Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1547BC4C5EF011EFAAA6CA89762E951A.roa
File: 1547BC4C5EF011EFAAA6CA89762E951A.roa (raw, json)
Hash identifier: mU/D2iNFtd+dYqPlrz1RA6FMpuIS258qNACRA13ZMDs=
Subject key identifier: 27:61:4A:D4:B5:C3:A9:7E:32:6D:91:B6:8F:80:F4:A8:A2:B4:70:7A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: A9D0
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1547BC4C5EF011EFAAA6CA89762E951A.roa
Signing time: Tue 20 Aug 2024 12:31:11 +0000
ROA not before: Tue 20 Aug 2024 12:31:08 +0000
ROA not after: Tue 27 May 2025 12:31:08 +0000
asID: 399077
IP address blocks: 156.251.39.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43472 (0xa9d0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Aug 20 12:31:08 2024 GMT
Not After : May 27 12:31:08 2025 GMT
Subject: CN=66c48c8f-6518
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:27:ae:af:8e:9c:a5:1c:f0:6e:73:27:4a:3e:
ce:96:28:4c:65:25:2b:8a:d5:9a:81:1e:7c:3b:9e:
de:cf:d2:71:21:30:22:af:83:3b:a1:cb:aa:2c:53:
12:43:1c:f3:45:2b:08:36:01:fc:eb:ac:9c:18:b6:
6c:c0:0f:55:8f:69:60:ec:4a:12:e6:6c:3b:e3:78:
c2:9f:72:79:e7:39:12:92:5a:70:e7:95:65:d9:16:
ad:be:f2:9a:3f:4b:66:d6:cd:99:bd:58:64:97:60:
4c:43:a7:4d:ca:ba:06:e5:05:39:f2:2c:d9:41:c2:
df:02:d3:04:90:50:e9:21:ab:72:54:98:a9:ee:fa:
0d:b1:aa:ec:90:c8:ea:8c:f4:65:b1:2e:87:bd:45:
0a:05:b0:3e:eb:40:7c:79:c5:3a:30:f6:ad:07:fb:
8c:74:98:64:ef:b6:ac:6b:08:9c:06:1a:22:b3:a7:
9c:e5:ae:b5:a2:ab:0c:b7:16:d2:85:ab:57:7f:39:
ca:d0:a1:9b:27:47:7c:41:a8:ae:2b:12:d6:71:d2:
cd:e1:8f:22:7a:0b:2b:0b:da:a2:0c:f9:96:c2:b0:
b2:a7:fd:95:a1:2a:9c:2c:6c:0f:2c:f1:bd:31:42:
f7:a8:19:21:fc:f2:c4:57:1f:be:cf:e4:ef:b7:ca:
0f:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:61:4A:D4:B5:C3:A9:7E:32:6D:91:B6:8F:80:F4:A8:A2:B4:70:7A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1547BC4C5EF011EFAAA6CA89762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.251.39.0/24
Signature Algorithm: sha256WithRSAEncryption
91:79:33:7b:30:87:ac:34:6c:69:23:ab:a3:08:3e:18:55:ef:
30:62:e5:32:a9:a5:cc:45:e8:a9:68:dd:8e:c5:63:9a:f4:9a:
25:73:89:e2:fe:7d:bc:61:6a:2f:37:c7:1a:4e:88:66:e8:cc:
7f:d4:da:d5:3b:b4:8e:3b:e5:fa:95:a4:96:49:8a:88:49:75:
ea:db:b2:4f:d8:ac:09:9b:af:db:f5:68:a1:e4:82:ca:c1:dd:
be:b3:df:c9:9a:2b:0e:bb:48:bd:c9:0f:0f:91:44:a8:f5:cd:
22:a7:f3:d9:12:96:7e:01:98:4f:8b:d2:c4:28:c5:15:45:13:
c8:3f:a0:ac:90:74:ad:18:c1:d5:f2:5d:58:36:ce:1e:99:7e:
f2:df:df:ea:41:53:b1:50:06:0b:a6:ed:f7:4f:b7:1f:7a:04:
bc:69:17:9c:2e:d7:74:a9:dd:4b:28:8e:2d:31:e5:1a:21:01:
06:ce:a6:c5:86:ca:bf:a9:b2:3c:af:0a:55:c4:8c:97:6c:2a:
3d:45:4d:cc:5d:e7:cb:00:d3:f1:c1:aa:74:a4:e1:8b:59:3a:
d6:d7:a0:c6:f6:b0:b2:3c:b8:bb:0d:61:79:65:b9:bd:05:3f:
f8:9c:4b:c4:48:ba:6f:bd:8a:92:f3:f4:02:b0:ff:c8:b2:36:
4c:b8:f7:70
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAKnQMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwODIwMTIzMTA4WhcNMjUwNTI3MTIzMTA4WjAYMRYw
FAYDVQQDEw02NmM0OGM4Zi02NTE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvCeur46cpRzwbnMnSj7OlihMZSUritWagR58O57ez9JxITAir4M7ocuq
LFMSQxzzRSsINgH866ycGLZswA9Vj2lg7EoS5mw743jCn3J55zkSklpw55Vl2Rat
vvKaP0tm1s2ZvVhkl2BMQ6dNyroG5QU58izZQcLfAtMEkFDpIatyVJip7voNsars
kMjqjPRlsS6HvUUKBbA+60B8ecU6MPatB/uMdJhk77asawicBhois6ec5a61oqsM
txbShatXfznK0KGbJ0d8QaiuKxLWcdLN4Y8iegsrC9qiDPmWwrCyp/2VoSqcLGwP
LPG9MUL3qBkh/PLEVx++z+Tvt8oPlQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCdh
StS1w6l+Mm2Rto+A9KiitHB6MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xNTQ3QkM0QzVFRjAxMUVGQUFBNkNBODk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPsnMA0GCSqGSIb3DQEBCwUA
A4IBAQCReTN7MIesNGxpI6ujCD4YVe8wYuUyqaXMReipaN2OxWOa9Jolc4ni/n28
YWovN8caTohm6Mx/1NrVO7SOO+X6laSWSYqISXXq27JP2KwJm6/b9Wih5ILKwd2+
s9/JmisOu0i9yQ8PkUSo9c0ip/PZEpZ+AZhPi9LEKMUVRRPIP6CskHStGMHV8l1Y
Ns4emX7y39/qQVOxUAYLpu33T7cfegS8aRecLtd0qd1LKI4tMeUaIQEGzqbFhsq/
qbI8rwpVxIyXbCo9RU3MXefLANPxwap0pOGLWTrW16DG9rCyPLi7DWF5Zbm9BT/4
nEvESLpvvYqS8/QCsP/IsjZMuPdw
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:20 2024 by rpki-client on console-ams.rpki-client.org