Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0F05A97A9B8B11EFA8918B65762E951A.roa
File: 0F05A97A9B8B11EFA8918B65762E951A.roa (raw, json)
Hash identifier: dyPX6jkQEcYgTDLxVmmKTtqJ40DDdhd2PXUOsDmavmA=
Subject key identifier: 6F:E0:05:87:90:37:1B:C9:98:08:88:B3:A6:57:39:15:1A:8E:93:45
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: CEE7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0F05A97A9B8B11EFA8918B65762E951A.roa
Signing time: Tue 05 Nov 2024 15:31:43 +0000
ROA not before: Tue 05 Nov 2024 15:31:39 +0000
ROA not after: Wed 04 Dec 2024 15:31:39 +0000
asID: 200373
IP address blocks: 156.228.112.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 52967 (0xcee7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 5 15:31:39 2024 GMT
Not After : Dec 4 15:31:39 2024 GMT
Subject: CN=672a3a5f-ccd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:d4:9e:25:10:fc:f2:ee:94:e1:ee:6a:f7:74:
47:62:34:c8:25:0b:ed:2c:74:03:31:32:f7:31:5b:
9d:0b:e0:71:b0:7c:5b:a2:c1:f2:5e:92:9f:03:b3:
ad:7c:f2:af:a2:fc:b7:b6:b6:34:8e:2e:4d:e6:24:
1a:3b:3b:89:7a:ae:9e:c8:c5:b4:68:2d:db:cf:da:
6b:3c:b7:71:e0:50:c7:ec:51:72:28:51:2e:b1:9c:
d1:4d:5b:e3:ff:1b:b1:15:69:d4:c7:f9:0b:bd:db:
89:44:4e:c8:c2:41:02:13:03:6b:91:4a:f9:95:42:
71:d9:4e:7d:1d:40:3a:c7:fd:6d:fa:49:28:f8:7d:
4a:57:64:65:a1:1b:f1:aa:82:95:69:dd:f1:e7:22:
39:81:43:20:13:41:e3:2e:b4:88:74:46:1b:80:cf:
47:9c:3f:2b:84:f3:96:ee:98:18:35:f3:52:e3:f7:
cb:11:4a:e1:7b:f3:c6:a4:64:2a:3e:dc:b8:36:2e:
ca:0f:01:22:6a:82:ec:7c:49:c4:47:e8:fa:45:bf:
0d:d2:f0:15:49:d4:a2:0e:4b:c0:b6:8f:e9:92:3a:
45:97:26:2b:3d:43:31:e5:87:78:16:84:9a:db:dc:
51:2f:29:fe:aa:f4:1c:60:9c:e4:36:2f:63:e9:70:
2e:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:E0:05:87:90:37:1B:C9:98:08:88:B3:A6:57:39:15:1A:8E:93:45
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0F05A97A9B8B11EFA8918B65762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.112.0/21
Signature Algorithm: sha256WithRSAEncryption
60:50:88:f6:d6:2d:4a:f1:32:63:73:ef:f3:00:a3:3b:85:18:
dd:12:5c:0d:c8:f2:e6:b3:8d:58:4c:64:e1:c2:e1:47:49:77:
76:11:f6:2d:e5:85:4a:eb:74:ac:aa:d6:b4:ff:e8:04:b9:d7:
a3:01:ab:ed:48:16:a9:46:b7:ef:43:36:dd:71:a1:85:d7:49:
cc:31:49:8f:3c:0f:ca:f6:de:81:cb:29:2f:ad:13:f0:ac:1b:
a6:ef:db:e1:45:a5:10:3d:9a:42:cc:f0:a5:0f:5d:2b:fb:c3:
40:64:fa:60:74:64:32:a7:6c:a7:81:2c:d9:6e:25:83:eb:00:
ac:aa:72:78:01:0b:3a:e7:54:df:31:e8:ce:41:e4:90:a0:90:
dd:71:65:93:b7:34:a7:2e:8e:b0:d9:b9:e9:68:de:31:2f:f2:
26:37:a8:98:64:80:ea:8c:2b:c2:3c:30:7e:39:05:5b:09:38:
02:c0:64:73:45:34:93:e9:8f:86:49:85:0d:2e:b5:58:c5:39:
5b:f5:a6:5e:45:49:fc:7b:fb:bc:f3:d6:12:b6:64:84:0e:72:
04:dd:9d:7f:a7:de:0b:ac:b9:3d:a4:b5:a2:ac:59:e4:6a:2d:
55:20:f9:4b:59:21:98:c4:02:91:2b:e8:51:a8:cd:e9:7b:c5:
e0:7a:e9:32
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAM7nMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTA1MTUzMTM5WhcNMjQxMjA0MTUzMTM5WjAYMRYw
FAYDVQQDEw02NzJhM2E1Zi1jY2QzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwtSeJRD88u6U4e5q93RHYjTIJQvtLHQDMTL3MVudC+BxsHxbosHyXpKf
A7OtfPKvovy3trY0ji5N5iQaOzuJeq6eyMW0aC3bz9prPLdx4FDH7FFyKFEusZzR
TVvj/xuxFWnUx/kLvduJRE7IwkECEwNrkUr5lUJx2U59HUA6x/1t+kko+H1KV2Rl
oRvxqoKVad3x5yI5gUMgE0HjLrSIdEYbgM9HnD8rhPOW7pgYNfNS4/fLEUrhe/PG
pGQqPty4Ni7KDwEiaoLsfEnER+j6Rb8N0vAVSdSiDkvAto/pkjpFlyYrPUMx5Yd4
FoSa29xRLyn+qvQcYJzkNi9j6XAu9wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFG/g
BYeQNxvJmAiIs6ZXORUajpNFMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wRjA1QTk3QTlCOEIxMUVGQTg5MThCNjU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnORwMA0GCSqGSIb3DQEBCwUA
A4IBAQBgUIj21i1K8TJjc+/zAKM7hRjdElwNyPLms41YTGThwuFHSXd2EfYt5YVK
63Ssqta0/+gEudejAavtSBapRrfvQzbdcaGF10nMMUmPPA/K9t6ByykvrRPwrBum
79vhRaUQPZpCzPClD10r+8NAZPpgdGQyp2yngSzZbiWD6wCsqnJ4AQs651TfMejO
QeSQoJDdcWWTtzSnLo6w2bnpaN4xL/ImN6iYZIDqjCvCPDB+OQVbCTgCwGRzRTST
6Y+GSYUNLrVYxTlb9aZeRUn8e/u889YStmSEDnIE3Z1/p94LrLk9pLWirFnkai1V
IPlLWSGYxAKRK+hRqM3pe8Xgeuky
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:19 2024 by rpki-client on console-ams.rpki-client.org