Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0B7CC1026AA411EFB54C8A7F762E951A.roa
File: 0B7CC1026AA411EFB54C8A7F762E951A.roa (raw, json)
Hash identifier: Lj3nt1UdmFdi9r7IEavDtr+cgXRt6YkyL45BotIqLwc=
Subject key identifier: 17:AB:C3:2E:05:07:F2:29:16:32:C3:26:A7:B7:FD:22:C2:6A:98:C3
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: B1C5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0B7CC1026AA411EFB54C8A7F762E951A.roa
Signing time: Wed 04 Sep 2024 09:57:07 +0000
ROA not before: Wed 04 Sep 2024 09:57:03 +0000
ROA not after: Thu 24 Apr 2025 09:57:03 +0000
asID: 63888
IP address blocks: 156.255.88.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 45509 (0xb1c5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 4 09:57:03 2024 GMT
Not After : Apr 24 09:57:03 2025 GMT
Subject: CN=66d82ef3-321b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:07:53:a0:48:57:3a:32:1c:48:d9:15:f5:4b:
28:f4:91:b4:6a:05:52:c3:05:bc:aa:96:b8:45:a7:
fa:08:89:c0:50:39:ce:97:ed:81:fa:75:0b:45:01:
26:91:31:13:af:30:2c:54:2f:fa:e4:90:be:0c:fa:
a7:72:2b:cf:b1:0a:24:78:47:1c:2a:82:a4:34:e6:
ea:c8:6f:88:c2:1a:d7:80:2d:1a:2c:f7:df:09:11:
cd:e0:52:cf:a7:f7:f4:55:f9:7d:0b:e0:39:74:ae:
73:aa:43:6d:3e:64:5d:f4:8f:65:44:be:20:95:3d:
2d:79:86:c8:51:ed:22:f0:fe:9a:7c:f3:c9:e4:6a:
fa:86:af:02:dd:a1:0d:84:6b:5d:9c:f1:ea:5f:00:
f8:72:cf:63:a0:00:b6:dd:c5:6a:10:e8:86:ba:d2:
29:52:fd:56:40:d6:78:51:f3:b9:e9:71:a6:0f:9c:
c1:38:ec:a8:eb:29:77:40:8b:bd:bb:ff:5f:a8:4a:
94:34:27:59:9f:e8:a3:6e:81:51:71:5b:fd:2e:48:
b1:9e:bb:dc:b3:29:e1:31:66:c7:11:c5:c8:bb:74:
90:70:d2:24:cb:b7:2a:90:19:30:80:9d:60:d3:57:
1d:7c:ed:d9:4e:86:3f:b6:69:a8:8b:fe:13:09:01:
2b:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:AB:C3:2E:05:07:F2:29:16:32:C3:26:A7:B7:FD:22:C2:6A:98:C3
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0B7CC1026AA411EFB54C8A7F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.255.88.0/21
Signature Algorithm: sha256WithRSAEncryption
49:b7:28:a0:3d:f4:c3:d9:ac:48:71:99:fb:07:16:bd:6d:a6:
59:49:8c:b6:3b:3d:73:93:c4:ff:f6:9e:f9:16:38:f1:43:13:
61:3d:58:c1:7a:4c:dd:62:91:45:ee:ef:3e:a5:cd:10:c1:d1:
47:81:33:82:27:e8:0d:d3:70:05:96:0a:30:b1:62:3f:99:e4:
00:b0:11:51:f0:ce:aa:88:1f:60:a9:7c:72:a8:1e:77:8e:e0:
64:71:9b:3d:5f:88:85:be:a4:c2:70:f4:8f:60:cc:fa:af:3c:
30:66:b8:a4:d6:17:8a:f7:c3:3f:24:8c:73:4e:b7:b2:bb:7c:
e0:60:96:bb:fb:0a:ab:34:44:1c:0c:ae:e1:e0:d8:6f:ed:a0:
68:cb:6c:d5:91:04:e5:fb:39:0f:92:17:c9:8c:f9:5c:a5:77:
95:f6:eb:89:58:29:2d:14:ec:4e:08:53:4b:64:97:f1:67:54:
20:8f:47:0f:cc:5f:1c:1b:ef:02:58:fd:58:fc:a3:85:ec:47:
d1:c3:41:13:ac:c8:5d:ab:ec:a7:4d:63:ef:19:b4:da:2c:8c:
88:bd:e5:65:d1:81:84:17:dc:a0:4e:20:dc:38:27:2c:52:bf:
af:2d:d1:ba:5e:2d:50:eb:d7:45:67:cc:76:58:3d:94:51:5c:
d1:7f:08:cd
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDALHFMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwOTA0MDk1NzAzWhcNMjUwNDI0MDk1NzAzWjAYMRYw
FAYDVQQDEw02NmQ4MmVmMy0zMjFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvAdToEhXOjIcSNkV9Uso9JG0agVSwwW8qpa4Raf6CInAUDnOl+2B+nUL
RQEmkTETrzAsVC/65JC+DPqncivPsQokeEccKoKkNObqyG+IwhrXgC0aLPffCRHN
4FLPp/f0Vfl9C+A5dK5zqkNtPmRd9I9lRL4glT0teYbIUe0i8P6afPPJ5Gr6hq8C
3aENhGtdnPHqXwD4cs9joAC23cVqEOiGutIpUv1WQNZ4UfO56XGmD5zBOOyo6yl3
QIu9u/9fqEqUNCdZn+ijboFRcVv9LkixnrvcsynhMWbHEcXIu3SQcNIky7cqkBkw
gJ1g01cdfO3ZToY/tmmoi/4TCQErAwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBer
wy4FB/IpFjLDJqe3/SLCapjDMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wQjdDQzEwMjZBQTQxMUVGQjU0QzhBN0Y3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnP9YMA0GCSqGSIb3DQEBCwUA
A4IBAQBJtyigPfTD2axIcZn7Bxa9baZZSYy2Oz1zk8T/9p75FjjxQxNhPVjBekzd
YpFF7u8+pc0QwdFHgTOCJ+gN03AFlgowsWI/meQAsBFR8M6qiB9gqXxyqB53juBk
cZs9X4iFvqTCcPSPYMz6rzwwZrik1heK98M/JIxzTreyu3zgYJa7+wqrNEQcDK7h
4Nhv7aBoy2zVkQTl+zkPkhfJjPlcpXeV9uuJWCktFOxOCFNLZJfxZ1Qgj0cPzF8c
G+8CWP1Y/KOF7EfRw0ETrMhdq+ynTWPvGbTaLIyIveVl0YGEF9ygTiDcOCcsUr+v
LdG6Xi1Q69dFZ8x2WD2UUVzRfwjN
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:19 2024 by rpki-client on console-ams.rpki-client.org