Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/20D2B9841D8E11EFAAE851097DDC24C2.roa
File: 20D2B9841D8E11EFAAE851097DDC24C2.roa (raw, json)
Hash identifier: qr9Ay4L4fU+ZKcQOGQbpIhXv9OdQmh+0XF5rRgwjlXw=
Subject key identifier: 84:B3:2D:1C:C4:E6:23:C4:4A:38:00:93:80:9F:01:50:19:B0:A6:CB
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 8CF9
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/20D2B9841D8E11EFAAE851097DDC24C2.roa
Signing time: Wed 29 May 2024 07:36:15 +0000
ROA not before: Wed 29 May 2024 07:36:11 +0000
ROA not after: Sat 14 Sep 2024 07:36:11 +0000
asID: 138195
IP address blocks: 156.237.64.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 09 Sep 2024 00:16:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 36089 (0x8cf9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 29 07:36:11 2024 GMT
Not After : Sep 14 07:36:11 2024 GMT
Subject: CN=6656daee-1620
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:16:93:3e:6a:89:95:a6:48:ec:5f:ed:1b:22:
ce:70:59:0c:0d:64:d4:c3:59:07:73:ee:8f:0b:d4:
c3:6f:02:06:d5:4e:71:7d:0b:c1:b7:4a:db:49:4c:
eb:b1:2b:66:78:6a:27:1d:c0:68:63:6f:f9:4c:96:
01:6f:cd:ab:fd:7e:0a:b1:5f:7e:fc:85:bb:d0:ea:
6a:1b:34:b0:e5:82:80:9b:a5:8c:84:0e:a9:ee:08:
e3:ab:b8:be:36:9d:b3:cf:28:4a:fe:2f:60:c3:5a:
d7:5e:a2:37:51:b1:06:8f:a8:5c:62:fd:d3:6e:40:
4c:75:d0:07:1a:db:e6:f4:24:e2:08:26:4b:11:b3:
5b:e7:38:4f:24:76:63:1a:79:29:b9:e2:20:fc:9f:
68:a5:3f:e9:d1:62:28:c6:c1:5d:c2:02:0e:a5:1e:
a0:4a:81:71:66:41:5e:2b:85:28:0c:dd:ef:24:a8:
0c:61:d3:5c:9f:20:8e:d4:e5:88:c4:eb:95:27:48:
a9:96:b8:11:cc:f6:a6:43:41:9e:d3:3f:a1:01:ad:
8f:89:d4:5b:74:01:8f:86:57:31:3c:02:93:fa:41:
6b:86:b9:f2:95:f1:02:ed:66:bb:58:ad:d2:9e:fc:
9b:2b:d9:3e:97:61:96:65:4e:db:f7:0f:f5:b3:75:
bc:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:B3:2D:1C:C4:E6:23:C4:4A:38:00:93:80:9F:01:50:19:B0:A6:CB
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/20D2B9841D8E11EFAAE851097DDC24C2.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.237.64.0/19
Signature Algorithm: sha256WithRSAEncryption
9b:b0:90:20:ea:fc:a2:97:f4:55:e2:9f:b5:98:2d:6b:d2:18:
8d:55:37:28:b3:0f:48:4b:bc:77:11:d0:01:67:2b:91:7f:57:
21:13:b1:6a:3c:59:1d:f5:c3:ad:9f:21:ee:92:b4:4f:9b:5c:
ce:0b:61:34:47:f9:ee:3e:42:4d:3b:46:65:fa:ae:ee:cc:19:
f8:25:72:45:c9:a3:60:70:b8:13:f9:a3:a9:34:e9:84:53:a5:
b7:e1:a5:7b:a8:7a:4f:f1:3d:65:f2:c3:0e:d2:4d:19:99:97:
5b:83:4d:a6:c9:d3:0c:38:97:7b:32:dc:22:57:68:a9:35:8c:
67:00:4f:ff:8a:fa:ff:4b:10:2b:8c:ab:14:30:a2:2f:48:00:
ed:8b:da:99:c5:b9:2d:d6:5f:57:f1:f8:fb:67:e2:fa:44:2b:
eb:02:ef:a5:70:e8:5c:dd:64:26:8e:4b:5c:e4:f5:ee:e9:79:
a2:dc:e2:98:a2:03:c5:68:65:7b:0c:d4:bf:cd:04:19:a3:c0:
d9:24:95:c5:ce:b7:69:ec:d7:a9:1a:e8:3d:13:ab:12:9a:ce:
44:aa:f2:79:f2:0f:9d:69:cc:2c:4f:1e:d8:01:2a:12:70:35:
4e:0c:9b:f1:ba:58:9f:1c:e6:03:da:13:04:52:13:a5:47:22:
bb:4a:87:07
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAIz5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNTI5MDczNjExWhcNMjQwOTE0MDczNjExWjAYMRYw
FAYDVQQDEw02NjU2ZGFlZS0xNjIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAlxaTPmqJlaZI7F/tGyLOcFkMDWTUw1kHc+6PC9TDbwIG1U5xfQvBt0rb
SUzrsStmeGonHcBoY2/5TJYBb82r/X4KsV9+/IW70OpqGzSw5YKAm6WMhA6p7gjj
q7i+Np2zzyhK/i9gw1rXXqI3UbEGj6hcYv3TbkBMddAHGtvm9CTiCCZLEbNb5zhP
JHZjGnkpueIg/J9opT/p0WIoxsFdwgIOpR6gSoFxZkFeK4UoDN3vJKgMYdNcnyCO
1OWIxOuVJ0iplrgRzPamQ0Ge0z+hAa2PidRbdAGPhlcxPAKT+kFrhrnylfEC7Wa7
WK3SnvybK9k+l2GWZU7b9w/1s3W8MwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFISz
LRzE5iPESjgAk4CfAVAZsKbLMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yMEQyQjk4NDFEOEUxMUVGQUFFODUxMDk3RERDMjRDMi5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFnO1AMA0GCSqGSIb3DQEBCwUA
A4IBAQCbsJAg6vyil/RV4p+1mC1r0hiNVTcosw9IS7x3EdABZyuRf1chE7FqPFkd
9cOtnyHukrRPm1zOC2E0R/nuPkJNO0Zl+q7uzBn4JXJFyaNgcLgT+aOpNOmEU6W3
4aV7qHpP8T1l8sMO0k0ZmZdbg02mydMMOJd7MtwiV2ipNYxnAE//ivr/SxArjKsU
MKIvSADti9qZxbkt1l9X8fj7Z+L6RCvrAu+lcOhc3WQmjktc5PXu6Xmi3OKYogPF
aGV7DNS/zQQZo8DZJJXFzrdp7NepGug9E6sSms5EqvJ58g+dacwsTx7YASoScDVO
DJvxulifHOYD2hMEUhOlRyK7SocH
-----END CERTIFICATE-----
Generated at Sat Sep 7 11:11:56 2024 by rpki-client on console-ams.rpki-client.org