Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CAD8FE0405EF11EF927DB64F017001B1.roa
File: CAD8FE0405EF11EF927DB64F017001B1.roa (raw, json)
Hash identifier: b502qXVejKIkXBceLVjt8TscKquUM/ZgSSanWuJbaeg=
Subject key identifier: 26:A5:28:45:94:25:C1:FA:B3:B1:D1:D4:14:2F:1F:7E:73:84:16:5F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 8688
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CAD8FE0405EF11EF927DB64F017001B1.roa
Signing time: Mon 29 Apr 2024 06:14:53 +0000
ROA not before: Mon 29 Apr 2024 06:14:50 +0000
ROA not after: Wed 29 May 2024 06:14:50 +0000
asID: 141718
IP address blocks: 156.237.1.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 24 May 2024 00:16:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 34440 (0x8688)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 29 06:14:50 2024 GMT
Not After : May 29 06:14:50 2024 GMT
Subject: CN=662f3add-b092
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:17:c1:48:51:a2:52:1a:07:9e:30:b0:6d:54:
78:f6:88:c7:13:bd:ba:96:22:65:e2:10:78:11:f0:
f5:41:89:d6:55:d3:49:f9:41:b0:46:f6:c9:96:7c:
39:2d:39:e1:2f:6d:61:fd:ae:ae:89:d5:cd:a9:2f:
40:71:f3:5e:3c:9a:4b:c0:ce:f8:5e:2f:28:f1:1f:
29:4a:00:d7:34:b1:ea:c8:cb:8a:79:45:62:58:0e:
57:63:f6:0f:de:74:82:4c:91:b4:5f:02:f3:c5:b8:
e7:30:dd:2e:18:de:31:ed:2c:46:75:83:ee:70:d6:
fb:d5:b1:8b:dc:d6:41:f5:96:79:00:35:12:97:1a:
70:65:eb:e1:71:f4:84:4e:ab:80:d7:8b:a1:30:84:
fc:2d:3c:04:74:69:4f:28:81:5c:53:00:59:86:33:
4a:b6:77:d8:63:e1:a5:e5:db:1a:ba:11:be:88:35:
a9:fa:a9:8b:7c:26:8a:4a:3a:5e:27:12:2c:97:3b:
38:e5:d2:7e:5d:e9:9c:51:7b:59:79:a2:f0:d6:d0:
3f:b3:21:d1:b6:36:eb:68:31:2e:0b:87:64:9b:34:
e7:41:82:d4:cb:00:99:b7:83:0f:07:3f:82:ef:1e:
96:4e:3c:60:23:09:91:ff:bf:af:78:64:2a:cb:b7:
ac:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:A5:28:45:94:25:C1:FA:B3:B1:D1:D4:14:2F:1F:7E:73:84:16:5F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CAD8FE0405EF11EF927DB64F017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.237.1.0/24
Signature Algorithm: sha256WithRSAEncryption
22:24:b2:13:b6:e8:9e:ab:ae:97:e0:94:ae:43:2e:5c:1b:30:
e7:52:4a:7f:76:0e:de:3b:38:41:ff:5c:20:05:3a:fd:89:4b:
87:7a:d9:f1:4b:fc:42:74:b6:bc:10:e8:f0:ef:fd:4e:7a:07:
ae:fb:e9:0d:fb:54:e1:df:1b:84:6d:95:f4:e4:1a:ac:7b:34:
0f:7c:46:be:2f:d0:c6:6a:50:9f:c6:52:23:f3:7a:00:74:5d:
c0:ad:6d:6f:eb:1f:55:71:0c:4e:81:f6:c2:74:29:a0:3b:5e:
6f:cb:68:58:b4:af:1a:d4:bf:52:83:2a:e2:3a:ee:c1:1a:46:
e5:03:63:7f:bb:23:df:12:4d:e2:83:bd:f4:f6:70:cd:80:60:
07:d7:16:ca:89:bb:34:8c:f2:fd:9a:e1:c1:7b:52:db:2f:94:
77:b3:25:73:08:8e:56:7f:eb:e4:b4:82:16:66:9b:6f:96:b6:
09:a0:44:8c:b7:a7:50:91:5b:ff:32:fd:59:60:89:fc:c7:b3:
a1:ac:5e:af:d3:05:c7:aa:39:39:06:d4:5a:6a:bf:e7:b0:b8:
e1:43:3e:23:8d:47:f7:2c:cb:2f:cb:08:ad:d2:5f:34:39:41:
2f:bb:9e:28:68:bd:4d:2c:b0:88:33:a3:75:90:5b:40:7b:e5:
3c:cd:2a:d5
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAIaIMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNDI5MDYxNDUwWhcNMjQwNTI5MDYxNDUwWjAYMRYw
FAYDVQQDEw02NjJmM2FkZC1iMDkyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzRfBSFGiUhoHnjCwbVR49ojHE726liJl4hB4EfD1QYnWVdNJ+UGwRvbJ
lnw5LTnhL21h/a6uidXNqS9AcfNePJpLwM74Xi8o8R8pSgDXNLHqyMuKeUViWA5X
Y/YP3nSCTJG0XwLzxbjnMN0uGN4x7SxGdYPucNb71bGL3NZB9ZZ5ADUSlxpwZevh
cfSETquA14uhMIT8LTwEdGlPKIFcUwBZhjNKtnfYY+Gl5dsauhG+iDWp+qmLfCaK
SjpeJxIslzs45dJ+XemcUXtZeaLw1tA/syHRtjbraDEuC4dkmzTnQYLUywCZt4MP
Bz+C7x6WTjxgIwmR/7+veGQqy7esaQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCal
KEWUJcH6s7HR1BQvH35zhBZfMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DQUQ4RkUwNDA1RUYxMUVGOTI3REI2NEYwMTcwMDFCMS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO0BMA0GCSqGSIb3DQEBCwUA
A4IBAQAiJLITtuieq66X4JSuQy5cGzDnUkp/dg7eOzhB/1wgBTr9iUuHetnxS/xC
dLa8EOjw7/1Oegeu++kN+1Th3xuEbZX05BqsezQPfEa+L9DGalCfxlIj83oAdF3A
rW1v6x9VcQxOgfbCdCmgO15vy2hYtK8a1L9SgyriOu7BGkblA2N/uyPfEk3ig730
9nDNgGAH1xbKibs0jPL9muHBe1LbL5R3syVzCI5Wf+vktIIWZptvlrYJoESMt6dQ
kVv/Mv1ZYIn8x7OhrF6v0wXHqjk5BtRaar/nsLjhQz4jjUf3LMsvywit0l80OUEv
u54oaL1NLLCIM6N1kFtAe+U8zSrV
-----END CERTIFICATE-----
Generated at Wed May 22 16:21:26 2024 by rpki-client on console-ams.rpki-client.org