Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1541F02E951311EFBD9E2B98762E951A.roa
File: 1541F02E951311EFBD9E2B98762E951A.roa (raw, json)
Hash identifier: 6BQbsmC7ME2O5UNkNDxy0DWY3880kWxphC0iSxTCN9I=
Subject key identifier: 2B:36:DB:CD:32:B4:63:8D:E9:79:13:94:88:5E:54:B5:F7:BF:05:D0
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: C942
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1541F02E951311EFBD9E2B98762E951A.roa
Signing time: Mon 28 Oct 2024 09:57:47 +0000
ROA not before: Mon 28 Oct 2024 09:57:43 +0000
ROA not after: Sat 30 Nov 2024 09:57:43 +0000
asID: 203020
IP address blocks: 156.253.216.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 51522 (0xc942)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Oct 28 09:57:43 2024 GMT
Not After : Nov 30 09:57:43 2024 GMT
Subject: CN=671f601a-e2b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:d0:c2:d6:f6:5b:66:be:d7:80:58:ff:26:21:
d8:4a:d6:d5:f1:4b:2d:b3:4f:5c:b3:38:6a:c2:bd:
cd:1c:03:1a:24:6e:85:ef:ab:b2:b7:97:99:ca:fd:
83:bd:29:9f:5f:06:c0:32:68:f7:b5:ee:bd:9c:d8:
6b:70:9d:27:6f:f9:bb:5e:2d:2f:ac:65:cb:5a:63:
08:b7:c0:01:d0:ce:64:ca:ec:ae:57:1e:a6:9d:9d:
78:a7:97:92:58:7b:78:5c:75:51:35:1e:19:f6:8f:
c4:0a:9c:84:cf:9d:ba:77:b7:4b:78:f0:1d:0c:bb:
73:f4:7f:ee:ef:f4:ff:b3:e6:bb:b0:5d:e1:54:8d:
45:29:13:92:c0:d4:ac:46:4d:5e:85:8d:9f:6c:26:
90:a6:b7:53:9d:20:6c:bc:90:4c:6d:26:3d:2f:5e:
bf:be:86:fa:58:09:35:1b:26:1d:26:21:4c:da:76:
36:cc:52:6e:17:4a:ca:7a:b2:94:6c:78:36:72:ea:
ce:55:53:1e:82:14:f8:33:a6:a1:1d:44:44:a0:c9:
6a:cb:7a:9b:13:97:f2:2c:06:a9:43:46:d9:2a:65:
e2:86:d6:a2:51:2c:11:2a:a9:1a:53:f6:e5:0c:96:
35:f1:b5:81:df:bb:fb:3c:77:c2:c9:0a:3f:93:d7:
71:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:36:DB:CD:32:B4:63:8D:E9:79:13:94:88:5E:54:B5:F7:BF:05:D0
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1541F02E951311EFBD9E2B98762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.253.216.0/23
Signature Algorithm: sha256WithRSAEncryption
56:2a:46:2d:6c:55:0c:00:f1:99:fd:fa:17:82:c9:bf:17:8f:
43:da:d5:ec:cf:fb:a6:21:11:e8:57:4a:88:75:d9:61:40:7a:
40:7c:9e:40:f9:be:a4:68:9d:6c:d1:c5:f0:cf:93:d4:03:36:
7e:fa:a0:bb:a8:25:0f:0b:7d:11:b0:6b:b2:91:60:1f:4f:76:
87:b4:ec:a2:b7:f5:fe:e2:15:77:b2:c9:23:6c:92:29:7f:d2:
17:93:eb:d9:30:80:4b:aa:80:5a:71:a5:a0:54:6a:b0:db:48:
f6:0a:13:64:da:0d:5b:79:6f:16:9d:77:22:a4:84:08:d2:18:
d3:6d:e4:d1:61:79:aa:a0:8a:9e:4e:ed:7f:ed:29:67:00:a5:
f3:8c:e1:52:db:c6:21:58:9f:e3:f4:17:04:30:2b:c6:a5:59:
66:6e:4f:f0:e8:2e:ca:e5:88:43:8a:38:3a:0c:27:aa:01:6b:
2c:c6:30:8a:5a:d2:4d:c3:e6:ec:29:96:57:5d:8e:92:74:cc:
4a:c0:d9:29:4d:65:4e:34:09:95:fb:7a:a7:4e:62:89:52:ce:
0b:67:b5:c3:66:7f:8c:6c:9d:d9:81:3d:5d:a2:de:34:4f:1a:
b0:b2:df:bc:4c:db:45:fd:f3:97:52:5a:69:49:06:0e:28:89:
8f:e6:35:4e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAMlCMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMDI4MDk1NzQzWhcNMjQxMTMwMDk1NzQzWjAYMRYw
FAYDVQQDEw02NzFmNjAxYS1lMmI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtdDC1vZbZr7XgFj/JiHYStbV8Usts09cszhqwr3NHAMaJG6F76uyt5eZ
yv2DvSmfXwbAMmj3te69nNhrcJ0nb/m7Xi0vrGXLWmMIt8AB0M5kyuyuVx6mnZ14
p5eSWHt4XHVRNR4Z9o/ECpyEz526d7dLePAdDLtz9H/u7/T/s+a7sF3hVI1FKROS
wNSsRk1ehY2fbCaQprdTnSBsvJBMbSY9L16/vob6WAk1GyYdJiFM2nY2zFJuF0rK
erKUbHg2curOVVMeghT4M6ahHUREoMlqy3qbE5fyLAapQ0bZKmXihtaiUSwRKqka
U/blDJY18bWB37v7PHfCyQo/k9dxJQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCs2
280ytGON6XkTlIheVLX3vwXQMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xNTQxRjAyRTk1MTMxMUVGQkQ5RTJCOTg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnP3YMA0GCSqGSIb3DQEBCwUA
A4IBAQBWKkYtbFUMAPGZ/foXgsm/F49D2tXsz/umIRHoV0qIddlhQHpAfJ5A+b6k
aJ1s0cXwz5PUAzZ++qC7qCUPC30RsGuykWAfT3aHtOyit/X+4hV3sskjbJIpf9IX
k+vZMIBLqoBacaWgVGqw20j2ChNk2g1beW8WnXcipIQI0hjTbeTRYXmqoIqeTu1/
7SlnAKXzjOFS28YhWJ/j9BcEMCvGpVlmbk/w6C7K5YhDijg6DCeqAWssxjCKWtJN
w+bsKZZXXY6SdMxKwNkpTWVONAmV+3qnTmKJUs4LZ7XDZn+MbJ3ZgT1dot40Txqw
st+8TNtF/fOXUlppSQYOKImP5jVO
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:19 2024 by rpki-client on console-fra.rpki-client.org