Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0C6B473C9AB011EFA8C5577F762E951A.roa
File: 0C6B473C9AB011EFA8C5577F762E951A.roa (raw, json)
Hash identifier: H6EgiDquBtNg5p2QoOjV/LIPbfbMndRrxQCNeOUCRUs=
Subject key identifier: 83:BF:38:20:D0:C9:E4:6C:53:64:A7:D5:8F:ED:AB:A5:F6:76:8F:69
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: CDBA
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0C6B473C9AB011EFA8C5577F762E951A.roa
Signing time: Mon 04 Nov 2024 13:23:59 +0000
ROA not before: Mon 04 Nov 2024 13:23:55 +0000
ROA not after: Tue 03 Dec 2024 13:23:55 +0000
asID: 141883
IP address blocks: 156.240.48.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 52666 (0xcdba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 4 13:23:55 2024 GMT
Not After : Dec 3 13:23:55 2024 GMT
Subject: CN=6728caee-3b62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:66:ee:04:66:99:05:df:9d:a8:86:12:e0:b8:
9a:ad:ac:b9:67:66:a5:f7:70:25:26:25:d1:5c:8d:
18:d7:43:dd:d2:47:2e:59:00:e0:80:c4:f6:d8:62:
14:89:f9:72:37:51:6c:3e:2e:5b:43:11:c0:46:f5:
e6:0c:de:81:c4:31:2e:05:c9:da:7d:0a:fe:84:ff:
ec:83:11:36:3e:77:aa:e4:7c:b5:40:e8:82:d8:ed:
db:00:9e:4a:f5:36:66:5d:53:1d:04:63:72:d9:d8:
44:9b:05:f8:0b:2a:a5:76:ec:eb:e2:50:fa:5c:55:
61:60:47:7f:8b:c0:29:52:f2:8d:27:cd:39:a5:63:
f1:80:b6:f3:37:44:33:f5:a6:9d:8d:e7:59:ec:fe:
bb:f7:3b:a0:04:71:be:6d:a5:61:79:84:9b:8d:e3:
2f:da:07:b4:b3:57:48:6d:af:26:ad:4d:00:f4:1a:
b9:9e:a1:d6:77:da:82:1e:59:ef:53:15:27:49:94:
5e:1c:41:6e:89:5e:31:7b:d9:50:2c:6e:2a:5e:41:
06:b6:12:dc:07:2c:10:94:ee:b0:b5:85:07:5b:0f:
46:24:69:47:d0:0d:9f:5f:fa:14:b6:91:60:95:2b:
4d:32:32:2a:b0:fd:34:fc:73:43:2f:14:6e:5e:2b:
8d:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:BF:38:20:D0:C9:E4:6C:53:64:A7:D5:8F:ED:AB:A5:F6:76:8F:69
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0C6B473C9AB011EFA8C5577F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.240.48.0/21
Signature Algorithm: sha256WithRSAEncryption
ae:6c:5b:83:29:74:a9:10:fc:a4:ed:a7:95:11:93:81:02:0d:
4a:5f:79:60:d6:10:0b:99:c7:df:7a:b8:50:a8:55:e1:f0:92:
6d:60:cc:e3:d3:37:de:5e:29:73:fd:ef:67:a8:c2:1c:60:ae:
aa:54:ee:4d:2c:38:2b:66:c6:7d:ad:76:92:e9:bc:f8:de:73:
6f:64:0d:de:e0:5a:01:83:c7:80:f2:05:3c:1f:0e:5d:36:4f:
37:5f:81:88:2e:d6:5c:c3:ca:cd:cd:e2:7a:f3:c3:15:65:ea:
ff:6c:91:0b:0f:d4:45:80:1c:3a:a9:4d:5d:be:6b:4f:75:44:
68:62:4b:83:f7:5b:07:02:c0:09:a6:68:fd:57:7c:e0:9b:92:
6f:67:0c:bc:f2:c6:3e:45:7c:64:d3:72:42:4e:32:1b:bb:3c:
3a:fb:e0:cb:a4:8f:5d:d6:fa:60:d0:44:46:54:e7:57:5f:26:
b2:07:ab:ff:da:6f:dc:eb:04:9c:ad:fd:8f:ba:80:ba:ff:f4:
c9:ab:07:b6:c0:c9:dd:81:d5:09:c9:a7:06:db:ce:e0:70:31:
6b:a0:bd:3d:5e:87:f3:dc:68:64:e1:b9:1a:ea:52:6b:32:18:
54:73:d4:fd:9d:b3:8b:32:2f:98:75:07:1b:7f:59:21:bc:3b:
46:03:c2:b5
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAM26MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTA0MTMyMzU1WhcNMjQxMjAzMTMyMzU1WjAYMRYw
FAYDVQQDEw02NzI4Y2FlZS0zYjYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0WbuBGaZBd+dqIYS4Liaray5Z2al93AlJiXRXI0Y10Pd0kcuWQDggMT2
2GIUiflyN1FsPi5bQxHARvXmDN6BxDEuBcnafQr+hP/sgxE2Pneq5Hy1QOiC2O3b
AJ5K9TZmXVMdBGNy2dhEmwX4Cyqlduzr4lD6XFVhYEd/i8ApUvKNJ805pWPxgLbz
N0Qz9aadjedZ7P679zugBHG+baVheYSbjeMv2ge0s1dIba8mrU0A9Bq5nqHWd9qC
HlnvUxUnSZReHEFuiV4xe9lQLG4qXkEGthLcBywQlO6wtYUHWw9GJGlH0A2fX/oU
tpFglStNMjIqsP00/HNDLxRuXiuN4QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIO/
OCDQyeRsU2Sn1Y/tq6X2do9pMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wQzZCNDczQzlBQjAxMUVGQThDNTU3N0Y3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnPAwMA0GCSqGSIb3DQEBCwUA
A4IBAQCubFuDKXSpEPyk7aeVEZOBAg1KX3lg1hALmcfferhQqFXh8JJtYMzj0zfe
Xilz/e9nqMIcYK6qVO5NLDgrZsZ9rXaS6bz43nNvZA3e4FoBg8eA8gU8Hw5dNk83
X4GILtZcw8rNzeJ688MVZer/bJELD9RFgBw6qU1dvmtPdURoYkuD91sHAsAJpmj9
V3zgm5JvZwy88sY+RXxk03JCTjIbuzw6++DLpI9d1vpg0ERGVOdXXyayB6v/2m/c
6wScrf2PuoC6//TJqwe2wMndgdUJyacG287gcDFroL09Xofz3Ghk4bka6lJrMhhU
c9T9nbOLMi+YdQcbf1khvDtGA8K1
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:19 2024 by rpki-client on console-ams.rpki-client.org