Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/105DE5EE766A11EFA6A83D64762E951A.roa
File: 105DE5EE766A11EFA6A83D64762E951A.roa (raw, json)
Hash identifier: PZm3xEUTY2NRiSRkNCaETy2aLWmm7OgDV6C2MsdGi1I=
Subject key identifier: 99:9D:75:42:EB:97:FE:09:F8:C4:DF:FC:8E:7C:35:40:A7:F7:C2:2B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: B817
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/105DE5EE766A11EFA6A83D64762E951A.roa
Signing time: Thu 19 Sep 2024 09:32:19 +0000
ROA not before: Thu 19 Sep 2024 09:32:13 +0000
ROA not after: Fri 08 Aug 2025 09:32:13 +0000
asID: 133199
IP address blocks: 156.245.24.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 47127 (0xb817)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 19 09:32:13 2024 GMT
Not After : Aug 8 09:32:13 2025 GMT
Subject: CN=66ebefa2-492b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:fc:64:3b:7c:e6:4b:a6:cc:51:d5:85:ab:64:
e3:1f:85:1f:4b:e0:fc:6c:a0:d8:27:57:4d:e3:eb:
b4:d2:49:19:38:41:a8:99:ff:c9:79:ee:ad:7b:59:
43:d9:f3:e6:bc:4c:7d:00:4c:56:80:51:12:19:17:
62:0c:2b:78:ba:ba:2e:7a:27:a8:8a:8f:8c:f2:28:
34:d0:7f:af:8c:d9:86:7e:a5:d3:2f:8c:5e:ec:c8:
f5:1d:95:39:bb:ab:08:96:01:41:84:62:c5:26:85:
bc:17:29:c4:e9:d3:dc:21:e1:9c:d1:95:b4:ed:a9:
d9:70:4a:06:ed:2f:e8:f4:d5:9b:25:6f:04:1c:20:
dc:75:ee:a6:c2:d6:0e:fd:d2:11:e9:14:b5:e2:df:
03:02:7d:3e:6e:d4:d0:c9:41:3c:77:6a:b2:69:d1:
d8:09:be:8b:48:3e:f6:69:8b:7e:31:23:1b:43:20:
ae:7b:4a:87:c1:42:53:dc:fc:11:ca:08:89:f4:4e:
6c:8b:26:9e:98:0c:0d:25:ba:e2:fb:bf:11:bc:e6:
c8:1b:19:52:fa:2d:2f:0b:56:3e:e8:bd:30:42:d6:
f9:72:d3:a9:ee:8c:4b:a5:ed:50:83:ba:a1:f5:f6:
53:fb:f4:5b:dd:14:fc:20:01:39:5a:04:1f:82:18:
09:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:9D:75:42:EB:97:FE:09:F8:C4:DF:FC:8E:7C:35:40:A7:F7:C2:2B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/105DE5EE766A11EFA6A83D64762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.245.24.0/22
Signature Algorithm: sha256WithRSAEncryption
bb:52:7c:74:1c:7d:0c:d6:4a:86:ad:55:5c:bc:e2:e4:2f:01:
a6:21:c8:71:18:d6:80:af:84:e0:77:36:1b:85:ec:80:d1:48:
92:6c:a2:28:d6:db:38:e0:e5:01:58:54:48:4b:5d:a6:b9:a2:
21:f3:24:11:8a:2f:25:62:93:a1:3c:e1:a1:4b:e6:f3:bc:d1:
a7:1b:bc:6f:92:68:f0:10:ad:e9:75:8f:e4:9b:34:0e:7d:6a:
67:f9:a8:b1:26:c7:61:26:c1:90:aa:1e:30:47:fa:ff:58:64:
a6:bb:2d:a5:d5:62:cd:01:6e:c7:b3:81:51:2b:61:03:0c:fe:
23:3d:e7:5d:04:04:79:19:72:23:70:98:af:b4:85:37:be:75:
b4:7e:04:b9:90:e0:02:a3:4c:14:94:e8:37:22:cf:17:72:e5:
af:f9:b8:19:94:d5:b6:cc:d0:e3:5a:67:b5:aa:05:91:13:76:
95:29:1f:2b:72:e8:5d:11:03:80:c4:a1:de:e2:8b:82:15:14:
74:36:cd:81:4f:bc:5b:02:a9:60:65:4e:34:b6:69:5b:18:f4:
7f:3e:0e:4a:ff:7b:42:d6:8c:80:84:43:34:3f:31:93:6b:d5:
a8:80:73:15:4e:32:53:77:30:bc:6d:a0:fc:33:b3:1d:00:f5:
44:9a:57:ea
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDALgXMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwOTE5MDkzMjEzWhcNMjUwODA4MDkzMjEzWjAYMRYw
FAYDVQQDEw02NmViZWZhMi00OTJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv/xkO3zmS6bMUdWFq2TjH4UfS+D8bKDYJ1dN4+u00kkZOEGomf/Jee6t
e1lD2fPmvEx9AExWgFESGRdiDCt4uroueieoio+M8ig00H+vjNmGfqXTL4xe7Mj1
HZU5u6sIlgFBhGLFJoW8FynE6dPcIeGc0ZW07anZcEoG7S/o9NWbJW8EHCDcde6m
wtYO/dIR6RS14t8DAn0+btTQyUE8d2qyadHYCb6LSD72aYt+MSMbQyCue0qHwUJT
3PwRygiJ9E5siyaemAwNJbri+78RvObIGxlS+i0vC1Y+6L0wQtb5ctOp7oxLpe1Q
g7qh9fZT+/Rb3RT8IAE5WgQfghgJ0wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJmd
dULrl/4J+MTf/I58NUCn98IrMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xMDVERTVFRTc2NkExMUVGQTZBODNENjQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnPUYMA0GCSqGSIb3DQEBCwUA
A4IBAQC7Unx0HH0M1kqGrVVcvOLkLwGmIchxGNaAr4TgdzYbheyA0UiSbKIo1ts4
4OUBWFRIS12muaIh8yQRii8lYpOhPOGhS+bzvNGnG7xvkmjwEK3pdY/kmzQOfWpn
+aixJsdhJsGQqh4wR/r/WGSmuy2l1WLNAW7Hs4FRK2EDDP4jPeddBAR5GXIjcJiv
tIU3vnW0fgS5kOACo0wUlOg3Is8XcuWv+bgZlNW2zNDjWme1qgWRE3aVKR8rcuhd
EQOAxKHe4ouCFRR0Ns2BT7xbAqlgZU40tmlbGPR/Pg5K/3tC1oyAhEM0PzGTa9Wo
gHMVTjJTdzC8baD8M7MdAPVEmlfq
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:20 2024 by rpki-client on console-ams.rpki-client.org