Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1EB7F2B4B3E211EFB56ED458762E951A.roa
File: 1EB7F2B4B3E211EFB56ED458762E951A.roa (raw, json)
Hash identifier: HtzZA7JW7kvVyeefJbTR6nE3xa4fiA0PicM8okUQVRk=
Subject key identifier: AC:1C:D8:72:99:CB:35:3F:8A:FD:F4:58:4D:D5:4F:DC:49:BB:F3:26
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E081
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1EB7F2B4B3E211EFB56ED458762E951A.roa
Signing time: Fri 06 Dec 2024 14:55:23 +0000
ROA not before: Fri 06 Dec 2024 14:55:19 +0000
ROA not after: Mon 28 Apr 2025 14:55:19 +0000
asID: 9009
IP address blocks: 156.246.32.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 28 Dec 2024 00:21:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57473 (0xe081)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Dec 6 14:55:19 2024 GMT
Not After : Apr 28 14:55:19 2025 GMT
Subject: CN=6753105b-bcb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:2e:92:ee:03:7e:a4:be:ef:ea:3b:36:99:21:
71:35:03:49:e8:7f:ae:0d:3f:29:ef:78:cf:ed:0b:
b1:88:2c:ad:94:2b:7f:60:98:18:7e:5a:d8:30:fa:
46:a3:11:18:e9:ec:e1:53:67:8c:a8:35:70:e3:f1:
2b:14:74:dc:33:ad:5f:30:31:7f:c7:2d:1f:8b:46:
ce:90:83:c4:e7:77:7a:a1:fe:06:b1:41:1d:78:14:
a7:54:c1:86:7a:6c:b4:71:d4:91:5a:f5:b4:b2:7d:
73:c7:e7:0f:76:30:9a:10:5f:7a:84:f7:df:20:a7:
d7:be:a7:81:e4:58:d6:79:68:d3:d7:3c:ce:a6:53:
5f:cc:98:80:4f:0f:68:a5:5a:c5:2b:0a:b5:52:16:
dc:55:30:38:fe:53:d3:7d:12:7a:42:64:43:7f:52:
4f:7f:c2:c5:98:2c:af:cc:16:19:b8:81:92:69:ae:
27:81:e2:28:fa:a1:e3:28:d3:5e:82:13:6c:e3:43:
86:9a:d2:ef:6d:86:44:02:4f:85:b1:aa:59:a3:27:
5c:18:24:52:ca:f7:17:52:04:1f:8a:81:42:d6:78:
05:35:e3:18:1a:c8:36:b2:05:45:08:37:be:81:83:
42:25:fa:98:6e:57:36:7f:1a:72:c4:6d:dc:25:73:
1f:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:1C:D8:72:99:CB:35:3F:8A:FD:F4:58:4D:D5:4F:DC:49:BB:F3:26
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1EB7F2B4B3E211EFB56ED458762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.246.32.0/19
Signature Algorithm: sha256WithRSAEncryption
a4:07:34:28:ff:75:45:5e:da:37:db:78:f4:8f:8a:0c:9c:fa:
25:7d:e9:a5:5f:04:46:72:7d:5d:84:47:fd:09:33:09:e8:a1:
2c:65:ba:81:8b:32:ba:21:39:f8:17:dd:82:57:31:e1:e2:8a:
38:34:41:a3:bd:37:77:76:f7:83:a8:68:db:83:72:16:81:ef:
ef:1a:d7:b4:ca:33:d6:c1:a7:48:61:ac:c0:26:59:17:e1:66:
73:a9:9b:6c:ee:be:4b:1c:58:28:6d:f9:7a:d1:4b:7d:fa:fa:
db:4f:7d:db:c2:c0:7c:48:82:3b:c1:37:d0:59:ac:6a:40:61:
d2:12:46:df:28:90:7d:7f:dc:87:e2:99:bb:c9:f9:9a:06:16:
e4:c9:52:48:21:92:32:c5:87:e7:1b:71:1e:8b:5d:e3:bc:88:
ed:8c:a5:cf:b3:69:84:4b:d1:5a:2c:75:66:e6:0a:c0:bf:e4:
64:bf:75:5d:85:6a:bd:e3:83:d1:f6:76:8d:1a:2e:28:38:cb:
f0:a8:63:eb:79:19:6a:11:ca:14:9b:c5:59:36:b1:90:e2:09:
8e:79:f0:b2:44:54:a5:62:52:dd:a4:21:6d:6f:08:66:93:13:
e1:14:6d:56:4c:b7:41:fc:f0:e2:24:9b:ea:68:7a:49:76:9d:
ef:45:b4:48
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOCBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjA2MTQ1NTE5WhcNMjUwNDI4MTQ1NTE5WjAYMRYw
FAYDVQQDEw02NzUzMTA1Yi1iY2IwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuy6S7gN+pL7v6js2mSFxNQNJ6H+uDT8p73jP7QuxiCytlCt/YJgYflrY
MPpGoxEY6ezhU2eMqDVw4/ErFHTcM61fMDF/xy0fi0bOkIPE53d6of4GsUEdeBSn
VMGGemy0cdSRWvW0sn1zx+cPdjCaEF96hPffIKfXvqeB5FjWeWjT1zzOplNfzJiA
Tw9opVrFKwq1UhbcVTA4/lPTfRJ6QmRDf1JPf8LFmCyvzBYZuIGSaa4ngeIo+qHj
KNNeghNs40OGmtLvbYZEAk+FsapZoydcGCRSyvcXUgQfioFC1ngFNeMYGsg2sgVF
CDe+gYNCJfqYblc2fxpyxG3cJXMfswIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKwc
2HKZyzU/iv30WE3VT9xJu/MmMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xRUI3RjJCNEIzRTIxMUVGQjU2RUQ0NTg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFnPYgMA0GCSqGSIb3DQEBCwUA
A4IBAQCkBzQo/3VFXto323j0j4oMnPolfemlXwRGcn1dhEf9CTMJ6KEsZbqBizK6
ITn4F92CVzHh4oo4NEGjvTd3dveDqGjbg3IWge/vGte0yjPWwadIYazAJlkX4WZz
qZts7r5LHFgobfl60Ut9+vrbT33bwsB8SII7wTfQWaxqQGHSEkbfKJB9f9yH4pm7
yfmaBhbkyVJIIZIyxYfnG3Eei13jvIjtjKXPs2mES9FaLHVm5grAv+Rkv3VdhWq9
44PR9naNGi4oOMvwqGPreRlqEcoUm8VZNrGQ4gmOefCyRFSlYlLdpCFtbwhmkxPh
FG1WTLdB/PDiJJvqaHpJdp3vRbRI
-----END CERTIFICATE-----
Generated at Thu Dec 26 14:47:21 2024 by rpki-client on console-fra.rpki-client.org