Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BC68FB6C039211EFA97FB207017001B1.roa
File: BC68FB6C039211EFA97FB207017001B1.roa (raw, json)
Hash identifier: VUWV2z1oNsIQC/bg2VqpC2yKeltfFetwg2K5Xb8xaFk=
Subject key identifier: B4:09:17:F7:39:FF:E8:DE:D1:69:7B:54:68:A0:BD:46:81:38:77:81
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 862D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BC68FB6C039211EFA97FB207017001B1.roa
Signing time: Fri 26 Apr 2024 06:03:43 +0000
ROA not before: Fri 26 Apr 2024 06:03:40 +0000
ROA not after: Sat 07 Sep 2024 06:03:40 +0000
asID: 138415
IP address blocks: 156.225.160.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 20 May 2024 00:16:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 34349 (0x862d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 26 06:03:40 2024 GMT
Not After : Sep 7 06:03:40 2024 GMT
Subject: CN=662b43bf-257e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:b2:17:7e:86:79:1a:f3:70:e4:19:c4:b8:fa:
4c:55:af:af:56:41:eb:3a:df:5e:fa:46:a8:6a:6b:
42:66:a5:73:b4:51:b8:e1:84:4a:c7:59:ec:3b:7a:
5c:38:a0:1d:31:70:b4:03:b3:dd:b4:d6:d0:97:38:
ea:14:9d:7b:ac:14:0c:1c:18:2d:44:a3:c2:62:40:
3c:8c:20:9c:74:d6:0e:2a:bb:0c:6d:db:6b:d4:89:
de:30:0d:ae:93:97:8f:1c:20:86:11:7a:81:a0:22:
01:3b:09:db:8c:0e:1c:34:e6:69:ef:27:e4:5c:3e:
ef:a1:f5:e6:a8:c4:6d:79:de:00:1f:b4:50:5f:a9:
cf:ad:4c:aa:36:96:e8:2d:4c:c4:d8:d3:27:51:57:
6a:31:3a:2d:73:d9:74:79:a3:00:03:72:5e:ec:f1:
e9:cb:45:91:d9:29:ba:bd:de:8a:83:89:6d:00:f3:
08:9d:b5:99:3b:bc:39:56:f0:90:ce:23:d9:5f:b5:
c9:76:5d:a6:ee:36:9e:5a:a2:f2:86:12:b4:ee:e4:
0f:ab:60:b2:91:9b:ea:3a:9b:eb:d8:04:76:a7:f3:
c3:a2:fd:4f:63:fd:df:6a:61:f2:3c:77:38:af:0e:
21:da:ec:8a:f8:f0:ee:67:f0:41:ef:31:1b:a9:a3:
8f:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:09:17:F7:39:FF:E8:DE:D1:69:7B:54:68:A0:BD:46:81:38:77:81
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BC68FB6C039211EFA97FB207017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.160.0/19
Signature Algorithm: sha256WithRSAEncryption
b9:20:7a:db:b1:40:49:04:6d:53:d6:97:49:c4:e0:61:e8:ba:
3a:83:b6:c2:47:44:11:af:3a:51:88:ef:d4:d0:23:0d:34:01:
17:6f:89:4d:a3:a7:27:ad:49:64:50:d1:1a:ca:4d:b3:49:b4:
8a:4d:69:4f:07:85:ef:9e:e5:73:c4:32:86:e0:e3:a6:9a:59:
03:19:cf:01:fe:c5:83:4f:60:09:5b:67:47:c9:c0:8a:99:93:
1b:3c:0f:e5:cf:08:19:51:0a:be:7a:07:fc:60:71:88:89:9e:
ff:d4:4a:d6:32:89:2d:d4:26:74:44:53:45:71:df:99:1c:62:
76:c1:41:66:8a:60:3e:5f:0a:a3:81:ba:4d:9e:df:9d:7b:ed:
31:51:4f:6e:55:bd:67:50:b2:6a:b3:d7:4f:62:ab:68:c4:32:
ee:b5:dc:aa:4a:b9:ee:b7:51:ad:1c:3f:5b:03:3b:4b:2e:42:
67:2d:00:ca:77:fb:9b:23:17:63:a2:5e:1b:3e:6f:26:91:0b:
64:54:82:ff:fe:01:29:a4:d3:09:05:64:7d:b9:56:ff:f7:cd:
fe:74:ca:5e:14:7d:8c:e8:3a:5b:0f:42:33:86:4a:2b:c1:b4:
b6:b6:a2:02:9e:d2:5b:56:60:c8:da:7f:f8:c8:1b:7b:d6:c9:
ca:ad:9c:c1
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAIYtMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNDI2MDYwMzQwWhcNMjQwOTA3MDYwMzQwWjAYMRYw
FAYDVQQDEw02NjJiNDNiZi0yNTdlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArLIXfoZ5GvNw5BnEuPpMVa+vVkHrOt9e+kaoamtCZqVztFG44YRKx1ns
O3pcOKAdMXC0A7PdtNbQlzjqFJ17rBQMHBgtRKPCYkA8jCCcdNYOKrsMbdtr1Ine
MA2uk5ePHCCGEXqBoCIBOwnbjA4cNOZp7yfkXD7vofXmqMRted4AH7RQX6nPrUyq
NpboLUzE2NMnUVdqMTotc9l0eaMAA3Je7PHpy0WR2Sm6vd6Kg4ltAPMInbWZO7w5
VvCQziPZX7XJdl2m7jaeWqLyhhK07uQPq2CykZvqOpvr2AR2p/PDov1PY/3famHy
PHc4rw4h2uyK+PDuZ/BB7zEbqaOPwwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLQJ
F/c5/+je0Wl7VGigvUaBOHeBMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CQzY4RkI2QzAzOTIxMUVGQTk3RkIyMDcwMTcwMDFCMS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFnOGgMA0GCSqGSIb3DQEBCwUA
A4IBAQC5IHrbsUBJBG1T1pdJxOBh6Lo6g7bCR0QRrzpRiO/U0CMNNAEXb4lNo6cn
rUlkUNEayk2zSbSKTWlPB4XvnuVzxDKG4OOmmlkDGc8B/sWDT2AJW2dHycCKmZMb
PA/lzwgZUQq+egf8YHGIiZ7/1ErWMokt1CZ0RFNFcd+ZHGJ2wUFmimA+XwqjgbpN
nt+de+0xUU9uVb1nULJqs9dPYqtoxDLutdyqSrnut1GtHD9bAztLLkJnLQDKd/ub
Ixdjol4bPm8mkQtkVIL//gEppNMJBWR9uVb/983+dMpeFH2M6DpbD0IzhkorwbS2
tqICntJbVmDI2n/4yBt71snKrZzB
-----END CERTIFICATE-----
Generated at Sat May 18 03:49:20 2024 by rpki-client on console-fra.rpki-client.org