Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0063C19A7E3F11EF88C8ECB6762E951A.roa
File: 0063C19A7E3F11EF88C8ECB6762E951A.roa (raw, json)
Hash identifier: 9P0WsRz+7z6Fn1LH7So/0lcQPpHiYXvwSWmRcYeR5aQ=
Subject key identifier: F3:C5:9A:94:1A:55:49:78:6B:AF:D6:1B:4F:08:8E:6C:E7:7B:9C:38
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: BC8F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0063C19A7E3F11EF88C8ECB6762E951A.roa
Signing time: Sun 29 Sep 2024 08:44:13 +0000
ROA not before: Sun 29 Sep 2024 08:44:09 +0000
ROA not after: Mon 30 Dec 2024 08:44:09 +0000
asID: 17561
IP address blocks: 156.237.32.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 48271 (0xbc8f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 29 08:44:09 2024 GMT
Not After : Dec 30 08:44:09 2024 GMT
Subject: CN=66f9135d-a6fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:19:41:c5:0a:8b:8d:ea:9e:09:34:ac:f8:cf:
90:bd:97:15:b6:b0:6c:a6:d7:dc:e4:27:1e:4a:2a:
9d:66:b1:6d:5d:6d:ae:35:cd:3a:39:e6:fc:60:a5:
66:ac:0f:e2:e4:9d:ed:85:c4:24:2f:21:4a:a9:49:
fe:81:6a:c1:67:9f:da:97:4f:a3:3b:2a:d5:5d:83:
44:ea:8a:92:6b:bd:6c:f7:40:c7:9f:6c:c0:42:e3:
dd:86:b7:7c:da:7a:23:e1:e2:d0:45:8d:c7:a2:75:
36:e6:79:46:78:1b:97:a5:0c:c0:cf:83:4e:f6:5f:
d1:e0:60:4e:eb:96:15:29:76:bc:cf:2b:d0:e9:ec:
97:93:c8:a1:e6:b1:46:45:66:e2:33:9a:a5:15:5a:
01:9f:ca:0b:2e:d4:a6:26:ce:a6:2a:cc:80:5b:02:
8c:87:89:d2:08:ce:78:fd:00:01:2c:05:fe:87:5b:
a9:73:75:19:de:e6:a6:8f:1e:7a:7c:b6:21:a2:8c:
f1:13:af:0c:34:79:4f:80:17:7b:24:4b:7a:2e:db:
3e:62:05:83:50:f1:52:83:b6:b4:8c:f7:12:ef:d2:
af:e0:12:60:fc:6e:4b:5b:d7:be:01:68:e9:02:61:
43:13:09:cc:46:d6:34:b3:20:74:37:33:4e:c7:f4:
48:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:C5:9A:94:1A:55:49:78:6B:AF:D6:1B:4F:08:8E:6C:E7:7B:9C:38
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0063C19A7E3F11EF88C8ECB6762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.237.32.0/19
Signature Algorithm: sha256WithRSAEncryption
37:63:5f:2e:dd:ef:1f:81:53:69:a7:fe:aa:50:c3:87:18:52:
c4:b9:9e:5f:70:20:cd:19:af:66:94:e3:cb:0b:eb:98:cc:cb:
e4:87:1e:76:ce:21:d9:c0:5e:ad:94:f4:25:30:6b:69:5f:e1:
dc:24:ab:95:79:e5:4e:ee:46:85:d1:eb:f0:6d:15:33:72:4f:
a6:32:60:c6:e0:a3:fc:d3:e2:a2:8b:30:3f:04:40:60:25:00:
7c:c0:29:a7:20:ac:15:6e:ed:76:2d:9e:2b:d9:d7:62:03:13:
4f:da:98:fd:c0:37:5a:6d:75:bd:e4:2f:f8:a4:e0:f1:cd:3b:
21:32:e7:a9:c7:3d:3e:79:87:63:88:44:ca:e1:43:d6:f7:fb:
e8:7a:84:52:00:46:dc:f2:91:b8:ab:4e:84:de:7f:00:05:a1:
19:5f:d2:5d:da:04:03:83:2d:a4:97:00:27:cc:24:f5:66:be:
19:88:53:55:c7:56:af:4e:92:d7:88:5b:4b:a2:e2:40:7e:25:
49:2c:0b:a1:ff:9b:d9:a9:77:5e:c4:b0:c3:e9:8d:92:04:5a:
6e:02:c7:97:e1:39:2c:ca:b1:1d:5f:6f:85:22:a8:2a:fe:a6:
87:a9:79:be:a3:35:91:64:e7:04:f9:79:3b:be:1b:0e:5b:8a:
4e:46:2f:06
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDALyPMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwOTI5MDg0NDA5WhcNMjQxMjMwMDg0NDA5WjAYMRYw
FAYDVQQDEw02NmY5MTM1ZC1hNmZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4xlBxQqLjeqeCTSs+M+QvZcVtrBsptfc5CceSiqdZrFtXW2uNc06Oeb8
YKVmrA/i5J3thcQkLyFKqUn+gWrBZ5/al0+jOyrVXYNE6oqSa71s90DHn2zAQuPd
hrd82noj4eLQRY3HonU25nlGeBuXpQzAz4NO9l/R4GBO65YVKXa8zyvQ6eyXk8ih
5rFGRWbiM5qlFVoBn8oLLtSmJs6mKsyAWwKMh4nSCM54/QABLAX+h1upc3UZ3uam
jx56fLYhoozxE68MNHlPgBd7JEt6Lts+YgWDUPFSg7a0jPcS79Kv4BJg/G5LW9e+
AWjpAmFDEwnMRtY0syB0NzNOx/RIvQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPPF
mpQaVUl4a6/WG08Ijmzne5w4MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wMDYzQzE5QTdFM0YxMUVGODhDOEVDQjY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFnO0gMA0GCSqGSIb3DQEBCwUA
A4IBAQA3Y18u3e8fgVNpp/6qUMOHGFLEuZ5fcCDNGa9mlOPLC+uYzMvkhx52ziHZ
wF6tlPQlMGtpX+HcJKuVeeVO7kaF0evwbRUzck+mMmDG4KP80+KiizA/BEBgJQB8
wCmnIKwVbu12LZ4r2ddiAxNP2pj9wDdabXW95C/4pODxzTshMuepxz0+eYdjiETK
4UPW9/voeoRSAEbc8pG4q06E3n8ABaEZX9Jd2gQDgy2klwAnzCT1Zr4ZiFNVx1av
TpLXiFtLouJAfiVJLAuh/5vZqXdexLDD6Y2SBFpuAseX4TksyrEdX2+FIqgq/qaH
qXm+ozWRZOcE+Xk7vhsOW4pORi8G
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:17 2024 by rpki-client on console-ams.rpki-client.org