Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2570341E7A4811EF8AF06348762E951A.roa
File: 2570341E7A4811EF8AF06348762E951A.roa (raw, json)
Hash identifier: MTeoGalZCQgrfX+BvwyL6c1WVTjAUh7LR08b+BGFDPM=
Subject key identifier: 17:5F:6B:CB:43:FE:C8:96:CE:1A:44:81:46:FD:70:69:22:3A:26:72
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: BA94
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2570341E7A4811EF8AF06348762E951A.roa
Signing time: Tue 24 Sep 2024 07:39:36 +0000
ROA not before: Tue 24 Sep 2024 07:39:32 +0000
ROA not after: Sat 21 Dec 2024 07:39:32 +0000
asID: 328608
IP address blocks: 156.227.208.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 47764 (0xba94)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 24 07:39:32 2024 GMT
Not After : Dec 21 07:39:32 2024 GMT
Subject: CN=66f26cb7-9ab2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:43:7a:25:cc:1f:db:02:71:c4:c4:47:59:3c:
da:bf:91:e3:46:31:3d:fd:45:cd:8b:85:4c:31:0e:
48:be:2b:d2:5a:4c:a3:4e:c2:3e:c3:e8:38:54:dd:
cd:c6:26:41:3c:71:b6:47:be:02:cd:ec:30:23:55:
e9:12:7e:63:c8:01:00:ef:10:00:47:ad:bd:f9:55:
38:c0:d4:fc:3c:32:8d:16:70:88:9d:62:e8:3d:09:
a3:03:7e:a1:7c:bb:0a:c6:eb:11:07:b4:55:fe:4f:
bc:7a:e4:d2:79:c3:23:f0:3f:ab:c5:d6:fe:ec:5e:
44:5e:73:ed:2d:f4:44:8e:de:a2:9c:b0:85:66:7e:
7b:86:d4:75:31:82:fd:48:e3:10:09:0f:ac:07:6b:
f6:ec:63:0b:02:2f:f9:8c:88:ec:80:8c:20:90:b0:
3b:88:2b:87:59:f9:a2:c0:52:e7:68:a2:ff:85:26:
de:42:29:2d:2a:6a:7a:91:33:66:10:ef:be:52:03:
09:1a:47:f5:be:1d:14:13:ab:af:8e:56:1b:3c:f3:
f5:3a:c1:dc:10:2e:ac:c1:0d:29:62:47:3f:75:45:
15:0f:87:8d:a7:85:62:cc:5d:3d:3c:43:8f:8d:ce:
91:45:21:f4:6f:3d:bb:de:ae:0f:7e:91:20:dc:07:
35:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:5F:6B:CB:43:FE:C8:96:CE:1A:44:81:46:FD:70:69:22:3A:26:72
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2570341E7A4811EF8AF06348762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.208.0/21
Signature Algorithm: sha256WithRSAEncryption
ae:eb:0b:b0:2f:ad:01:ed:eb:82:7b:59:c3:c2:dd:b2:53:ba:
67:f3:08:3a:20:08:26:11:5e:d4:b3:c2:c5:c6:b8:59:40:a6:
4f:e3:b0:00:d2:f2:de:7a:bc:c8:1c:40:6a:7f:0b:e2:da:84:
99:c7:f2:9c:85:29:6a:31:12:f1:a9:e1:9f:1c:db:16:a8:94:
c4:fc:e0:08:1b:4e:4c:2a:25:13:cf:19:fd:44:d6:48:20:5b:
b5:05:d3:2d:c1:94:31:ca:d7:c2:45:7b:4a:17:e3:f5:a0:60:
6a:73:21:5d:78:c1:e4:21:76:a5:a2:cf:f6:f0:14:7b:fb:e2:
b1:ef:c7:54:1a:f6:47:2a:f2:79:ef:33:74:76:c8:4c:1e:91:
f9:ce:9e:db:7a:7a:40:c1:41:99:d0:a0:4e:ca:73:e0:26:6a:
cb:2c:84:f3:80:5a:a5:e6:e5:9d:a5:97:0b:fd:dd:a8:b5:55:
f3:2b:96:c7:fe:ec:59:b2:af:74:44:db:ff:9a:8d:a1:54:ea:
d6:7b:4a:0b:08:30:1d:68:0e:f1:04:a1:f5:8f:90:c0:dc:60:
be:49:f3:d3:15:dd:b9:93:b3:46:41:a5:f0:c2:79:82:19:c4:
78:00:b8:60:70:28:0b:27:68:41:9f:28:49:65:92:9f:77:b6:
cc:4c:e7:d1
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDALqUMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwOTI0MDczOTMyWhcNMjQxMjIxMDczOTMyWjAYMRYw
FAYDVQQDEw02NmYyNmNiNy05YWIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAr0N6Jcwf2wJxxMRHWTzav5HjRjE9/UXNi4VMMQ5IvivSWkyjTsI+w+g4
VN3NxiZBPHG2R74CzewwI1XpEn5jyAEA7xAAR629+VU4wNT8PDKNFnCInWLoPQmj
A36hfLsKxusRB7RV/k+8euTSecMj8D+rxdb+7F5EXnPtLfREjt6inLCFZn57htR1
MYL9SOMQCQ+sB2v27GMLAi/5jIjsgIwgkLA7iCuHWfmiwFLnaKL/hSbeQiktKmp6
kTNmEO++UgMJGkf1vh0UE6uvjlYbPPP1OsHcEC6swQ0pYkc/dUUVD4eNp4VizF09
PEOPjc6RRSH0bz273q4PfpEg3Ac1KwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBdf
a8tD/siWzhpEgUb9cGkiOiZyMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yNTcwMzQxRTdBNDgxMUVGOEFGMDYzNDg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnOPQMA0GCSqGSIb3DQEBCwUA
A4IBAQCu6wuwL60B7euCe1nDwt2yU7pn8wg6IAgmEV7Us8LFxrhZQKZP47AA0vLe
erzIHEBqfwvi2oSZx/KchSlqMRLxqeGfHNsWqJTE/OAIG05MKiUTzxn9RNZIIFu1
BdMtwZQxytfCRXtKF+P1oGBqcyFdeMHkIXalos/28BR7++Kx78dUGvZHKvJ57zN0
dshMHpH5zp7benpAwUGZ0KBOynPgJmrLLITzgFql5uWdpZcL/d2otVXzK5bH/uxZ
sq90RNv/mo2hVOrWe0oLCDAdaA7xBKH1j5DA3GC+SfPTFd25k7NGQaXwwnmCGcR4
ALhgcCgLJ2hBnyhJZZKfd7bMTOfR
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:23 2024 by rpki-client on console-ams.rpki-client.org