Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FD18E2CEA73611EF97A5FC83762E951A.roa
File: FD18E2CEA73611EF97A5FC83762E951A.roa (raw, json)
Hash identifier: ZVVBphkNLuNmIYHaibcujTBcQ7//wEs5wbyC5ABdETo=
Subject key identifier: 64:E7:2C:F5:24:98:AA:14:A8:13:0F:F4:2B:F3:22:63:1B:FE:6B:32
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D5F7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FD18E2CEA73611EF97A5FC83762E951A.roa
Signing time: Wed 20 Nov 2024 12:00:09 +0000
ROA not before: Wed 20 Nov 2024 12:00:05 +0000
ROA not after: Tue 03 Dec 2024 12:00:05 +0000
asID: 7018
IP address blocks: 45.203.48.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 54775 (0xd5f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 20 12:00:05 2024 GMT
Not After : Dec 3 12:00:05 2024 GMT
Subject: CN=673dcf49-bf97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:98:ed:e1:c7:b5:d0:c4:d2:e5:6f:03:a5:83:
1b:cc:5e:66:f8:91:3e:85:a0:8c:cb:c5:00:77:df:
e2:62:60:24:57:65:87:75:33:4e:04:fb:77:f3:04:
cf:11:a5:35:5b:61:c6:23:aa:3e:d7:a1:c8:a2:8d:
a2:cd:f2:59:4c:3f:22:ca:20:35:f3:37:a0:76:fe:
d4:73:25:74:f5:ca:f0:5c:85:13:8e:c7:0b:e8:10:
f4:1c:c0:a0:82:53:95:fb:0b:7c:f8:76:c9:d1:5f:
07:3b:38:47:25:bc:eb:1b:18:af:f0:99:25:71:a2:
c3:ed:ea:f5:dd:d0:4a:ce:92:12:a8:f5:81:14:a8:
09:55:9f:7c:48:00:a0:c9:32:a2:25:53:63:46:96:
33:79:0e:d5:ad:31:f3:0e:26:ce:d7:ab:aa:42:64:
9e:ce:cc:89:bc:1a:76:76:90:71:42:27:fb:d5:e8:
12:b4:83:26:b0:8f:05:e3:b1:ca:e8:7a:46:af:c7:
c3:6d:62:c6:e2:11:1e:a2:e2:37:7e:98:03:6c:05:
36:6b:9a:3c:f0:de:d4:6d:ee:4b:62:de:72:cd:af:
a4:57:bb:71:0c:15:47:4e:4a:4c:ae:cc:97:6f:97:
78:ac:2d:6d:0e:33:87:95:52:da:95:ad:84:89:ab:
c9:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:E7:2C:F5:24:98:AA:14:A8:13:0F:F4:2B:F3:22:63:1B:FE:6B:32
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FD18E2CEA73611EF97A5FC83762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.203.48.0/21
Signature Algorithm: sha256WithRSAEncryption
44:74:c0:f2:43:20:bc:5c:a3:f1:79:49:37:73:da:da:28:c6:
d7:f1:3a:5d:63:b7:3b:fa:14:7b:de:f3:ce:c7:6d:8a:45:00:
51:50:44:b8:fe:2c:83:fb:7d:a3:29:e9:9c:7d:d0:59:59:70:
a7:55:69:03:5b:3b:9d:ea:70:12:89:0d:58:16:ff:76:a4:e6:
6c:03:6a:d6:53:46:84:ea:f2:a1:56:36:85:15:11:d7:c7:f0:
d7:91:64:cd:ce:f8:13:14:2c:7f:87:d7:a5:a8:24:c9:2a:06:
a9:44:27:f4:a6:94:c4:ec:c4:ad:4c:54:ed:d6:58:0b:7f:22:
59:0b:fb:16:0d:33:ed:b9:32:3e:9f:b3:31:56:31:67:73:97:
e6:ca:a5:56:e9:6d:7a:d9:55:2b:27:b9:31:c0:46:0e:6d:e1:
76:27:76:02:15:63:08:70:63:6f:e9:9b:b4:5f:be:40:ba:37:
24:73:0e:e0:e8:de:90:36:2a:53:64:79:c5:ef:60:43:94:27:
65:2a:f7:82:24:6c:fd:b0:8a:05:2e:a4:0f:7f:9d:26:5a:69:
04:e0:1b:ab:1a:0c:34:e4:28:7b:73:93:8f:76:9d:df:0c:48:
19:b5:9a:f0:a8:e4:f7:15:2f:f4:f8:35:b6:42:28:b2:9b:8e:
7b:ee:c8:a8
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANX3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTIwMTIwMDA1WhcNMjQxMjAzMTIwMDA1WjAYMRYw
FAYDVQQDEw02NzNkY2Y0OS1iZjk3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1pjt4ce10MTS5W8DpYMbzF5m+JE+haCMy8UAd9/iYmAkV2WHdTNOBPt3
8wTPEaU1W2HGI6o+16HIoo2izfJZTD8iyiA18zegdv7UcyV09crwXIUTjscL6BD0
HMCgglOV+wt8+HbJ0V8HOzhHJbzrGxiv8JklcaLD7er13dBKzpISqPWBFKgJVZ98
SACgyTKiJVNjRpYzeQ7VrTHzDibO16uqQmSezsyJvBp2dpBxQif71egStIMmsI8F
47HK6HpGr8fDbWLG4hEeouI3fpgDbAU2a5o88N7Ube5LYt5yza+kV7txDBVHTkpM
rsyXb5d4rC1tDjOHlVLala2EiavJXwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGTn
LPUkmKoUqBMP9CvzImMb/msyMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GRDE4RTJDRUE3MzYxMUVGOTdBNUZDODM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDLcswMA0GCSqGSIb3DQEBCwUA
A4IBAQBEdMDyQyC8XKPxeUk3c9raKMbX8TpdY7c7+hR73vPOx22KRQBRUES4/iyD
+32jKemcfdBZWXCnVWkDWzud6nASiQ1YFv92pOZsA2rWU0aE6vKhVjaFFRHXx/DX
kWTNzvgTFCx/h9elqCTJKgapRCf0ppTE7MStTFTt1lgLfyJZC/sWDTPtuTI+n7Mx
VjFnc5fmyqVW6W162VUrJ7kxwEYObeF2J3YCFWMIcGNv6Zu0X75Aujckcw7g6N6Q
NipTZHnF72BDlCdlKveCJGz9sIoFLqQPf50mWmkE4BurGgw05Ch7c5OPdp3fDEgZ
tZrwqOT3FS/0+DW2Qiiym4577sio
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:56 2024 by rpki-client on console-fra.rpki-client.org