1a:67:23:f2:a9:
8d:34:b9:48:ed:da:1c:4f:f8:7b:4f:e8:61:a7:70:ef:3d:43:
1a:0a:78:49:89:03:85:3e:75:7e:32:f0:8b:c4:d3:00:26:39:
e0:44:e1:81:01:09:ab:83:5d:d8:fb:09:4e:b0:60:06:56:9e:
8c:a6:f6:2d:a3:3d:0c:6f:c3:b7:a1:cb:33:79:2a:60:5a:38:
81:9e:98:eb:05:04:79:93:e2:7d:24:3c:35:ba:52:41:2d:6f:
13:fd:96:b4:e7:cd:09:16:92:03:c2:90:52:7b:25:97:92:09:
71:ce:70:78:03:2d:71:99:0e:77:a1:a1:91:51:d3:b1:e9:90:
a4:b5:58:74:26:36:da:b4:37:fd:33:e6:c2:fe:d5:6d:6d:e0:
58:9b:11:63
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANRfMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTE3MDgyMTE2WhcNMjQxMjEwMDgyMTE2WjAYMRYw
FAYDVQQDEw02NzM5YTc4MC01NDBlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArs60vOWXZ30RwYq4Sf07UCJPxcQf3pg+Arp52VluWhxHGLi32x1CEMsH
0ZBpavyGoK6r/CV4V2cdngmBVbIZr6Lfp0bE+NFbOjgWdJmt9hSp9rIHDjRaewqw
G/sQZiUtvpNe4hHfJNOAWPY67eWMRZF9vDsbNStKGgRpK7ja/ssPxmT4V8+thEcV
k0L/5e/1hKUq5dQJCg0MHwLNBV7Do2PNW5srUfTEbfRLg34cljhPTRRmEDLT2wSG
bFeAu3OnM7FFlu5mdvu9vvAV1QBIU/KuepDB2jXnIsfeZG9J8ba7tLmjVC0MmqeY
aKXzbBJWdmVaIWVdAqgIjmho+5qXXQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFApK
w6gMF3dgspoFJ7+trGw/EGEOMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FQzc1NUU0MkE0QkMxMUVGOUVEMkE4Nzk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFLcAAMA0GCSqGSIb3DQEBCwUA
A4IBAQC7Bolzh63X4E0lP0QrhleC98pmd6htLPn1A87o4A7hIxhLjfFVUv0fY0Nm
BGqnT75IXfFuFTZ4QPpN8wxa4nFKc8UDJopMKc4nQiYCZCPb77QOwhIMiEt3uBew
JleW4zCmVhA2JF7YGmcj8qmNNLlI7docT/h7T+hhp3DvPUMaCnhJiQOFPnV+MvCL
xNMAJjngROGBAQmrg13Y+wlOsGAGVp6MpvYtoz0Mb8O3ocszeSpgWjiBnpjrBQR5
k+J9JDw1ulJBLW8T/Za0580JFpIDwpBSeyWXkglxznB4Ay1xmQ53oaGRUdOx6ZCk
tVh0JjbatDf9M+bC/tVtbeBYmxFj
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:53 2024 by rpki-client on console-fra.rpki-client.org