Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/03A2F7B09B7A11EFBA8D7D79762E951A.roa
File: 03A2F7B09B7A11EFBA8D7D79762E951A.roa (raw, json)
Hash identifier: K21C6+7Rv3Ne8lpcGVMyC1yG8FSIsi58odcZaZRkCWQ=
Subject key identifier: D0:98:E4:46:E2:D8:4A:8C:96:F5:16:A7:73:E2:30:98:81:52:CC:8C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: CE57
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/03A2F7B09B7A11EFBA8D7D79762E951A.roa
Signing time: Tue 05 Nov 2024 13:29:42 +0000
ROA not before: Tue 05 Nov 2024 13:29:38 +0000
ROA not after: Mon 13 Jan 2025 13:29:38 +0000
asID: 22773
IP address blocks: 156.229.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 52823 (0xce57)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 5 13:29:38 2024 GMT
Not After : Jan 13 13:29:38 2025 GMT
Subject: CN=672a1dc6-5df5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:5e:a2:f1:a9:1a:de:e7:19:f5:5a:17:7e:6c:
4b:4f:be:5a:a1:b2:b6:6e:a5:63:ba:40:2e:d6:91:
f0:8b:ee:5f:9d:e2:e6:38:46:26:50:52:bb:53:10:
a8:16:59:00:0c:cd:31:aa:14:15:25:6d:5d:f4:8c:
d3:99:00:7d:c4:44:2a:6d:a1:cc:3f:bb:3e:d0:cb:
75:ed:5e:1d:75:7b:60:25:16:d9:ec:b9:2c:ff:a5:
9d:8d:54:29:b8:eb:20:0a:74:47:56:59:db:0b:62:
eb:ed:e6:af:fc:4d:21:f5:ad:78:71:f5:18:a2:00:
15:b5:7f:17:8f:3d:eb:f1:34:ac:40:d0:ac:5b:09:
d9:0e:64:80:5b:fd:23:8c:f7:3f:e5:5a:c5:e4:62:
d4:eb:52:18:20:79:d7:e8:f0:5d:bb:0c:1e:26:d2:
9f:d7:77:0c:73:a7:97:8d:29:1b:bc:d9:69:3b:89:
79:78:69:f5:28:9a:6a:7a:e3:89:14:8c:cc:1d:bb:
77:ee:ae:b4:42:50:06:44:94:49:c3:bc:d9:14:b8:
51:91:0f:9d:80:32:92:f2:a7:f3:87:56:86:a2:fd:
35:48:68:7c:aa:e4:be:ee:67:e2:62:e4:3f:60:cf:
f8:9d:4f:c9:92:19:7d:3d:80:c3:70:07:76:bf:1a:
58:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:98:E4:46:E2:D8:4A:8C:96:F5:16:A7:73:E2:30:98:81:52:CC:8C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/03A2F7B09B7A11EFBA8D7D79762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.0.0/24
Signature Algorithm: sha256WithRSAEncryption
98:b8:f9:5b:11:a8:f0:9c:9d:30:71:aa:79:08:1c:eb:60:3e:
17:4b:f5:33:b5:e4:a9:0c:63:9b:55:d4:ea:d6:52:e2:aa:dd:
58:37:b1:31:28:ff:a4:5f:51:9b:f9:71:16:b7:06:5f:2d:ef:
a6:cd:23:c7:c0:7b:65:4b:e8:04:89:5a:c2:28:ca:16:16:22:
cd:49:ec:f8:b9:a1:bb:49:9d:4e:69:a5:89:0a:63:c7:c4:e8:
6c:fd:2f:67:c2:42:9d:45:0e:2f:f5:59:b2:1c:37:a0:2f:5d:
bd:40:fc:46:e9:a2:78:2c:21:ba:9a:c8:c6:a7:d1:a3:d4:2e:
e1:3e:8c:00:b2:87:14:71:8c:b2:cc:45:13:b3:f0:92:44:83:
8d:80:01:fe:49:3e:51:48:f4:f3:29:21:8c:f5:36:b8:29:86:
eb:fc:e0:7f:16:a7:92:d0:a9:57:11:7d:fe:5f:34:1a:82:8f:
bb:86:95:9b:69:97:63:bd:a0:b3:c7:a2:15:a0:ce:30:e3:96:
df:2e:07:3e:ba:56:a1:24:22:31:42:8f:38:6a:2e:85:66:e1:
5f:2a:bf:76:15:5b:0d:25:cc:3e:1e:55:c2:94:f4:46:f8:c5:
3f:b0:de:5e:c0:e5:04:ef:69:61:20:31:f2:12:e2:eb:8e:b7:
a6:46:57:c3
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAM5XMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTA1MTMyOTM4WhcNMjUwMTEzMTMyOTM4WjAYMRYw
FAYDVQQDEw02NzJhMWRjNi01ZGY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA8l6i8aka3ucZ9VoXfmxLT75aobK2bqVjukAu1pHwi+5fneLmOEYmUFK7
UxCoFlkADM0xqhQVJW1d9IzTmQB9xEQqbaHMP7s+0Mt17V4ddXtgJRbZ7Lks/6Wd
jVQpuOsgCnRHVlnbC2Lr7eav/E0h9a14cfUYogAVtX8Xjz3r8TSsQNCsWwnZDmSA
W/0jjPc/5VrF5GLU61IYIHnX6PBduwweJtKf13cMc6eXjSkbvNlpO4l5eGn1KJpq
euOJFIzMHbt37q60QlAGRJRJw7zZFLhRkQ+dgDKS8qfzh1aGov01SGh8quS+7mfi
YuQ/YM/4nU/Jkhl9PYDDcAd2vxpYeQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNCY
5Ebi2EqMlvUWp3PiMJiBUsyMMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wM0EyRjdCMDlCN0ExMUVGQkE4RDdENzk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOUAMA0GCSqGSIb3DQEBCwUA
A4IBAQCYuPlbEajwnJ0wcap5CBzrYD4XS/UzteSpDGObVdTq1lLiqt1YN7ExKP+k
X1Gb+XEWtwZfLe+mzSPHwHtlS+gEiVrCKMoWFiLNSez4uaG7SZ1OaaWJCmPHxOhs
/S9nwkKdRQ4v9VmyHDegL129QPxG6aJ4LCG6msjGp9Gj1C7hPowAsocUcYyyzEUT
s/CSRIONgAH+ST5RSPTzKSGM9Ta4KYbr/OB/FqeS0KlXEX3+XzQago+7hpWbaZdj
vaCzx6IVoM4w45bfLgc+ulahJCIxQo84ai6FZuFfKr92FVsNJcw+HlXClPRG+MU/
sN5ewOUE72lhIDHyEuLrjremRlfD
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:17 2024 by rpki-client on console-ams.rpki-client.org