Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/42E775A4A25511EFBF5A8D4E762E951A.roa
File: 42E775A4A25511EFBF5A8D4E762E951A.roa (raw, json)
Hash identifier: YTKvNhkS/Js/hMc0wobjl5sFgnUPNRMzOWYd5bbyCWE=
Subject key identifier: 04:69:E4:2A:03:C9:B1:4C:5A:5A:85:DF:03:99:24:63:2B:21:2C:83
Certificate issuer: /CN=F3669D6BAR/serialNumber=7CA3542AF087A87BACAB1F866EE5FF5B156FA787
Certificate serial: 0AD7
Authority key identifier: 7C:A3:54:2A:F0:87:A8:7B:AC:AB:1F:86:6E:E5:FF:5B:15:6F:A7:87
Authority info access: rsync://rpki.afrinic.net/repository/arin/fKNUKvCHqHusqx-GbuX_WxVvp4c.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/42E775A4A25511EFBF5A8D4E762E951A.roa
Signing time: Thu 14 Nov 2024 06:54:15 +0000
ROA not before: Thu 14 Nov 2024 06:54:11 +0000
ROA not after: Tue 14 Nov 2034 06:54:11 +0000
asID: 6206
IP address blocks: 192.142.22.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/fKNUKvCHqHusqx-GbuX_WxVvp4c.crl
rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/fKNUKvCHqHusqx-GbuX_WxVvp4c.mft
rsync://rpki.afrinic.net/repository/arin/fKNUKvCHqHusqx-GbuX_WxVvp4c.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:21:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2775 (0xad7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3669D6BAR/serialNumber=7CA3542AF087A87BACAB1F866EE5FF5B156FA787
Validity
Not Before: Nov 14 06:54:11 2024 GMT
Not After : Nov 14 06:54:11 2034 GMT
Subject: CN=67359e97-9ec3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:34:77:c1:11:25:a4:fd:4a:1f:5e:23:47:e3:
d6:59:66:46:a1:52:d7:37:76:22:3a:26:18:9b:62:
5e:bc:10:6b:06:80:1c:6c:19:b5:af:54:54:83:3c:
a6:e3:e2:23:db:f0:16:89:c7:25:cd:9c:05:26:76:
c0:3a:61:29:34:bf:15:36:a4:7c:1a:01:23:16:a3:
e3:8d:e3:80:46:4f:80:3f:f2:5e:29:e9:45:42:d5:
0f:d3:85:a0:9f:f7:28:e3:63:b4:d7:ef:a8:1b:ec:
72:1a:78:07:c3:af:6a:7b:d8:be:ea:a5:b6:58:69:
a2:a1:05:b6:65:94:53:5c:b3:c2:7d:2a:0d:73:c5:
64:ae:33:16:f5:5e:46:5c:33:77:d0:cc:38:1f:96:
4d:46:f5:5b:75:73:4b:1a:24:51:5f:ba:65:b4:9d:
1b:06:0c:7b:af:4e:c6:2f:4c:fe:4b:29:40:66:6d:
ed:fa:75:fa:e9:0d:aa:e8:f2:05:d8:13:30:71:20:
ea:43:b0:1f:a6:00:53:fa:d4:40:76:98:65:98:13:
a4:97:99:ab:e4:a1:5d:fe:3e:96:0f:2f:dd:37:4f:
27:4d:45:1e:ca:69:dc:ba:0f:43:72:35:62:a2:9e:
b2:9c:69:8a:92:53:32:9e:d4:2a:94:97:da:1a:06:
22:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:69:E4:2A:03:C9:B1:4C:5A:5A:85:DF:03:99:24:63:2B:21:2C:83
X509v3 Authority Key Identifier:
keyid:7C:A3:54:2A:F0:87:A8:7B:AC:AB:1F:86:6E:E5:FF:5B:15:6F:A7:87
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/fKNUKvCHqHusqx-GbuX_WxVvp4c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/fKNUKvCHqHusqx-GbuX_WxVvp4c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/42E775A4A25511EFBF5A8D4E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
