Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/24046B9A87C711EF81F371BA762E951A.roa
File: 24046B9A87C711EF81F371BA762E951A.roa (raw, json)
Hash identifier: E3lEk1IDFB8/XCXSc+BdhwjH8NYo9mmKn6WsPyQlzPg=
Subject key identifier: A4:EC:EB:7C:01:9C:C1:5B:F5:74:A4:F3:F2:C0:3C:15:3B:67:FC:9B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: C3C9
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/24046B9A87C711EF81F371BA762E951A.roa
Signing time: Fri 11 Oct 2024 11:51:25 +0000
ROA not before: Fri 11 Oct 2024 11:51:20 +0000
ROA not after: Sun 12 Oct 2025 11:51:20 +0000
asID: 136907
IP address blocks: 156.232.16.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 50121 (0xc3c9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Oct 11 11:51:20 2024 GMT
Not After : Oct 12 11:51:20 2025 GMT
Subject: CN=6709113c-8f43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:39:0a:00:b5:1b:f1:b5:88:5d:ea:11:34:63:
20:ad:7a:53:7c:98:48:f8:35:1b:01:04:48:0d:67:
3e:21:e3:2b:8a:7c:95:ef:10:a2:3c:64:ad:f8:1b:
96:db:a6:02:84:87:c5:3e:e6:99:78:91:d0:94:d6:
54:0e:cd:1d:44:fa:fc:47:a5:44:ab:70:6f:d5:d2:
8c:8c:38:0f:31:6d:5b:fb:ce:4e:47:0f:ac:b3:19:
cd:0c:ed:04:c4:bd:61:15:95:f9:fc:7e:6d:44:0e:
3b:45:1c:ad:23:d2:03:6c:dd:d2:e7:8e:c5:4f:49:
b2:ae:81:bc:3b:f1:d2:24:ee:3e:30:8f:58:8b:9e:
94:af:b2:0d:ba:50:13:19:9d:1f:a1:c2:9b:0c:d4:
8d:95:66:4a:dd:1a:e8:41:17:04:8e:d4:77:91:f8:
ee:0e:c3:53:1f:52:f6:3c:3c:da:1d:52:b2:92:46:
29:1d:ff:fb:43:ef:fc:7d:78:ec:c3:b2:c2:cf:87:
e7:c3:af:16:11:36:9c:73:5e:9a:65:3b:90:21:ac:
04:64:9a:05:f1:65:50:fc:35:08:6a:8a:10:68:09:
1e:db:c0:5c:f9:e3:f9:bf:a5:a4:58:29:31:03:de:
b3:75:c2:a1:86:e2:01:39:ef:9c:6b:de:f6:72:1e:
26:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:EC:EB:7C:01:9C:C1:5B:F5:74:A4:F3:F2:C0:3C:15:3B:67:FC:9B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/24046B9A87C711EF81F371BA762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.232.16.0/20
Signature Algorithm: sha256WithRSAEncryption
3e:ac:87:ef:8c:7d:86:7d:2d:20:f9:8e:0d:97:99:4e:c9:f4:
39:fa:e7:65:d5:a8:6e:14:a9:b5:df:42:23:1b:cb:0a:ac:05:
9f:7c:8b:f9:2b:60:15:e2:5b:79:e9:6b:7a:9d:52:52:23:21:
a1:fd:4e:5c:fb:04:6c:44:62:8f:7d:7f:de:3b:b0:33:f1:12:
81:07:52:d6:85:02:88:86:8d:bf:d7:e4:1a:51:56:be:f9:76:
d1:88:d8:14:f1:21:99:2b:cf:e7:ca:52:c6:08:6d:de:18:e8:
e4:83:8a:bb:c6:fe:40:b4:94:e2:27:b8:44:ca:c0:04:6a:50:
66:3c:5c:91:4b:8d:45:f4:0f:d7:45:90:84:0a:64:33:8c:52:
28:24:20:60:98:a3:73:f9:c7:c6:a3:73:62:a2:62:fc:39:57:
80:d5:75:9a:be:53:c9:07:90:d4:d1:59:73:0f:35:b7:c1:4f:
36:f4:3b:d8:6a:0e:d3:f9:c0:56:8f:2b:eb:f0:1e:fd:a9:47:
89:cf:07:51:03:b1:84:22:cb:5e:9c:9f:d2:6a:88:f4:35:4d:
99:53:ed:21:90:e9:cb:ac:cf:ce:da:fd:f9:8d:65:20:35:55:
73:a1:39:01:27:eb:a2:2c:1e:d9:dc:e9:2d:82:c0:2b:c6:61:
8d:f8:86:48
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAMPJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMDExMTE1MTIwWhcNMjUxMDEyMTE1MTIwWjAYMRYw
FAYDVQQDEw02NzA5MTEzYy04ZjQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0TkKALUb8bWIXeoRNGMgrXpTfJhI+DUbAQRIDWc+IeMrinyV7xCiPGSt
+BuW26YChIfFPuaZeJHQlNZUDs0dRPr8R6VEq3Bv1dKMjDgPMW1b+85ORw+ssxnN
DO0ExL1hFZX5/H5tRA47RRytI9IDbN3S547FT0myroG8O/HSJO4+MI9Yi56Ur7IN
ulATGZ0focKbDNSNlWZK3RroQRcEjtR3kfjuDsNTH1L2PDzaHVKykkYpHf/7Q+/8
fXjsw7LCz4fnw68WETacc16aZTuQIawEZJoF8WVQ/DUIaooQaAke28Bc+eP5v6Wk
WCkxA96zdcKhhuIBOe+ca972ch4moQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKTs
63wBnMFb9XSk8/LAPBU7Z/ybMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yNDA0NkI5QTg3QzcxMUVGODFGMzcxQkE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnOgQMA0GCSqGSIb3DQEBCwUA
A4IBAQA+rIfvjH2GfS0g+Y4Nl5lOyfQ5+udl1ahuFKm130IjG8sKrAWffIv5K2AV
4lt56Wt6nVJSIyGh/U5c+wRsRGKPfX/eO7Az8RKBB1LWhQKIho2/1+QaUVa++XbR
iNgU8SGZK8/nylLGCG3eGOjkg4q7xv5AtJTiJ7hEysAEalBmPFyRS41F9A/XRZCE
CmQzjFIoJCBgmKNz+cfGo3NiomL8OVeA1XWavlPJB5DU0VlzDzW3wU829DvYag7T
+cBWjyvr8B79qUeJzwdRA7GEIstenJ/Saoj0NU2ZU+0hkOnLrM/O2v35jWUgNVVz
oTkBJ+uiLB7Z3OktgsArxmGN+IZI
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:23 2024 by rpki-client on console-ams.rpki-client.org