Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2400A50C5DCC11EFBCBB187C762E951A.roa
File: 2400A50C5DCC11EFBCBB187C762E951A.roa (raw, json)
Hash identifier: YShdQWowWjTTFpmLzPeBLNphZwbYvHxpQdxx/qcUd3o=
Subject key identifier: D6:DD:34:FB:01:55:F2:7B:D6:00:66:E9:B4:12:FE:D4:A7:C6:68:70
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: A855
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2400A50C5DCC11EFBCBB187C762E951A.roa
Signing time: Mon 19 Aug 2024 01:41:23 +0000
ROA not before: Mon 19 Aug 2024 01:41:20 +0000
ROA not after: Thu 31 Dec 2026 01:41:20 +0000
asID: 17561
IP address blocks: 156.253.130.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43093 (0xa855)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Aug 19 01:41:20 2024 GMT
Not After : Dec 31 01:41:20 2026 GMT
Subject: CN=66c2a2c3-96a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:57:54:70:2f:93:d6:99:01:3d:09:fd:38:47:
14:0b:3c:d1:59:c9:2b:d9:a1:5e:e5:72:ee:a3:7d:
f7:3c:f0:9a:3f:d6:63:67:dc:e9:79:57:cf:87:d5:
99:c7:46:20:bb:27:b8:44:b8:cf:16:8c:d9:1d:c3:
e2:81:64:4e:a4:a1:a6:6b:7c:6b:4f:84:f4:84:12:
65:aa:b2:b6:af:7d:81:1a:d1:04:e4:75:28:59:fa:
b2:2e:37:13:77:0e:15:f8:c8:8f:3c:3c:34:89:dc:
5c:1b:2e:fc:e3:c2:4c:de:20:30:31:62:22:02:f7:
ac:9c:fa:dd:fc:96:63:ae:ca:81:aa:8b:bc:34:6a:
b0:f3:4a:2f:8f:e6:0b:17:59:eb:08:1a:21:fb:3f:
10:91:74:91:02:28:ec:f8:c4:0d:3a:b7:88:aa:d3:
1a:78:6b:48:6e:a9:c5:7d:71:4c:51:a6:86:cb:23:
ad:5d:ba:d9:db:9e:92:95:b1:4c:65:b4:f8:ef:2a:
83:71:db:9d:b2:e9:8e:14:b9:76:3c:c9:17:56:8b:
39:3b:74:de:4a:e0:5a:6e:c7:5a:88:de:ce:7a:dc:
33:aa:92:07:9c:56:6d:50:b0:6a:39:26:a8:79:21:
08:dc:d5:8f:23:57:9d:de:5c:bf:ea:25:4d:9c:1b:
3a:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:DD:34:FB:01:55:F2:7B:D6:00:66:E9:B4:12:FE:D4:A7:C6:68:70
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2400A50C5DCC11EFBCBB187C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.253.130.0/24
Signature Algorithm: sha256WithRSAEncryption
72:07:7d:f2:ea:c4:3f:d4:14:f6:b5:df:ac:e1:38:6c:2f:5a:
cf:7f:50:be:bf:72:3a:4f:95:a6:f4:78:6e:d2:c4:17:e7:0d:
92:4b:0e:17:90:cd:26:dc:6c:d1:c7:cd:7c:56:98:07:42:82:
b5:2a:bb:ee:17:e5:f0:26:4b:db:bc:22:88:12:99:b3:d5:14:
63:d0:22:c3:b0:7f:13:b6:c7:71:2a:ba:f2:24:60:da:45:cc:
3d:81:e5:96:e3:d2:34:2d:7a:a5:ee:29:0b:de:b5:a0:b5:fa:
10:06:fd:2b:d1:86:15:65:41:80:32:fa:5f:14:87:da:86:e6:
fa:39:9c:c8:d9:9d:ba:d4:b5:6a:e4:22:23:da:71:0c:a4:9e:
7e:97:5c:6d:3a:7e:95:e5:b0:75:5b:c5:74:77:f3:f2:be:de:
c7:e8:a7:5a:d9:61:4f:76:54:7f:63:aa:f8:d6:5e:71:cb:47:
40:04:a6:8a:ba:5a:e4:4b:73:9c:11:cc:3b:7f:35:06:6e:c1:
64:86:9c:25:01:55:b0:62:da:09:be:ad:da:42:82:34:de:54:
11:ba:90:ee:14:ae:02:41:87:f1:9f:18:7d:f6:da:45:af:9b:
b7:f1:55:00:f4:9b:3d:fc:ac:f3:06:9e:8c:3b:cc:84:4e:7b:
fa:2e:1c:dc
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAKhVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwODE5MDE0MTIwWhcNMjYxMjMxMDE0MTIwWjAYMRYw
FAYDVQQDEw02NmMyYTJjMy05NmE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwVdUcC+T1pkBPQn9OEcUCzzRWckr2aFe5XLuo333PPCaP9ZjZ9zpeVfP
h9WZx0Yguye4RLjPFozZHcPigWROpKGma3xrT4T0hBJlqrK2r32BGtEE5HUoWfqy
LjcTdw4V+MiPPDw0idxcGy7848JM3iAwMWIiAvesnPrd/JZjrsqBqou8NGqw80ov
j+YLF1nrCBoh+z8QkXSRAijs+MQNOreIqtMaeGtIbqnFfXFMUaaGyyOtXbrZ256S
lbFMZbT47yqDcdudsumOFLl2PMkXVos5O3TeSuBabsdaiN7OetwzqpIHnFZtULBq
OSaoeSEI3NWPI1ed3ly/6iVNnBs6AwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNbd
NPsBVfJ71gBm6bQS/tSnxmhwMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yNDAwQTUwQzVEQ0MxMUVGQkNCQjE4N0M3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP2CMA0GCSqGSIb3DQEBCwUA
A4IBAQByB33y6sQ/1BT2td+s4ThsL1rPf1C+v3I6T5Wm9Hhu0sQX5w2SSw4XkM0m
3GzRx818VpgHQoK1KrvuF+XwJkvbvCKIEpmz1RRj0CLDsH8TtsdxKrryJGDaRcw9
geWW49I0LXql7ikL3rWgtfoQBv0r0YYVZUGAMvpfFIfahub6OZzI2Z261LVq5CIj
2nEMpJ5+l1xtOn6V5bB1W8V0d/Pyvt7H6Kda2WFPdlR/Y6r41l5xy0dABKaKulrk
S3OcEcw7fzUGbsFkhpwlAVWwYtoJvq3aQoI03lQRupDuFK4CQYfxnxh99tpFr5u3
8VUA9Js9/KzzBp6MO8yETnv6Lhzc
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:23 2024 by rpki-client on console-ams.rpki-client.org