Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0D7FBCB29F7D11EF94E96EBC762E951A.roa
File: 0D7FBCB29F7D11EF94E96EBC762E951A.roa (raw, json)
Hash identifier: HvcCbSoh6FY4Zg7FQRvmVxUa65+vLi69nNmpFOJSc18=
Subject key identifier: DF:65:B5:3A:18:16:83:BC:58:DE:F3:B6:7B:1F:1A:B4:C6:4E:C4:DD
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D0F8
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0D7FBCB29F7D11EF94E96EBC762E951A.roa
Signing time: Sun 10 Nov 2024 16:01:32 +0000
ROA not before: Sun 10 Nov 2024 16:01:28 +0000
ROA not after: Wed 21 May 2025 16:01:28 +0000
asID: 26617
IP address blocks: 156.240.60.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 53496 (0xd0f8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 10 16:01:28 2024 GMT
Not After : May 21 16:01:28 2025 GMT
Subject: CN=6730d8dc-ee49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:8d:6f:98:cc:27:02:12:c8:df:7d:69:fd:d8:
5e:52:a0:04:4f:27:77:9b:52:89:cf:3c:38:80:0a:
aa:d7:f2:ad:8f:50:73:52:82:03:cd:66:01:a6:32:
4b:01:85:d8:9c:05:7a:3a:2e:c8:6f:69:33:2d:a7:
f0:34:15:1f:a6:94:1b:17:fc:7e:14:7b:bc:0a:3a:
9d:26:e1:ee:9c:41:ee:a7:f5:8d:3b:1c:78:c3:91:
b1:8c:59:71:5f:6c:d3:c9:aa:57:a2:28:80:55:f2:
56:1c:d3:45:7e:6c:f8:a9:1d:66:50:be:9d:86:54:
3a:c1:2d:19:70:0a:a8:02:ca:8b:23:70:2c:ec:e6:
7c:7e:00:dd:c3:22:be:1e:e5:2c:9b:fa:5c:3f:67:
75:74:00:75:eb:14:7a:42:7f:4d:67:0f:af:62:43:
43:43:31:25:cb:63:fb:d1:3f:80:07:8b:7c:04:2d:
5d:22:81:34:5c:4c:8a:8d:c9:12:78:a7:24:7f:0f:
37:a8:ad:e6:1f:b1:cf:a4:0b:ea:85:7f:7f:99:d6:
50:5e:e1:5d:c3:eb:74:c2:19:d9:fb:81:4e:e6:06:
6c:77:4f:7b:f1:ba:3c:ba:75:ee:8c:c1:8b:f9:df:
a0:c7:2b:4b:2c:92:43:8d:33:a5:35:7a:3c:be:a7:
df:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:65:B5:3A:18:16:83:BC:58:DE:F3:B6:7B:1F:1A:B4:C6:4E:C4:DD
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0D7FBCB29F7D11EF94E96EBC762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.240.60.0/23
Signature Algorithm: sha256WithRSAEncryption
93:41:ca:84:53:17:a1:53:ff:e5:65:70:cc:89:b1:7a:2c:73:
dc:7f:8f:ca:24:81:00:4b:c1:fb:50:08:57:cd:4d:2b:f0:02:
8c:5b:cd:4e:67:12:43:35:c8:1a:3e:60:66:c2:94:12:d1:d8:
11:77:8e:82:3b:fd:03:48:21:82:38:5d:c7:48:48:35:8c:13:
a5:fd:99:66:e4:0c:41:ca:67:ed:b6:46:32:f0:67:f3:f3:84:
00:0f:ca:d7:9f:71:99:39:5d:1d:a9:d1:78:c5:04:33:08:f7:
39:55:0f:06:2c:63:93:b7:ef:22:d3:3c:f1:a6:40:95:a8:0d:
7f:71:0b:21:21:4b:28:eb:e8:12:28:70:82:63:a4:6a:52:0e:
ee:b8:a8:d5:ad:ab:72:bd:50:32:49:2e:48:84:8b:de:18:0d:
93:69:fa:3c:06:1e:5d:5c:51:bd:0a:6c:45:ee:fa:90:df:a7:
98:9d:60:48:ae:f9:6d:d7:e4:b9:f2:26:67:c5:46:99:5e:29:
b4:be:b7:51:d8:a6:f3:0b:00:94:8c:90:78:ef:26:e2:46:b6:
3e:2b:c3:5f:e8:8c:f1:3d:a8:bd:8a:8a:a2:c2:62:ce:f4:f1:
2c:d4:9b:79:d1:e1:23:a2:61:94:d7:15:da:12:0e:fb:9a:50:
e9:f5:a4:0b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAND4MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTEwMTYwMTI4WhcNMjUwNTIxMTYwMTI4WjAYMRYw
FAYDVQQDEw02NzMwZDhkYy1lZTQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvY1vmMwnAhLI331p/dheUqAETyd3m1KJzzw4gAqq1/Ktj1BzUoIDzWYB
pjJLAYXYnAV6Oi7Ib2kzLafwNBUfppQbF/x+FHu8CjqdJuHunEHup/WNOxx4w5Gx
jFlxX2zTyapXoiiAVfJWHNNFfmz4qR1mUL6dhlQ6wS0ZcAqoAsqLI3As7OZ8fgDd
wyK+HuUsm/pcP2d1dAB16xR6Qn9NZw+vYkNDQzEly2P70T+AB4t8BC1dIoE0XEyK
jckSeKckfw83qK3mH7HPpAvqhX9/mdZQXuFdw+t0whnZ+4FO5gZsd0978bo8unXu
jMGL+d+gxytLLJJDjTOlNXo8vqffYQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFN9l
tToYFoO8WN7ztnsfGrTGTsTdMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wRDdGQkNCMjlGN0QxMUVGOTRFOTZFQkM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnPA8MA0GCSqGSIb3DQEBCwUA
A4IBAQCTQcqEUxehU//lZXDMibF6LHPcf4/KJIEAS8H7UAhXzU0r8AKMW81OZxJD
NcgaPmBmwpQS0dgRd46CO/0DSCGCOF3HSEg1jBOl/Zlm5AxBymfttkYy8Gfz84QA
D8rXn3GZOV0dqdF4xQQzCPc5VQ8GLGOTt+8i0zzxpkCVqA1/cQshIUso6+gSKHCC
Y6RqUg7uuKjVratyvVAySS5IhIveGA2Tafo8Bh5dXFG9CmxF7vqQ36eYnWBIrvlt
1+S58iZnxUaZXim0vrdR2KbzCwCUjJB47ybiRrY+K8Nf6IzxPai9ioqiwmLO9PEs
1Jt50eEjomGU1xXaEg77mlDp9aQL
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:19 2024 by rpki-client on console-ams.rpki-client.org