Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/229F2B9E9D1311EFB51B9F90762E951A.roa
File: 229F2B9E9D1311EFB51B9F90762E951A.roa (raw, json)
Hash identifier: c7leyNTOtgF/yRxsQ+ydR/NWPt266o/NSbQpMFdbcdo=
Subject key identifier: 53:7C:BC:FB:3F:10:34:83:C1:26:63:9B:57:27:60:87:E9:1E:34:A1
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: CFDA
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/229F2B9E9D1311EFB51B9F90762E951A.roa
Signing time: Thu 07 Nov 2024 14:18:18 +0000
ROA not before: Thu 07 Nov 2024 14:18:15 +0000
ROA not after: Sat 30 Nov 2024 14:18:15 +0000
asID: 138152
IP address blocks: 156.232.9.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 53210 (0xcfda)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 7 14:18:15 2024 GMT
Not After : Nov 30 14:18:15 2024 GMT
Subject: CN=672ccc2a-2e87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:9b:1d:f7:69:cb:9f:79:53:1c:a4:78:2f:bf:
86:82:92:c4:4a:13:6a:ad:2e:dd:61:90:3d:19:c5:
af:d5:12:7a:fd:a3:2c:fc:e0:be:7d:90:59:2d:34:
9c:06:7e:26:15:af:67:d6:e7:6a:1d:94:da:ba:39:
4c:de:94:5d:6b:e3:59:49:3d:07:1c:44:96:16:b5:
f9:61:4e:84:f0:f4:4f:e9:9b:68:dc:08:89:47:6d:
f9:21:35:5e:1a:59:2c:6a:33:b7:27:8a:30:4a:9a:
2e:33:b0:6e:7e:a1:44:b2:f9:89:35:c3:ff:87:a6:
31:79:ce:71:16:3f:1e:aa:44:df:fb:5d:b6:78:59:
df:2e:b0:25:14:95:8d:c7:37:41:a7:a7:a9:9e:ed:
ee:45:39:77:01:07:2e:56:5b:03:a8:1a:6e:9e:23:
fe:9b:a7:3d:05:f3:98:ed:f2:6c:13:b9:2f:e6:ba:
06:96:4d:c0:07:75:c9:ab:2d:e5:ca:e7:be:e9:09:
06:db:b9:da:73:21:a6:23:ae:a8:b2:6e:c4:85:b1:
0b:6e:3d:70:2b:3c:28:8a:e9:32:76:2f:f7:3f:30:
2f:31:5c:cb:0d:f2:37:ec:82:68:c6:f0:cc:d1:fa:
22:96:df:0a:ae:90:e0:a4:43:e9:64:9d:76:a5:bb:
8d:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:7C:BC:FB:3F:10:34:83:C1:26:63:9B:57:27:60:87:E9:1E:34:A1
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/229F2B9E9D1311EFB51B9F90762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.232.9.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:a2:a2:9d:fa:87:c1:68:bb:aa:db:3a:01:95:d2:87:a9:60:
e4:fa:d2:38:e8:0a:c9:15:e4:64:b9:45:78:0b:98:86:3a:a6:
20:11:59:ed:86:ff:5f:e0:be:a4:70:ae:54:58:de:3f:8f:77:
c1:68:8a:1e:eb:a5:cb:36:85:9f:e4:2f:20:d2:c9:60:c2:ba:
e1:d3:c4:67:eb:6e:15:8f:cb:88:06:90:ea:3f:38:60:07:df:
cf:2a:82:31:61:4b:c7:21:52:14:d8:53:8b:ac:48:22:2d:a8:
2b:aa:d4:9d:de:0f:30:d7:90:65:69:c6:67:1c:89:9d:34:d5:
8e:f9:9b:e1:f5:95:9e:bc:f0:ff:95:1e:d2:85:8e:86:a9:f5:
a5:0c:42:7f:90:33:90:7d:66:a7:85:a7:18:1b:4a:05:b3:51:
11:f5:59:8a:14:f8:24:be:68:a7:cf:83:f9:7e:7d:15:0a:13:
ec:9c:d2:fa:62:c0:3a:48:d5:35:4c:38:40:17:58:32:6f:c4:
da:e6:40:7a:b7:b6:25:05:a7:e9:3a:4a:56:bb:7b:fd:a0:1c:
e7:25:d7:21:46:2f:bf:5b:2e:b7:a5:fd:ea:dc:42:f3:2e:9b:
bb:d0:d9:3f:88:03:00:3b:bd:ab:14:4b:bc:f5:33:72:a8:e4:
68:26:ea:68
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAM/aMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTA3MTQxODE1WhcNMjQxMTMwMTQxODE1WjAYMRYw
FAYDVQQDEw02NzJjY2MyYS0yZTg3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsJsd92nLn3lTHKR4L7+GgpLEShNqrS7dYZA9GcWv1RJ6/aMs/OC+fZBZ
LTScBn4mFa9n1udqHZTaujlM3pRda+NZST0HHESWFrX5YU6E8PRP6Zto3AiJR235
ITVeGlksajO3J4owSpouM7BufqFEsvmJNcP/h6Yxec5xFj8eqkTf+122eFnfLrAl
FJWNxzdBp6epnu3uRTl3AQcuVlsDqBpuniP+m6c9BfOY7fJsE7kv5roGlk3AB3XJ
qy3lyue+6QkG27nacyGmI66osm7EhbELbj1wKzwoiukydi/3PzAvMVzLDfI37IJo
xvDM0foilt8KrpDgpEPpZJ12pbuNyQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFN8
vPs/EDSDwSZjm1cnYIfpHjShMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yMjlGMkI5RTlEMTMxMUVGQjUxQjlGOTA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOgJMA0GCSqGSIb3DQEBCwUA
A4IBAQBeoqKd+ofBaLuq2zoBldKHqWDk+tI46ArJFeRkuUV4C5iGOqYgEVnthv9f
4L6kcK5UWN4/j3fBaIoe66XLNoWf5C8g0slgwrrh08Rn624Vj8uIBpDqPzhgB9/P
KoIxYUvHIVIU2FOLrEgiLagrqtSd3g8w15BlacZnHImdNNWO+Zvh9ZWevPD/lR7S
hY6GqfWlDEJ/kDOQfWanhacYG0oFs1ER9VmKFPgkvminz4P5fn0VChPsnNL6YsA6
SNU1TDhAF1gyb8Ta5kB6t7YlBafpOkpWu3v9oBznJdchRi+/Wy63pf3q3ELzLpu7
0Nk/iAMAO72rFEu89TNyqORoJupo
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:21 2024 by rpki-client on console-fra.rpki-client.org