Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/17E30BC0A19211EFA1A23C86762E951A.roa
File: 17E30BC0A19211EFA1A23C86762E951A.roa (raw, json)
Hash identifier: buNOg1uQ0wprJ+v2MgDGDappWgc2939AtQHIFC+eKsk=
Subject key identifier: 9C:6A:B9:2E:7D:27:F7:57:7F:F1:A5:EF:BC:5F:11:0B:75:B3:1E:89
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D22C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/17E30BC0A19211EFA1A23C86762E951A.roa
Signing time: Wed 13 Nov 2024 07:37:11 +0000
ROA not before: Wed 13 Nov 2024 07:37:07 +0000
ROA not after: Mon 16 Dec 2024 07:37:07 +0000
asID: 203020
IP address blocks: 156.251.112.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 53804 (0xd22c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 13 07:37:07 2024 GMT
Not After : Dec 16 07:37:07 2024 GMT
Subject: CN=67345727-480f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:8e:25:10:90:0d:3d:bd:06:12:ac:ef:01:ea:
6f:33:3a:05:f0:25:78:63:ab:4c:8f:4f:0a:6f:53:
e0:1f:ad:05:e0:32:ac:1d:e4:60:45:61:0b:af:5a:
3a:e7:86:e1:b2:45:80:b9:df:ed:13:df:f6:4e:ce:
2a:ec:70:87:1b:36:2b:2e:4e:48:0b:61:3a:3e:fb:
b1:62:fa:64:e2:85:0d:57:ea:19:b2:55:b4:44:88:
88:5b:c0:b3:97:99:9c:f0:d2:6e:92:d5:a6:01:cb:
68:d5:9b:8b:db:f6:17:4f:42:bc:c6:a6:e7:5d:50:
5e:ac:d3:fc:87:73:7d:03:82:4b:f9:58:3c:4e:d2:
37:7c:be:f3:7c:bf:de:3d:45:fd:9f:78:19:e7:29:
58:cd:83:16:29:ed:f9:72:2d:a9:b0:55:c4:58:09:
31:3f:71:78:12:d4:6e:87:33:38:cb:b2:15:2d:9a:
6a:89:45:dd:c1:b4:4d:2e:b1:90:9e:30:c9:c8:3b:
0a:84:9f:b6:a7:0c:9a:2f:8b:fe:4e:42:7a:c5:1e:
a9:e2:32:a6:fe:3c:01:a7:60:d1:50:39:96:10:15:
3f:a7:25:c8:47:a8:53:fe:eb:bf:15:6e:c4:d7:ab:
0a:bc:ce:43:cd:7c:44:f5:b3:9e:dd:e3:91:f1:86:
8f:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:6A:B9:2E:7D:27:F7:57:7F:F1:A5:EF:BC:5F:11:0B:75:B3:1E:89
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/17E30BC0A19211EFA1A23C86762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.251.112.0/21
Signature Algorithm: sha256WithRSAEncryption
06:b7:5c:4a:2e:e4:0f:63:15:e2:8b:72:4d:a0:2b:5a:93:c7:
45:63:21:ce:94:24:35:59:8a:11:53:75:e4:23:2c:6b:6c:bf:
ce:cd:06:88:7f:63:21:1c:cb:22:90:ae:91:ee:7b:bd:ba:c6:
e7:3f:dc:c5:41:43:d1:dc:0f:5d:aa:27:9c:90:86:30:10:64:
33:04:0a:db:81:22:71:da:81:ed:f0:b8:d4:43:58:75:9c:76:
73:c1:87:0a:03:5e:e6:9e:6f:80:e3:0b:d8:5c:72:aa:ec:1f:
b2:2b:0d:97:c1:b2:7c:df:8d:d4:50:dd:9e:04:30:d7:26:05:
80:49:56:21:4c:e0:77:e3:dd:63:4a:d6:65:7f:31:5b:cf:61:
6f:ad:63:18:54:71:ec:5f:d4:42:b3:f8:cf:db:c3:59:ef:9b:
5c:65:f8:07:c5:c0:43:2f:2c:32:8f:cb:3e:f1:1a:3a:c1:06:
88:b8:ae:00:b2:03:37:ec:f6:04:0b:2f:14:13:b1:f2:cb:d1:
16:d5:08:36:93:d9:af:f7:b7:69:ed:07:d0:bc:da:fc:10:57:
93:fc:9e:69:73:d6:b2:ad:f7:ed:95:ab:c6:b8:71:69:fb:0f:
2c:6d:3a:25:40:3c:88:8c:a3:2f:74:86:24:37:2f:d1:ea:64:
55:95:56:1f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANIsMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTEzMDczNzA3WhcNMjQxMjE2MDczNzA3WjAYMRYw
FAYDVQQDEw02NzM0NTcyNy00ODBmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA244lEJANPb0GEqzvAepvMzoF8CV4Y6tMj08Kb1PgH60F4DKsHeRgRWEL
r1o654bhskWAud/tE9/2Ts4q7HCHGzYrLk5IC2E6PvuxYvpk4oUNV+oZslW0RIiI
W8Czl5mc8NJuktWmActo1ZuL2/YXT0K8xqbnXVBerNP8h3N9A4JL+Vg8TtI3fL7z
fL/ePUX9n3gZ5ylYzYMWKe35ci2psFXEWAkxP3F4EtRuhzM4y7IVLZpqiUXdwbRN
LrGQnjDJyDsKhJ+2pwyaL4v+TkJ6xR6p4jKm/jwBp2DRUDmWEBU/pyXIR6hT/uu/
FW7E16sKvM5DzXxE9bOe3eOR8YaPIQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJxq
uS59J/dXf/Gl77xfEQt1sx6JMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xN0UzMEJDMEExOTIxMUVGQTFBMjNDODY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnPtwMA0GCSqGSIb3DQEBCwUA
A4IBAQAGt1xKLuQPYxXii3JNoCtak8dFYyHOlCQ1WYoRU3XkIyxrbL/OzQaIf2Mh
HMsikK6R7nu9usbnP9zFQUPR3A9dqieckIYwEGQzBArbgSJx2oHt8LjUQ1h1nHZz
wYcKA17mnm+A4wvYXHKq7B+yKw2XwbJ8343UUN2eBDDXJgWASVYhTOB3491jStZl
fzFbz2FvrWMYVHHsX9RCs/jP28NZ75tcZfgHxcBDLywyj8s+8Ro6wQaIuK4AsgM3
7PYECy8UE7Hyy9EW1Qg2k9mv97dp7QfQvNr8EFeT/J5pc9ayrfftlavGuHFp+w8s
bTolQDyIjKMvdIYkNy/R6mRVlVYf
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:19 2024 by rpki-client on console-fra.rpki-client.org