Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/03EA4E1A9D9811EFA8A0155C762E951A.roa
File: 03EA4E1A9D9811EFA8A0155C762E951A.roa (raw, json)
Hash identifier: 7c8g9tHe3vYZyX/J8p2CpDp0TFzqpnE3Gxa5H6IaJv4=
Subject key identifier: D5:9F:15:82:0B:E7:38:3D:91:65:D7:EE:52:2A:6D:BB:EE:B3:16:23
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D00E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/03EA4E1A9D9811EFA8A0155C762E951A.roa
Signing time: Fri 08 Nov 2024 06:09:30 +0000
ROA not before: Fri 08 Nov 2024 06:09:26 +0000
ROA not after: Sat 30 Nov 2024 06:09:26 +0000
asID: 142403
IP address blocks: 156.236.72.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 53262 (0xd00e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 8 06:09:26 2024 GMT
Not After : Nov 30 06:09:26 2024 GMT
Subject: CN=672dab1a-4201
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:c6:24:b1:00:60:0c:eb:04:c8:ce:97:ff:75:
4a:ff:96:e7:0d:5a:5b:6a:62:6d:43:fe:52:7d:dd:
c0:36:1f:6e:70:c9:34:76:a8:49:0f:b7:43:fc:9d:
05:f7:26:63:92:98:03:e4:c5:da:11:df:55:da:eb:
d6:69:c5:c6:00:f3:ed:02:4f:27:d2:4d:38:4f:11:
5d:5b:ea:a9:5d:33:1e:1a:fe:6b:52:2c:80:7c:1f:
97:07:ce:a9:6d:de:f1:38:0d:05:a1:3c:79:59:35:
4d:19:61:2f:0e:e2:7a:a5:2c:c5:be:8b:5e:da:c9:
ed:58:d9:99:66:95:d1:af:24:e2:07:24:76:88:7c:
88:64:39:f2:87:67:2b:75:c3:a4:4c:36:4a:73:72:
44:95:cf:7e:c6:ce:05:69:64:10:7b:83:eb:75:27:
f1:5c:b4:aa:07:65:db:6e:5c:e4:d8:e1:73:12:7d:
d2:9e:f6:d3:e9:9e:66:60:81:2d:ea:b0:13:75:00:
c0:cc:60:e7:32:cf:f4:dc:b8:13:25:72:a6:c9:05:
d9:e2:a8:f6:3e:6c:89:34:40:32:03:90:f8:ed:50:
22:26:f8:2b:5c:28:c1:b9:7f:ca:7f:38:f5:39:a0:
31:7a:32:e3:36:a6:29:7e:b8:19:aa:52:aa:23:01:
0f:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:9F:15:82:0B:E7:38:3D:91:65:D7:EE:52:2A:6D:BB:EE:B3:16:23
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/03EA4E1A9D9811EFA8A0155C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.236.72.0/24
Signature Algorithm: sha256WithRSAEncryption
31:18:03:05:cf:2a:93:8b:16:5b:9a:2a:ba:54:fc:49:bd:58:
9d:23:d4:e1:e5:b3:ed:b0:8c:7c:a3:16:95:4f:0f:d6:5e:0b:
1d:cb:57:21:d0:17:8c:25:28:ed:e2:19:4c:e2:3c:05:60:e8:
ba:27:f1:e0:4d:11:08:24:c5:c8:1e:76:7a:d1:a0:5b:30:fd:
2f:89:9d:b0:fb:e2:39:ce:84:fb:01:b4:cd:db:77:1a:0b:72:
d0:99:2c:63:e2:03:86:d2:81:fc:24:a5:50:21:b9:0f:62:73:
8b:41:b3:99:d9:b9:6b:7e:88:41:5f:b5:e5:08:b0:c8:67:95:
7a:31:81:0d:52:24:ac:e7:b7:e6:fc:70:b9:ff:2f:36:4a:8f:
36:be:97:01:61:38:b7:4c:cf:ab:ff:e1:46:40:ef:c3:5f:c1:
11:29:05:b1:6f:5e:4c:56:7b:70:2f:d5:e0:59:14:e0:30:00:
f7:d3:d9:c2:e6:fc:7e:d3:38:4e:b0:98:a9:b6:36:df:d4:a9:
b5:e4:94:59:e6:2d:65:1f:0f:b1:69:08:6a:26:6f:54:c9:7b:
81:6d:56:3b:76:0c:44:45:90:fd:6e:de:26:9c:f7:e3:94:cc:
af:26:ea:78:b1:1c:b4:64:56:fa:ac:93:e1:77:8e:53:60:96:
ed:c7:4a:52
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANAOMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTA4MDYwOTI2WhcNMjQxMTMwMDYwOTI2WjAYMRYw
FAYDVQQDEw02NzJkYWIxYS00MjAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwcYksQBgDOsEyM6X/3VK/5bnDVpbamJtQ/5Sfd3ANh9ucMk0dqhJD7dD
/J0F9yZjkpgD5MXaEd9V2uvWacXGAPPtAk8n0k04TxFdW+qpXTMeGv5rUiyAfB+X
B86pbd7xOA0FoTx5WTVNGWEvDuJ6pSzFvote2sntWNmZZpXRryTiByR2iHyIZDny
h2crdcOkTDZKc3JElc9+xs4FaWQQe4PrdSfxXLSqB2Xbblzk2OFzEn3SnvbT6Z5m
YIEt6rATdQDAzGDnMs/03LgTJXKmyQXZ4qj2PmyJNEAyA5D47VAiJvgrXCjBuX/K
fzj1OaAxejLjNqYpfrgZqlKqIwEPDQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNWf
FYIL5zg9kWXX7lIqbbvusxYjMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wM0VBNEUxQTlEOTgxMUVGQThBMDE1NUM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOxIMA0GCSqGSIb3DQEBCwUA
A4IBAQAxGAMFzyqTixZbmiq6VPxJvVidI9Th5bPtsIx8oxaVTw/WXgsdy1ch0BeM
JSjt4hlM4jwFYOi6J/HgTREIJMXIHnZ60aBbMP0viZ2w++I5zoT7AbTN23caC3LQ
mSxj4gOG0oH8JKVQIbkPYnOLQbOZ2blrfohBX7XlCLDIZ5V6MYENUiSs57fm/HC5
/y82So82vpcBYTi3TM+r/+FGQO/DX8ERKQWxb15MVntwL9XgWRTgMAD309nC5vx+
0zhOsJiptjbf1Km15JRZ5i1lHw+xaQhqJm9UyXuBbVY7dgxERZD9bt4mnPfjlMyv
Jup4sRy0ZFb6rJPhd45TYJbtx0pS
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:16 2024 by rpki-client on console-fra.rpki-client.org