Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0157ECDE7A4811EFA2C53048762E951A.roa
File: 0157ECDE7A4811EFA2C53048762E951A.roa (raw, json)
Hash identifier: wA2+T1lcxWTuYyKm+313HpfFT7fZ3VwNEtsvOn0BfiU=
Subject key identifier: 3F:A0:94:ED:44:73:32:74:1D:FC:35:EB:46:75:03:A3:B8:CA:D7:82
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: BA92
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0157ECDE7A4811EFA2C53048762E951A.roa
Signing time: Tue 24 Sep 2024 07:38:35 +0000
ROA not before: Tue 24 Sep 2024 07:38:31 +0000
ROA not after: Sat 21 Dec 2024 07:38:31 +0000
asID: 328608
IP address blocks: 156.229.66.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 47762 (0xba92)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 24 07:38:31 2024 GMT
Not After : Dec 21 07:38:31 2024 GMT
Subject: CN=66f26c7b-7b9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:a6:f8:e1:cd:9b:97:63:78:4b:53:c0:65:0f:
97:a9:d7:27:1b:86:1b:07:fc:a7:9b:59:5d:ee:03:
e5:e9:2c:48:98:e6:00:55:90:ee:46:fb:be:db:26:
7f:0a:d9:12:30:c9:be:6b:39:0b:ce:b0:2f:95:2f:
f7:72:92:c9:9d:ac:a2:70:fa:c3:a6:4d:6a:5e:21:
27:01:b3:80:68:4c:bc:77:e8:f6:2c:28:84:20:f5:
f8:fd:a3:42:9c:6d:61:0f:f0:c5:1e:ec:12:f8:bc:
28:b9:8a:0d:04:de:21:73:69:0b:a8:87:c6:44:a0:
3d:ca:36:b6:9a:6e:72:5e:87:55:87:ed:d4:c9:07:
3e:3f:82:ed:bb:8d:26:52:4d:b4:9b:09:ef:6b:0c:
56:04:b6:d4:4c:a3:00:b6:06:e4:71:db:55:0d:14:
d8:9d:3f:4f:5b:78:51:09:5e:8c:fa:0f:f2:38:85:
0d:82:a1:58:1b:90:c6:b7:06:b2:79:04:46:bb:06:
03:17:2b:4b:7f:67:39:d5:eb:db:0e:ee:29:e9:4f:
96:04:1a:fa:06:91:58:2d:b3:c2:97:95:af:ec:4b:
e7:00:8f:9e:93:05:ae:8b:5b:43:9b:db:f1:7a:67:
41:9e:fa:7b:f5:93:c2:c6:a0:db:b1:bb:b0:a5:98:
b7:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:A0:94:ED:44:73:32:74:1D:FC:35:EB:46:75:03:A3:B8:CA:D7:82
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0157ECDE7A4811EFA2C53048762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.66.0/23
Signature Algorithm: sha256WithRSAEncryption
35:75:08:66:7e:de:8c:ff:2e:09:e4:e8:ad:a0:41:0e:21:ad:
6c:c1:01:54:53:11:bc:43:3c:42:69:67:f1:77:c2:4a:bc:84:
a0:fe:7e:b9:84:21:74:65:c3:6e:87:44:11:93:a6:f2:b7:f2:
90:fa:98:5c:6b:b0:85:24:78:2d:25:2a:8d:77:22:6d:9a:a7:
0a:53:f4:2d:ad:8a:66:c5:d0:a5:24:73:53:42:e6:10:c5:81:
46:55:2a:d3:68:45:2a:be:82:51:52:7c:59:8a:b2:88:6b:15:
ed:7f:c6:98:e8:15:d4:a0:2c:0f:94:dd:ff:fe:73:9e:ec:a6:
69:ba:7c:93:39:ea:8c:1e:47:67:f1:ec:71:c9:f0:97:35:8a:
b9:29:42:a3:27:5d:6a:5e:54:cf:5d:96:d9:af:2b:12:7c:28:
d8:08:ce:72:0d:95:0a:50:57:1b:ad:a0:e6:b6:b5:91:99:c3:
6c:d0:d9:f1:f0:82:a0:e7:60:60:5a:3e:38:d0:eb:dc:79:c0:
e2:ba:0a:0b:3d:7a:90:ce:aa:e6:61:45:4f:4c:6e:40:f5:7c:
26:60:4c:a4:b6:31:80:91:41:76:e0:da:0b:ff:5a:83:0d:45:
5f:21:bc:27:a0:ab:f7:29:45:9c:a2:5c:9c:bb:41:94:d9:3d:
e1:19:c1:e6
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDALqSMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwOTI0MDczODMxWhcNMjQxMjIxMDczODMxWjAYMRYw
FAYDVQQDEw02NmYyNmM3Yi03YjljMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAu6b44c2bl2N4S1PAZQ+XqdcnG4YbB/ynm1ld7gPl6SxImOYAVZDuRvu+
2yZ/CtkSMMm+azkLzrAvlS/3cpLJnayicPrDpk1qXiEnAbOAaEy8d+j2LCiEIPX4
/aNCnG1hD/DFHuwS+LwouYoNBN4hc2kLqIfGRKA9yja2mm5yXodVh+3UyQc+P4Lt
u40mUk20mwnvawxWBLbUTKMAtgbkcdtVDRTYnT9PW3hRCV6M+g/yOIUNgqFYG5DG
twayeQRGuwYDFytLf2c51evbDu4p6U+WBBr6BpFYLbPCl5Wv7EvnAI+ekwWui1tD
m9vxemdBnvp79ZPCxqDbsbuwpZi3aQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFD+g
lO1EczJ0Hfw160Z1A6O4yteCMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wMTU3RUNERTdBNDgxMUVGQTJDNTMwNDg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnOVCMA0GCSqGSIb3DQEBCwUA
A4IBAQA1dQhmft6M/y4J5OitoEEOIa1swQFUUxG8QzxCaWfxd8JKvISg/n65hCF0
ZcNuh0QRk6byt/KQ+phca7CFJHgtJSqNdyJtmqcKU/QtrYpmxdClJHNTQuYQxYFG
VSrTaEUqvoJRUnxZirKIaxXtf8aY6BXUoCwPlN3//nOe7KZpunyTOeqMHkdn8exx
yfCXNYq5KUKjJ11qXlTPXZbZrysSfCjYCM5yDZUKUFcbraDmtrWRmcNs0Nnx8IKg
52BgWj440OvcecDiugoLPXqQzqrmYUVPTG5A9XwmYEyktjGAkUF24NoL/1qDDUVf
IbwnoKv3KUWcolycu0GU2T3hGcHm
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:16 2024 by rpki-client on console-fra.rpki-client.org