Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2841B88E9EB011EFBD057EB1762E951A.roa
File: 2841B88E9EB011EFBD057EB1762E951A.roa (raw, json)
Hash identifier: qjYYVEc8dDMbiswCPq0MTt0QNkRcvWETWUp8SwgQjVM=
Subject key identifier: 69:83:66:7E:94:50:1C:AC:FE:E0:9C:4A:6A:EE:5E:AE:00:A4:E5:65
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D037
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2841B88E9EB011EFBD057EB1762E951A.roa
Signing time: Sat 09 Nov 2024 15:34:50 +0000
ROA not before: Sat 09 Nov 2024 15:34:46 +0000
ROA not after: Thu 12 Dec 2024 15:34:46 +0000
asID: 54600
IP address blocks: 156.236.128.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 53303 (0xd037)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 9 15:34:46 2024 GMT
Not After : Dec 12 15:34:46 2024 GMT
Subject: CN=672f811a-1dc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:06:38:77:95:84:02:84:90:ac:6a:a6:a6:3e:
ea:75:42:bd:07:f1:29:51:db:8c:77:51:25:3c:d1:
61:7d:4e:f3:9b:aa:03:38:22:cb:11:73:c0:c2:11:
f7:36:0d:88:e0:87:eb:06:cf:26:10:8a:65:1d:08:
d3:3c:53:cd:4d:51:cb:3a:be:ac:30:ee:5a:55:c8:
3d:f0:12:a6:a8:c9:79:99:1d:e8:0f:04:1c:da:83:
7c:88:53:20:57:a8:ca:df:75:f1:38:cf:f6:69:e3:
68:e3:b4:5c:b8:6c:03:ac:5e:79:0e:2c:29:6e:53:
d8:d9:78:53:30:57:13:8d:60:07:73:21:10:ce:c8:
5f:92:80:a5:ec:e3:21:65:3b:5e:6a:41:31:49:36:
d3:be:4c:f2:3c:df:cc:e9:08:00:c2:ff:0d:fc:3a:
ef:53:5b:5c:63:ad:2c:3f:d8:46:c5:79:87:48:03:
8e:84:cc:cf:e3:5c:df:c4:ed:f9:28:ab:14:12:3c:
b1:c1:91:44:e1:5c:a5:1d:5e:eb:0d:0e:95:7b:f7:
30:2d:1f:e5:a2:06:04:16:d7:fc:93:35:22:05:9f:
99:8d:13:4f:e6:93:07:4d:20:31:37:20:b9:c9:1a:
a9:ba:1c:66:4b:78:5a:50:1b:0a:22:92:5b:f7:17:
90:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:83:66:7E:94:50:1C:AC:FE:E0:9C:4A:6A:EE:5E:AE:00:A4:E5:65
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2841B88E9EB011EFBD057EB1762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.236.128.0/18
Signature Algorithm: sha256WithRSAEncryption
1c:8c:57:23:1f:2b:38:27:e2:49:be:e1:5a:02:d3:a7:bc:91:
01:d5:25:6a:3b:fb:ed:93:91:98:0b:9f:75:2c:35:c1:8d:9c:
18:6b:7e:0c:38:e6:46:4f:18:58:6f:18:45:97:1b:48:27:48:
83:12:46:e8:e9:50:58:c7:a0:06:c8:10:cf:ac:2b:c2:e8:82:
c2:d1:b5:df:60:ac:f6:21:ea:05:d4:cc:4d:ee:a1:35:8b:fa:
92:d5:af:b5:c8:cc:eb:6c:1d:5f:fe:08:da:e1:ac:51:81:c0:
25:58:bb:b6:86:5d:28:a7:22:13:15:ee:a4:a6:47:eb:e4:e5:
8f:1c:1f:6a:79:43:4e:79:59:7a:f4:88:09:c2:45:e3:ae:e4:
a0:bd:a5:f2:2a:61:bd:8a:98:a5:74:38:05:ea:9f:65:68:27:
e2:3f:bc:61:57:af:5b:1b:af:9b:07:65:3e:1e:f1:a4:f9:4c:
54:9c:6a:c2:18:b6:09:f4:5c:ae:c3:80:0d:d8:5a:5c:a5:2b:
5c:f6:ce:c7:6e:e7:c2:a3:57:ed:09:ce:68:41:00:79:8a:0f:
05:5f:63:64:29:11:e2:8f:be:fd:a3:7a:b9:e9:df:0b:1b:0b:
e7:69:de:2f:de:f4:5b:4d:6c:93:7c:1d:9a:51:c4:bf:4e:6e:
04:95:12:6e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANA3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTA5MTUzNDQ2WhcNMjQxMjEyMTUzNDQ2WjAYMRYw
FAYDVQQDEw02NzJmODExYS0xZGM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoQY4d5WEAoSQrGqmpj7qdUK9B/EpUduMd1ElPNFhfU7zm6oDOCLLEXPA
whH3Ng2I4IfrBs8mEIplHQjTPFPNTVHLOr6sMO5aVcg98BKmqMl5mR3oDwQc2oN8
iFMgV6jK33XxOM/2aeNo47RcuGwDrF55DiwpblPY2XhTMFcTjWAHcyEQzshfkoCl
7OMhZTteakExSTbTvkzyPN/M6QgAwv8N/DrvU1tcY60sP9hGxXmHSAOOhMzP41zf
xO35KKsUEjyxwZFE4VylHV7rDQ6Ve/cwLR/logYEFtf8kzUiBZ+ZjRNP5pMHTSAx
NyC5yRqpuhxmS3haUBsKIpJb9xeQ2wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGmD
Zn6UUBys/uCcSmruXq4ApOVlMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yODQxQjg4RTlFQjAxMUVGQkQwNTdFQjE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGnOyAMA0GCSqGSIb3DQEBCwUA
A4IBAQAcjFcjHys4J+JJvuFaAtOnvJEB1SVqO/vtk5GYC591LDXBjZwYa34MOOZG
TxhYbxhFlxtIJ0iDEkbo6VBYx6AGyBDPrCvC6ILC0bXfYKz2IeoF1MxN7qE1i/qS
1a+1yMzrbB1f/gja4axRgcAlWLu2hl0opyITFe6kpkfr5OWPHB9qeUNOeVl69IgJ
wkXjruSgvaXyKmG9ipildDgF6p9laCfiP7xhV69bG6+bB2U+HvGk+UxUnGrCGLYJ
9Fyuw4AN2FpcpStc9s7HbufCo1ftCc5oQQB5ig8FX2NkKRHij779o3q56d8LGwvn
ad4v3vRbTWyTfB2aUcS/Tm4ElRJu
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:22 2024 by rpki-client on console-fra.rpki-client.org