Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/23F3D222A19811EF88397DAA762E951A.roa
File: 23F3D222A19811EF88397DAA762E951A.roa (raw, json)
Hash identifier: JRQXZbHmRJyp2glYntY8JlIUxDglqVV428wQSLz97jg=
Subject key identifier: F3:D3:3C:96:81:58:1D:08:79:68:E6:27:93:3E:54:58:23:1E:5A:A8
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D23A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/23F3D222A19811EF88397DAA762E951A.roa
Signing time: Wed 13 Nov 2024 08:20:28 +0000
ROA not before: Wed 13 Nov 2024 08:20:24 +0000
ROA not after: Fri 22 Nov 2024 08:20:24 +0000
asID: 138467
IP address blocks: 156.238.86.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 22 Nov 2024 08:20:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 53818 (0xd23a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 13 08:20:24 2024 GMT
Not After : Nov 22 08:20:24 2024 GMT
Subject: CN=6734614c-8443
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:9b:32:2a:aa:51:23:38:36:fd:b9:bf:8f:cd:
aa:38:07:e9:bf:a9:a0:dd:c7:95:0b:c2:f4:19:02:
2a:41:3d:1b:3f:5f:e3:5f:ff:ec:6d:97:e6:76:37:
2f:3b:ca:09:38:24:e8:69:48:ba:d5:2f:0c:81:9a:
51:22:0d:a3:76:8d:e4:a2:13:51:77:46:9b:67:69:
aa:92:d8:d6:13:f0:df:9a:83:97:98:2b:8c:d0:10:
62:1c:bd:ee:fc:3e:b6:28:a3:ef:f2:2f:68:a6:8e:
61:64:34:0f:5b:4a:f6:fb:97:22:c3:c6:ba:07:1d:
24:80:5f:db:fa:55:1f:dd:08:ea:7c:f8:95:db:30:
50:77:ec:b9:fd:e5:cc:7d:a1:5b:94:1f:c6:aa:ee:
81:fe:d1:4a:13:21:d9:ef:1d:2c:2e:0e:3c:ea:9a:
91:fa:c5:4f:b2:bf:3f:b8:a5:38:52:1c:18:b3:6a:
5c:f1:49:21:41:70:ca:20:e8:91:27:2b:36:cf:63:
23:bf:5e:37:e1:39:57:22:72:ff:5c:54:74:84:a5:
65:08:5d:b3:53:b5:dc:84:b5:0c:56:da:9c:f6:40:
fd:23:1d:55:ac:10:a1:bc:2c:66:93:f3:78:93:90:
39:58:1f:32:cf:93:fe:45:d5:09:58:cc:dd:5d:20:
7b:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:D3:3C:96:81:58:1D:08:79:68:E6:27:93:3E:54:58:23:1E:5A:A8
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/23F3D222A19811EF88397DAA762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.86.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:b9:b1:99:cb:f3:36:df:6c:6b:c4:08:8b:ee:2c:5a:7b:90:
21:8d:a0:4c:d0:99:84:18:af:e9:4e:ee:fb:e8:73:1f:91:aa:
bf:05:77:c9:f0:2c:b5:32:13:2e:eb:a4:b8:78:b4:7a:08:36:
ba:80:da:b9:54:59:ef:06:15:d9:21:91:88:9e:e6:03:63:62:
47:ad:bc:c8:9d:b7:9b:3e:6b:7a:16:ac:fa:78:3f:91:6a:45:
2d:5d:ab:0b:16:de:3a:00:66:02:f8:83:bb:90:07:04:53:71:
41:e1:f6:34:18:5e:64:03:d1:a9:3b:9e:36:19:2c:b1:a0:a3:
cc:12:1a:68:b2:6b:b6:78:3f:fc:d9:67:d7:ad:5b:f6:8d:58:
9e:66:68:7e:cc:05:fb:d2:51:a8:f6:25:3e:24:43:e8:b6:10:
19:23:5b:55:61:b5:83:05:b1:61:e2:3d:ae:4a:8c:73:75:70:
f0:a7:21:c7:12:47:7f:37:ad:b3:98:36:88:44:ac:23:58:39:
11:6a:79:e7:5f:5d:32:85:d9:f9:0a:ac:dd:a8:86:d3:9a:b1:
1f:6a:fb:94:87:24:95:e8:f7:5a:0f:e3:80:02:23:c7:43:9a:
cd:44:e9:6a:5f:dd:e9:b2:44:99:bf:d4:b8:df:d4:d9:04:9a:
bd:97:77:50
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANI6MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTEzMDgyMDI0WhcNMjQxMTIyMDgyMDI0WjAYMRYw
FAYDVQQDEw02NzM0NjE0Yy04NDQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAq5syKqpRIzg2/bm/j82qOAfpv6mg3ceVC8L0GQIqQT0bP1/jX//sbZfm
djcvO8oJOCToaUi61S8MgZpRIg2jdo3kohNRd0abZ2mqktjWE/DfmoOXmCuM0BBi
HL3u/D62KKPv8i9opo5hZDQPW0r2+5ciw8a6Bx0kgF/b+lUf3QjqfPiV2zBQd+y5
/eXMfaFblB/Gqu6B/tFKEyHZ7x0sLg486pqR+sVPsr8/uKU4UhwYs2pc8UkhQXDK
IOiRJys2z2Mjv1434TlXInL/XFR0hKVlCF2zU7XchLUMVtqc9kD9Ix1VrBChvCxm
k/N4k5A5WB8yz5P+RdUJWMzdXSB7wQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPPT
PJaBWB0IeWjmJ5M+VFgjHlqoMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yM0YzRDIyMkExOTgxMUVGODgzOTdEQUE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO5WMA0GCSqGSIb3DQEBCwUA
A4IBAQCaubGZy/M232xrxAiL7ixae5AhjaBM0JmEGK/pTu776HMfkaq/BXfJ8Cy1
MhMu66S4eLR6CDa6gNq5VFnvBhXZIZGInuYDY2JHrbzInbebPmt6Fqz6eD+RakUt
XasLFt46AGYC+IO7kAcEU3FB4fY0GF5kA9GpO542GSyxoKPMEhposmu2eD/82WfX
rVv2jVieZmh+zAX70lGo9iU+JEPothAZI1tVYbWDBbFh4j2uSoxzdXDwpyHHEkd/
N62zmDaIRKwjWDkRannnX10yhdn5CqzdqIbTmrEfavuUhySV6PdaD+OAAiPHQ5rN
ROlqX93pskSZv9S439TZBJq9l3dQ
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:21 2024 by rpki-client on console-fra.rpki-client.org