Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/238A5A9032BC11EF948E87B2762E951A.roa
File: 238A5A9032BC11EF948E87B2762E951A.roa (raw, json)
Hash identifier: rvyXO4S+gq+n6+2xe3SgUrPyYfUM8iBpGD4PzPqW3Jo=
Subject key identifier: 10:F9:64:48:6B:70:84:61:64:DA:C9:56:D5:01:25:79:61:4C:BE:9D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 948E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/238A5A9032BC11EF948E87B2762E951A.roa
Signing time: Tue 25 Jun 2024 06:28:31 +0000
ROA not before: Tue 25 Jun 2024 06:28:27 +0000
ROA not after: Fri 03 Jan 2025 06:28:27 +0000
asID: 40065
IP address blocks: 156.243.4.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 09 Sep 2024 00:16:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 38030 (0x948e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jun 25 06:28:27 2024 GMT
Not After : Jan 3 06:28:27 2025 GMT
Subject: CN=667a638e-7950
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:af:71:fd:ed:10:80:40:a5:04:4a:42:8c:cd:
82:c6:22:39:7f:af:48:9c:5a:a7:48:79:6d:07:26:
6d:8f:ff:84:3e:ed:c8:92:c8:9c:b6:f2:55:d2:00:
cf:77:d5:71:6c:53:99:0e:d5:67:18:a4:c4:53:17:
f0:4d:fa:4a:63:cf:6f:10:33:66:28:45:90:f1:f6:
1f:38:45:29:d1:d8:db:0e:89:1c:4f:58:fa:60:6f:
01:7a:ad:6a:9a:4c:8c:56:9d:fc:3f:5d:f4:69:2a:
a7:ea:c2:38:21:5a:45:e1:22:b4:d7:b7:e5:24:e8:
3f:c8:54:0d:ea:fa:7e:61:e0:74:b4:ea:73:cb:2d:
31:09:fe:39:1b:bb:9d:2b:51:c3:c4:49:f4:cb:f3:
9c:12:b2:f4:61:83:9e:06:2c:b3:6f:cb:df:24:51:
56:5a:06:e1:ec:72:d3:fa:04:fd:ee:08:35:71:a7:
de:9d:57:26:01:44:f2:68:49:40:37:ba:e2:05:f9:
83:a1:a3:13:ee:97:a6:aa:6f:17:cb:74:77:a8:a8:
65:56:41:70:6d:4e:8b:58:23:86:e0:ca:8d:ce:0a:
06:e9:05:da:1d:d6:48:f8:50:73:e5:fe:3a:cf:4a:
8b:a2:45:d2:51:91:03:0d:95:b1:90:9a:e7:47:74:
fb:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:F9:64:48:6B:70:84:61:64:DA:C9:56:D5:01:25:79:61:4C:BE:9D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/238A5A9032BC11EF948E87B2762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.4.0/22
Signature Algorithm: sha256WithRSAEncryption
35:d3:32:4a:c3:4d:db:28:6a:d2:15:99:27:85:ef:35:33:9c:
c9:43:8d:5f:6f:87:11:28:6e:87:6b:da:5b:b8:b7:e5:a5:8b:
8c:15:ba:b7:70:73:43:7c:6f:db:b5:14:ce:9e:f9:13:1c:74:
03:c8:b4:42:44:0d:8f:40:3b:b7:38:d6:9b:48:7c:34:fb:a5:
b7:39:95:ec:7f:bf:82:b3:0b:ce:a4:60:a3:fc:f0:ad:8c:ea:
03:89:0b:f1:d2:62:10:04:55:36:25:f5:dc:27:68:b0:b4:b3:
89:c9:60:98:6f:d5:65:e6:84:01:b3:c0:9e:fb:91:42:43:bc:
3c:0a:ee:ac:52:c1:fb:3f:8b:63:a9:3f:7e:a0:e0:f9:d0:34:
fe:52:c7:f6:6a:f1:e8:da:83:41:ce:3a:04:24:27:0a:0a:ae:
1b:3a:68:fc:b0:ac:a1:b1:23:a1:3e:33:18:6b:95:8d:6b:a3:
2e:fe:8a:67:b1:79:f8:01:e9:e5:75:ca:a2:8f:4b:7b:73:e1:
bd:18:ab:9d:e2:01:5f:7a:13:94:ca:60:59:a0:a8:93:46:f8:
dd:74:17:83:50:0e:d1:29:2b:db:90:cf:65:7c:86:e9:b6:7a:
cb:62:ab:c9:cd:30:04:06:b0:12:d4:8f:06:1c:b6:44:1f:e0:
b0:43:bc:6c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAJSOMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNjI1MDYyODI3WhcNMjUwMTAzMDYyODI3WjAYMRYw
FAYDVQQDEw02NjdhNjM4ZS03OTUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAx69x/e0QgEClBEpCjM2CxiI5f69InFqnSHltByZtj/+EPu3IksictvJV
0gDPd9VxbFOZDtVnGKTEUxfwTfpKY89vEDNmKEWQ8fYfOEUp0djbDokcT1j6YG8B
eq1qmkyMVp38P130aSqn6sI4IVpF4SK017flJOg/yFQN6vp+YeB0tOpzyy0xCf45
G7udK1HDxEn0y/OcErL0YYOeBiyzb8vfJFFWWgbh7HLT+gT97gg1cafenVcmAUTy
aElAN7riBfmDoaMT7pemqm8Xy3R3qKhlVkFwbU6LWCOG4MqNzgoG6QXaHdZI+FBz
5f46z0qLokXSUZEDDZWxkJrnR3T7bwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBD5
ZEhrcIRhZNrJVtUBJXlhTL6dMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yMzhBNUE5MDMyQkMxMUVGOTQ4RTg3QjI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnPMEMA0GCSqGSIb3DQEBCwUA
A4IBAQA10zJKw03bKGrSFZknhe81M5zJQ41fb4cRKG6Ha9pbuLflpYuMFbq3cHND
fG/btRTOnvkTHHQDyLRCRA2PQDu3ONabSHw0+6W3OZXsf7+CswvOpGCj/PCtjOoD
iQvx0mIQBFU2JfXcJ2iwtLOJyWCYb9Vl5oQBs8Ce+5FCQ7w8Cu6sUsH7P4tjqT9+
oOD50DT+Usf2avHo2oNBzjoEJCcKCq4bOmj8sKyhsSOhPjMYa5WNa6Mu/opnsXn4
Aenldcqij0t7c+G9GKud4gFfehOUymBZoKiTRvjddBeDUA7RKSvbkM9lfIbptnrL
YqvJzTAEBrAS1I8GHLZEH+CwQ7xs
-----END CERTIFICATE-----
Generated at Sat Sep 7 11:11:57 2024 by rpki-client on console-ams.rpki-client.org