Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/280133B47E3911EFA67A4F91762E951A.roa
File: 280133B47E3911EFA67A4F91762E951A.roa (raw, json)
Hash identifier: 0wQI27o+cihX8wqrypLrei3bK6KuDOcyPiBp2RuBS3g=
Subject key identifier: 86:DD:28:A3:59:37:1B:09:33:04:63:5F:AA:1F:5F:BA:13:7F:C3:D7
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: BC55
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/280133B47E3911EFA67A4F91762E951A.roa
Signing time: Sun 29 Sep 2024 08:02:22 +0000
ROA not before: Sun 29 Sep 2024 08:02:19 +0000
ROA not after: Mon 30 Dec 2024 08:02:19 +0000
asID: 17561
IP address blocks: 156.255.28.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 48213 (0xbc55)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 29 08:02:19 2024 GMT
Not After : Dec 30 08:02:19 2024 GMT
Subject: CN=66f9098e-c90d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:9a:18:8b:49:21:f3:96:38:9b:d5:40:78:1d:
a2:81:85:d4:17:4f:8d:17:53:55:af:d8:b5:ec:a8:
e5:8c:91:d0:09:d9:84:b4:a5:16:b5:8f:e4:07:43:
4b:c8:ab:32:23:b9:88:34:39:47:bb:0f:eb:4c:ea:
8c:d3:28:45:d0:c7:d8:80:0b:0c:d4:6b:cb:51:59:
f8:f6:ba:c5:db:00:96:8f:5f:81:a1:5d:31:b7:a7:
6f:68:38:48:fe:89:63:f5:75:1a:ec:b0:f3:86:72:
be:fe:09:b8:c0:b8:ec:2e:ec:17:e4:fc:1a:e7:22:
a7:35:45:1b:b3:c7:4e:16:b5:cd:c0:72:08:54:b2:
40:d6:64:1e:70:32:25:e2:78:f8:48:66:cf:ba:33:
93:ea:5e:59:67:c4:9c:4a:d4:01:56:8f:83:be:b6:
92:58:63:cd:1d:95:f7:f2:22:3d:d0:98:42:b5:08:
e8:73:20:ec:aa:5c:e0:9d:61:38:49:29:d9:44:aa:
03:67:0f:22:2c:9e:43:07:bb:d3:2d:ae:30:85:41:
8f:3d:b6:50:0b:11:a1:6d:51:01:37:dd:db:c9:0e:
da:44:15:6e:e9:7e:5b:e0:35:f0:40:fc:e6:eb:92:
ae:41:6a:5f:e4:e7:a4:fc:03:13:42:0f:e0:55:87:
7e:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:DD:28:A3:59:37:1B:09:33:04:63:5F:AA:1F:5F:BA:13:7F:C3:D7
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/280133B47E3911EFA67A4F91762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.255.28.0/22
Signature Algorithm: sha256WithRSAEncryption
97:2a:f4:e6:91:d9:33:2f:d9:25:8b:d5:53:8f:99:94:64:11:
eb:ee:74:9f:44:39:e4:4a:5c:a1:61:e3:91:ff:54:47:82:38:
50:62:bc:73:80:a6:c9:90:e2:fa:9a:d3:b5:3a:e0:c5:a0:35:
cc:09:37:8d:17:de:7c:c5:80:99:be:d2:79:61:3a:e3:46:94:
cc:3a:3c:bd:1a:4e:29:be:5d:01:d3:95:f6:80:f7:6e:de:75:
00:af:49:88:54:e7:28:3e:55:87:07:72:66:2f:e0:ce:bb:f9:
74:e3:69:c4:89:43:9f:a4:af:52:7c:d4:f5:fe:e0:8d:e3:f1:
7a:f1:09:49:78:58:ef:73:1e:4b:bc:80:23:74:13:05:7f:2d:
d0:20:01:63:4b:d7:c0:7f:10:c9:1b:15:6d:19:6e:62:2f:8b:
c3:e7:74:8e:f5:34:0a:c7:e2:ca:17:7a:cb:b1:07:4c:ff:95:
a5:57:ea:80:96:c6:36:94:09:01:4d:86:90:12:ae:42:51:72:
c8:8d:63:ef:46:2f:59:86:e8:bc:e9:0f:24:8e:f9:f5:e0:c6:
83:c2:b1:c6:a3:60:58:ae:74:a7:ff:c9:ef:e5:74:24:29:94:
ec:47:d2:17:88:fe:2b:cb:b0:13:9f:f8:c0:86:df:e9:22:82:
9a:64:6e:7d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDALxVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwOTI5MDgwMjE5WhcNMjQxMjMwMDgwMjE5WjAYMRYw
FAYDVQQDEw02NmY5MDk4ZS1jOTBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtpoYi0kh85Y4m9VAeB2igYXUF0+NF1NVr9i17KjljJHQCdmEtKUWtY/k
B0NLyKsyI7mINDlHuw/rTOqM0yhF0MfYgAsM1GvLUVn49rrF2wCWj1+BoV0xt6dv
aDhI/olj9XUa7LDzhnK+/gm4wLjsLuwX5Pwa5yKnNUUbs8dOFrXNwHIIVLJA1mQe
cDIl4nj4SGbPujOT6l5ZZ8ScStQBVo+DvraSWGPNHZX38iI90JhCtQjocyDsqlzg
nWE4SSnZRKoDZw8iLJ5DB7vTLa4whUGPPbZQCxGhbVEBN93byQ7aRBVu6X5b4DXw
QPzm65KuQWpf5Oek/AMTQg/gVYd+QQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIbd
KKNZNxsJMwRjX6ofX7oTf8PXMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yODAxMzNCNDdFMzkxMUVGQTY3QTRGOTE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnP8cMA0GCSqGSIb3DQEBCwUA
A4IBAQCXKvTmkdkzL9kli9VTj5mUZBHr7nSfRDnkSlyhYeOR/1RHgjhQYrxzgKbJ
kOL6mtO1OuDFoDXMCTeNF958xYCZvtJ5YTrjRpTMOjy9Gk4pvl0B05X2gPdu3nUA
r0mIVOcoPlWHB3JmL+DOu/l042nEiUOfpK9SfNT1/uCN4/F68QlJeFjvcx5LvIAj
dBMFfy3QIAFjS9fAfxDJGxVtGW5iL4vD53SO9TQKx+LKF3rLsQdM/5WlV+qAlsY2
lAkBTYaQEq5CUXLIjWPvRi9Zhui86Q8kjvn14MaDwrHGo2BYrnSn/8nv5XQkKZTs
R9IXiP4ry7ATn/jAht/pIoKaZG59
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:22 2024 by rpki-client on console-fra.rpki-client.org