Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/168491D8A58C11EFA3000B8F762E951A.roa
File: 168491D8A58C11EFA3000B8F762E951A.roa (raw, json)
Hash identifier: 81RSq2OAu4VibmKVx3mspYbfDchw6gewDgPyE8AfGCo=
Subject key identifier: B9:EE:3A:04:8D:BF:5D:CD:7B:AE:00:1E:CA:60:9A:CB:56:7F:74:2F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D528
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/168491D8A58C11EFA3000B8F762E951A.roa
Signing time: Mon 18 Nov 2024 09:04:16 +0000
ROA not before: Mon 18 Nov 2024 09:04:12 +0000
ROA not after: Sat 30 Nov 2024 09:04:12 +0000
asID: 398781
IP address blocks: 156.229.128.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 54568 (0xd528)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 18 09:04:12 2024 GMT
Not After : Nov 30 09:04:12 2024 GMT
Subject: CN=673b0310-6e48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:27:cf:72:5d:b8:36:2c:03:31:c7:c9:7d:6c:
86:94:71:70:ec:77:73:fc:ab:9d:54:b7:29:80:60:
8c:33:80:41:37:31:d0:6d:12:e3:d9:85:5b:6c:d5:
63:93:87:2f:25:49:c1:7e:00:c3:2e:7d:28:82:17:
ac:ff:e5:60:02:80:0d:0b:56:93:3c:a0:df:c0:13:
aa:9e:0c:9b:f1:65:e8:9b:71:f3:e9:11:79:47:de:
89:9f:49:41:7d:34:57:a6:d3:ba:16:8c:8c:69:06:
3f:c5:42:a0:0b:8e:7b:f7:cd:7b:b5:73:43:32:92:
6d:af:70:ff:10:d9:2a:57:e1:d5:c9:96:c8:43:ed:
ff:14:68:c6:a8:86:e8:66:09:3e:4e:2c:1b:66:16:
c5:8c:d8:2f:59:58:92:64:c6:7f:1e:b0:38:9c:d3:
a0:4f:d3:3a:b3:8c:d6:2c:4b:ba:ea:3f:15:32:72:
60:db:96:c8:fb:88:4e:7e:c5:c3:5f:f3:87:f2:4c:
36:73:78:66:49:a3:95:af:96:7e:85:8f:86:fb:42:
09:62:ba:ae:43:6d:1f:57:32:e9:0e:1c:0d:98:03:
7e:65:5d:2c:92:8e:04:c6:58:d0:68:0d:13:fa:00:
67:f2:bb:83:a5:99:3e:e4:3e:59:b5:45:24:42:86:
2f:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:EE:3A:04:8D:BF:5D:CD:7B:AE:00:1E:CA:60:9A:CB:56:7F:74:2F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/168491D8A58C11EFA3000B8F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.128.0/20
Signature Algorithm: sha256WithRSAEncryption
19:ba:90:93:79:a5:57:d9:f7:d7:1b:3d:07:20:16:1b:2e:96:
f6:92:88:a2:fc:76:45:11:5c:2a:61:93:0d:a9:e1:7f:e6:4c:
74:55:b9:ee:6f:3d:7f:f7:fb:96:a2:8a:7f:7f:e2:bc:6a:f9:
8a:84:29:87:e0:6a:42:e7:d4:a1:60:c1:b9:df:f4:49:95:38:
a5:af:99:4c:37:3c:88:c9:f6:36:21:3f:ee:b3:d1:9a:25:b0:
2e:43:5d:1b:24:dc:60:e9:f1:e9:d5:db:9c:63:de:0b:ca:8a:
ff:77:d1:13:23:62:7f:11:4d:c9:f2:7b:98:9d:06:4d:d7:3f:
e9:eb:38:83:4a:fa:19:b9:e6:f0:bc:5c:e2:ad:f4:2e:25:2f:
bd:4d:b0:59:49:3b:5d:a0:3e:e0:3e:c1:b5:55:26:2c:13:b9:
df:d9:56:2c:89:0f:4b:df:09:4c:1b:95:33:8a:8c:88:c4:64:
42:cc:ae:cb:9a:75:bf:bd:86:3d:54:1e:63:9f:69:31:be:18:
6a:ad:08:a4:be:c2:f0:07:0b:3d:b1:ad:e5:55:f9:38:50:36:
93:b6:e4:48:0f:19:68:f9:22:b4:92:2e:d9:65:5f:e5:28:47:
f3:cd:35:8f:bb:d9:0e:d5:cf:b2:46:27:0a:56:f8:68:a6:3b:
03:0a:30:d7
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANUoMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTE4MDkwNDEyWhcNMjQxMTMwMDkwNDEyWjAYMRYw
FAYDVQQDEw02NzNiMDMxMC02ZTQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoyfPcl24NiwDMcfJfWyGlHFw7Hdz/KudVLcpgGCMM4BBNzHQbRLj2YVb
bNVjk4cvJUnBfgDDLn0oghes/+VgAoANC1aTPKDfwBOqngyb8WXom3Hz6RF5R96J
n0lBfTRXptO6FoyMaQY/xUKgC4579817tXNDMpJtr3D/ENkqV+HVyZbIQ+3/FGjG
qIboZgk+TiwbZhbFjNgvWViSZMZ/HrA4nNOgT9M6s4zWLEu66j8VMnJg25bI+4hO
fsXDX/OH8kw2c3hmSaOVr5Z+hY+G+0IJYrquQ20fVzLpDhwNmAN+ZV0sko4ExljQ
aA0T+gBn8ruDpZk+5D5ZtUUkQoYv+wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLnu
OgSNv13Ne64AHspgmstWf3QvMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xNjg0OTFEOEE1OEMxMUVGQTMwMDBCOEY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnOWAMA0GCSqGSIb3DQEBCwUA
A4IBAQAZupCTeaVX2ffXGz0HIBYbLpb2koii/HZFEVwqYZMNqeF/5kx0Vbnubz1/
9/uWoop/f+K8avmKhCmH4GpC59ShYMG53/RJlTilr5lMNzyIyfY2IT/us9GaJbAu
Q10bJNxg6fHp1ducY94Lyor/d9ETI2J/EU3J8nuYnQZN1z/p6ziDSvoZuebwvFzi
rfQuJS+9TbBZSTtdoD7gPsG1VSYsE7nf2VYsiQ9L3wlMG5UzioyIxGRCzK7LmnW/
vYY9VB5jn2kxvhhqrQikvsLwBws9sa3lVfk4UDaTtuRIDxlo+SK0ki7ZZV/lKEfz
zTWPu9kO1c+yRicKVvhopjsDCjDX
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:19 2024 by rpki-client on console-fra.rpki-client.org