192.142.22.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:59:67:82:a6:00:ba:3b:9c:c6:7f:84:cf:70:89:16:61:db:
b8:d4:33:c5:38:7a:8b:2f:bb:c8:ba:8f:53:7c:bc:2a:63:49:
94:3f:4e:3e:17:ea:e3:fe:d8:ff:1c:d2:2a:95:4d:91:89:59:
2f:ca:3f:ba:61:c0:c3:0d:47:86:3a:b8:3a:66:2a:ef:c1:6d:
e1:58:33:a5:05:07:7e:76:5b:02:31:0b:c2:03:80:44:b4:68:
d4:a2:31:fa:c8:43:17:54:38:91:c7:77:b2:92:af:c3:29:b6:
33:e1:3b:ed:6c:b3:fb:fa:aa:0e:2c:2e:90:73:b0:ac:83:fe:
50:11:93:5b:b7:57:31:d1:de:00:79:9c:92:3e:b4:37:0e:a3:
09:16:af:c8:43:9f:b4:ab:1b:17:30:bc:8e:8f:18:db:f6:86:
28:21:e3:f6:be:42:f6:ca:85:b6:8f:62:ea:ec:a4:16:1b:92:
38:06:21:f6:44:d4:19:b7:43:ea:3d:99:6b:cb:d4:de:4d:cd:
1f:9f:03:09:da:4e:a5:b4:32:f8:bc:f2:1f:73:ba:e7:1f:c2:
08:91:70:4c:42:51:fb:c1:46:cd:d6:e4:fa:ee:c0:db:02:51:
94:df:cd:fa:95:cc:6d:35:43:a5:14:d7:1f:b6:ec:96:f1:f2:
d7:0e:53:e6
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICCtcwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NjlENkJBUjExMC8GA1UEBRMoN0NBMzU0MkFGMDg3QTg3QkFDQUIxRjg2NkVFNUZG
NUIxNTZGQTc4NzAeFw0yNDExMTQwNjU0MTFaFw0zNDExMTQwNjU0MTFaMBgxFjAU
BgNVBAMTDTY3MzU5ZTk3LTllYzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDFNHfBESWk/UofXiNH49ZZZkahUtc3diI6JhibYl68EGsGgBxsGbWvVFSD
PKbj4iPb8BaJxyXNnAUmdsA6YSk0vxU2pHwaASMWo+ON44BGT4A/8l4p6UVC1Q/T
haCf9yjjY7TX76gb7HIaeAfDr2p72L7qpbZYaaKhBbZllFNcs8J9Kg1zxWSuMxb1
XkZcM3fQzDgflk1G9Vt1c0saJFFfumW0nRsGDHuvTsYvTP5LKUBmbe36dfrpDaro
8gXYEzBxIOpDsB+mAFP61EB2mGWYE6SXmavkoV3+PpYPL903TydNRR7Kady6D0Ny
NWKinrKcaYqSUzKe1CqUl9oaBiIXAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUBGnk
KgPJsUxaWoXfA5kkYyshLIMwHwYDVR0jBBgwFoAUfKNUKvCHqHusqx+GbuX/WxVv
p4cwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjY5RDZCL0QyNEEyN0I4ODc5QTExRTk4MzcwNEI1MUY4QUVBMjI4L2ZLTlVL
dkNIcUh1c3F4LUdidVhfV3hWdnA0Yy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2ZLTlVLdkNIcUh1c3F4LUdidVhfV3hWdnA0Yy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjY5RDZCL0QyNEEyN0I4ODc5QTExRTk4MzcwNEI1MUY4QUVB
MjI4LzQyRTc3NUE0QTI1NTExRUZCRjVBOEQ0RTc2MkU5NTFBLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADAjhYwDQYJKoZIhvcNAQELBQAD
ggEBAB1ZZ4KmALo7nMZ/hM9wiRZh27jUM8U4eosvu8i6j1N8vCpjSZQ/Tj4X6uP+
2P8c0iqVTZGJWS/KP7phwMMNR4Y6uDpmKu/BbeFYM6UFB352WwIxC8IDgES0aNSi
MfrIQxdUOJHHd7KSr8MptjPhO+1ss/v6qg4sLpBzsKyD/lARk1u3VzHR3gB5nJI+
tDcOowkWr8hDn7SrGxcwvI6PGNv2high4/a+QvbKhbaPYurspBYbkjgGIfZE1Bm3
Q+o9mWvL1N5NzR+fAwnaTqW0Mvi88h9zuucfwgiRcExCUfvBRs3W5PruwNsCUZTf
zfqVzG01Q6UU1x+27Jbx8tcOU+Y=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:53 2024 by rpki-client on console-fra.rpki-client.org