Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/140F993A215B11EF892C0A237DDC24C2.roa
File: 140F993A215B11EF892C0A237DDC24C2.roa (raw, json)
Hash identifier: mGgGs6O1kbQeUHra7iUj98VW8vKRRuhwGc87ewYUo9Y=
Subject key identifier: F7:B9:88:83:E2:AD:EA:E9:C6:9C:A0:85:BD:CB:B8:1D:CC:10:DD:43
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 8E57
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/140F993A215B11EF892C0A237DDC24C2.roa
Signing time: Mon 03 Jun 2024 03:40:53 +0000
ROA not before: Mon 03 Jun 2024 03:40:50 +0000
ROA not after: Thu 05 Dec 2024 03:40:50 +0000
asID: 137406
IP address blocks: 156.225.4.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 36439 (0x8e57)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jun 3 03:40:50 2024 GMT
Not After : Dec 5 03:40:50 2024 GMT
Subject: CN=665d3b45-4e73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:32:f4:f8:0c:03:78:ff:1e:b5:d0:e9:f5:72:
18:d0:d8:03:d0:4e:53:c4:3e:46:72:cc:ef:7f:e5:
5e:9b:57:20:0c:6a:3f:83:d2:56:38:b8:e5:c0:08:
f5:d7:08:2f:43:b3:e5:c9:b3:c4:3a:d3:a4:50:fc:
cf:8d:fa:08:0a:ae:47:6e:87:c1:27:6a:77:b9:56:
64:5d:88:b3:36:0f:62:41:a1:d8:fb:8a:5b:af:77:
bc:e5:11:5c:7f:3a:f2:1e:e7:05:99:cd:f3:ad:73:
2c:52:9e:2c:6c:7d:7a:8c:2a:35:94:24:eb:37:ba:
0b:b5:2e:39:21:da:c2:81:64:b4:e3:41:a7:01:6e:
90:c1:15:94:49:f7:6a:89:8d:0e:93:65:1c:30:01:
18:98:90:d8:7d:3a:0b:d0:51:4e:b1:be:b2:be:11:
e0:89:9e:bd:75:6d:51:be:73:5b:34:5d:6e:d8:ae:
64:4d:a5:d0:ef:f8:3e:ce:b2:51:4f:a8:ff:10:38:
7c:61:ea:e9:2b:a9:49:74:5f:a9:41:09:18:f6:0b:
72:a5:86:4a:65:ad:c1:a9:65:b2:c6:da:10:87:cf:
11:3c:cd:c4:d8:62:14:65:8d:79:3b:09:db:eb:f9:
41:6d:cd:df:38:fb:85:11:54:ec:49:82:fd:81:0d:
db:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:B9:88:83:E2:AD:EA:E9:C6:9C:A0:85:BD:CB:B8:1D:CC:10:DD:43
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/140F993A215B11EF892C0A237DDC24C2.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.4.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:0b:42:62:5a:40:98:e9:0b:2b:62:b9:05:15:97:23:99:44:
81:f4:f3:fc:ad:99:df:a3:7c:d8:0a:71:5a:a4:34:33:23:19:
64:33:c4:ac:fd:83:2c:b3:4b:33:63:b1:2d:45:9b:8a:75:66:
6c:c7:78:9a:9b:45:b7:cb:af:19:b2:52:10:84:ee:01:be:32:
e1:bb:00:95:99:e1:a5:8e:91:87:33:dc:1e:d5:4c:91:94:4c:
1f:a2:03:92:ee:39:6e:dc:ba:dc:66:d8:1b:d9:b8:40:a2:88:
73:e8:14:a0:45:0d:7f:55:24:d3:db:c4:ef:86:22:47:48:30:
36:30:3a:f7:4f:40:56:af:ec:23:61:b0:9b:23:ba:79:05:3d:
76:87:58:0e:c0:b2:fd:1e:0a:2f:08:91:a6:2f:86:93:5a:80:
6c:de:ad:04:fe:7c:3f:17:4f:d8:4a:73:b7:58:92:74:60:d2:
e0:39:09:a0:bf:c0:1b:d2:4b:dc:9e:6b:75:83:2a:b8:aa:7e:
31:37:b7:8f:10:3e:f7:62:b2:1a:7c:e1:3f:cf:fb:66:5b:52:
c5:04:ab:d6:53:d9:03:ff:ae:5e:b4:5b:ec:85:36:e9:82:5d:
17:4b:e7:26:22:1e:e0:cb:f8:11:17:10:6f:d0:55:18:6a:78:
ca:da:33:0f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAI5XMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNjAzMDM0MDUwWhcNMjQxMjA1MDM0MDUwWjAYMRYw
FAYDVQQDEw02NjVkM2I0NS00ZTczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyDL0+AwDeP8etdDp9XIY0NgD0E5TxD5Gcszvf+Vem1cgDGo/g9JWOLjl
wAj11wgvQ7PlybPEOtOkUPzPjfoICq5HbofBJ2p3uVZkXYizNg9iQaHY+4pbr3e8
5RFcfzryHucFmc3zrXMsUp4sbH16jCo1lCTrN7oLtS45IdrCgWS040GnAW6QwRWU
SfdqiY0Ok2UcMAEYmJDYfToL0FFOsb6yvhHgiZ69dW1RvnNbNF1u2K5kTaXQ7/g+
zrJRT6j/EDh8YerpK6lJdF+pQQkY9gtypYZKZa3BqWWyxtoQh88RPM3E2GIUZY15
Ownb6/lBbc3fOPuFEVTsSYL9gQ3bNwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPe5
iIPirerpxpyghb3LuB3MEN1DMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xNDBGOTkzQTIxNUIxMUVGODkyQzBBMjM3RERDMjRDMi5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOEEMA0GCSqGSIb3DQEBCwUA
A4IBAQCuC0JiWkCY6QsrYrkFFZcjmUSB9PP8rZnfo3zYCnFapDQzIxlkM8Ss/YMs
s0szY7EtRZuKdWZsx3iam0W3y68ZslIQhO4BvjLhuwCVmeGljpGHM9we1UyRlEwf
ogOS7jlu3LrcZtgb2bhAoohz6BSgRQ1/VSTT28TvhiJHSDA2MDr3T0BWr+wjYbCb
I7p5BT12h1gOwLL9HgovCJGmL4aTWoBs3q0E/nw/F0/YSnO3WJJ0YNLgOQmgv8Ab
0kvcnmt1gyq4qn4xN7ePED73YrIafOE/z/tmW1LFBKvWU9kD/65etFvshTbpgl0X
S+cmIh7gy/gRFxBv0FUYanjK2jMP
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:20 2024 by rpki-client on console-ams.rpki-client.org