Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/28173C46021E11EFBB95B026017001B1.roa
File: 28173C46021E11EFBB95B026017001B1.roa (raw, json)
Hash identifier: y5x8/XJetqyQvB0evkTcL9tQL9oPav/iaz7HtYoxve8=
Subject key identifier: 7A:73:E6:BC:46:BB:7E:35:B2:A6:81:E2:28:10:BE:C6:4F:0A:E9:52
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 84BE
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/28173C46021E11EFBB95B026017001B1.roa
Signing time: Wed 24 Apr 2024 09:36:42 +0000
ROA not before: Wed 24 Apr 2024 09:36:38 +0000
ROA not after: Mon 29 Apr 2024 09:36:38 +0000
asID: 399077
IP address blocks: 156.248.78.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 29 Apr 2024 09:36:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 33982 (0x84be)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 24 09:36:38 2024 GMT
Not After : Apr 29 09:36:38 2024 GMT
Subject: CN=6628d2aa-e76a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:d9:b9:99:f3:08:24:7b:ae:30:e5:3b:9d:7d:
b3:88:b2:3e:cb:cf:fc:00:cf:e6:76:e9:df:58:f2:
6e:72:fe:74:09:fa:56:08:85:3e:e6:c0:e0:a5:15:
d6:5a:ba:f1:d0:5e:7b:c8:02:2e:ac:83:77:5c:9c:
99:3e:7f:39:25:d0:a3:97:e8:54:ac:7b:9c:07:aa:
23:d8:43:8e:39:0b:5e:ad:1c:1a:9a:d3:a1:4d:38:
5d:b5:fc:d0:9e:b7:e1:dc:db:71:3e:d3:9f:58:23:
eb:d2:d3:02:d0:96:ae:a7:da:87:4d:53:98:00:77:
9f:0a:29:1e:1b:0f:c7:e2:d5:20:ea:cf:30:10:98:
b6:1a:8b:73:d1:b9:d5:4f:f2:75:a0:77:ce:a7:ba:
e4:a9:0c:c5:52:53:d5:58:b6:7c:7c:30:21:7b:10:
ca:12:a3:4f:b4:4f:ee:df:22:41:cf:21:0c:00:19:
71:33:a1:63:3b:1b:b9:31:ec:26:c7:55:a1:c1:01:
7f:25:c5:38:8a:42:16:1b:25:c8:d1:04:a1:f0:e5:
ef:ec:0b:42:0d:30:fd:33:d7:fe:53:d8:23:42:fe:
45:51:32:3a:a3:71:bf:03:f0:6e:98:9b:31:94:fc:
d7:07:28:b4:33:30:ed:35:8d:b5:6f:07:f3:26:ac:
b5:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:73:E6:BC:46:BB:7E:35:B2:A6:81:E2:28:10:BE:C6:4F:0A:E9:52
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/28173C46021E11EFBB95B026017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.248.78.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:8d:05:f8:ed:3d:67:5a:54:74:ea:f8:8a:e3:d1:2b:17:e0:
93:bd:a9:93:14:40:22:93:6e:92:2b:ec:84:bc:30:77:63:b3:
f5:fe:b4:62:a3:58:5b:f2:35:95:e9:73:8f:7c:14:e6:99:98:
83:b8:7b:21:17:d5:45:54:07:b1:7d:2d:8c:84:45:2e:bd:a6:
cd:b8:49:12:05:91:d5:15:c7:24:ac:aa:54:e4:1c:b1:60:f1:
08:52:c7:37:4e:58:46:da:95:e5:e9:76:98:6d:8f:89:ee:7f:
e4:14:56:5f:69:0f:5e:db:a9:66:e9:7d:f3:32:cd:6e:c0:73:
9a:3c:60:01:9b:2e:9a:fe:cf:25:c1:73:ba:e7:50:fd:96:24:
78:fa:46:5b:e6:ce:3b:de:e2:db:f8:8a:86:1e:8d:63:da:ae:
b9:b6:26:f2:78:1f:c4:23:ba:7d:f1:6d:2c:a6:93:16:0d:07:
6b:47:87:3a:83:8b:df:2a:a2:90:cb:8d:a0:8b:8b:0d:6c:ce:
72:45:10:1f:e6:32:95:c6:c3:ed:d5:21:d1:f1:b2:03:53:43:
ee:56:aa:1c:2d:29:b7:c4:30:72:ad:0b:e9:74:10:5a:46:cd:
4a:fc:51:3d:3a:28:ce:39:78:41:d0:a7:78:2f:55:d6:b1:10:
a2:4d:2f:9f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAIS+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNDI0MDkzNjM4WhcNMjQwNDI5MDkzNjM4WjAYMRYw
FAYDVQQDEw02NjI4ZDJhYS1lNzZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtNm5mfMIJHuuMOU7nX2ziLI+y8/8AM/mdunfWPJucv50CfpWCIU+5sDg
pRXWWrrx0F57yAIurIN3XJyZPn85JdCjl+hUrHucB6oj2EOOOQterRwamtOhTThd
tfzQnrfh3NtxPtOfWCPr0tMC0Jaup9qHTVOYAHefCikeGw/H4tUg6s8wEJi2Gotz
0bnVT/J1oHfOp7rkqQzFUlPVWLZ8fDAhexDKEqNPtE/u3yJBzyEMABlxM6FjOxu5
Mewmx1WhwQF/JcU4ikIWGyXI0QSh8OXv7AtCDTD9M9f+U9gjQv5FUTI6o3G/A/Bu
mJsxlPzXByi0MzDtNY21bwfzJqy1XwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHpz
5rxGu341sqaB4igQvsZPCulSMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yODE3M0M0NjAyMUUxMUVGQkI5NUIwMjYwMTcwMDFCMS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPhOMA0GCSqGSIb3DQEBCwUA
A4IBAQC7jQX47T1nWlR06viK49ErF+CTvamTFEAik26SK+yEvDB3Y7P1/rRio1hb
8jWV6XOPfBTmmZiDuHshF9VFVAexfS2MhEUuvabNuEkSBZHVFcckrKpU5ByxYPEI
Usc3TlhG2pXl6XaYbY+J7n/kFFZfaQ9e26lm6X3zMs1uwHOaPGABmy6a/s8lwXO6
51D9liR4+kZb5s473uLb+IqGHo1j2q65tibyeB/EI7p98W0sppMWDQdrR4c6g4vf
KqKQy42gi4sNbM5yRRAf5jKVxsPt1SHR8bIDU0PuVqocLSm3xDByrQvpdBBaRs1K
/FE9OijOOXhB0Kd4L1XWsRCiTS+f
-----END CERTIFICATE-----
Generated at Mon Apr 29 07:56:20 2024 by rpki-client on console-ams.rpki-client.org