Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/285CFC94FD3811EE8BCBE53C017001B1.roa
File: 285CFC94FD3811EE8BCBE53C017001B1.roa (raw, json)
Hash identifier: gIEPzt2r5XW3BizgY/yRK3hRmTF7e/5h3JsykGX2dI0=
Subject key identifier: 14:86:A1:A0:0E:B2:7B:8C:23:BF:E0:A8:B7:F9:24:B6:F2:1D:B6:55
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 8329
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/285CFC94FD3811EE8BCBE53C017001B1.roa
Signing time: Thu 18 Apr 2024 04:00:13 +0000
ROA not before: Thu 18 Apr 2024 04:00:10 +0000
ROA not after: Sat 27 Apr 2024 04:00:10 +0000
asID: 7018
IP address blocks: 156.249.48.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 27 Apr 2024 00:16:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 33577 (0x8329)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 18 04:00:10 2024 GMT
Not After : Apr 27 04:00:10 2024 GMT
Subject: CN=66209acd-6419
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:d2:97:78:3f:8a:9f:0d:8b:27:76:a3:66:f2:
05:83:81:50:d6:ac:e5:8f:a1:63:69:e7:32:09:a0:
ee:3e:83:13:9b:0c:5b:7c:53:f6:60:41:58:34:a1:
3f:4a:aa:fa:03:14:f2:d2:83:51:be:af:9b:77:b8:
ea:bd:ff:44:ed:d3:22:a2:d5:24:1a:72:df:f2:63:
17:40:88:e6:02:57:61:b0:2e:85:dd:f0:4e:16:b7:
75:d8:89:02:83:4f:43:d4:81:9b:b7:d1:30:1d:48:
ca:f3:17:40:ab:0b:d9:13:29:08:b8:99:2f:1c:6a:
f0:40:38:b9:1a:c1:9e:36:9b:e1:40:5c:31:cb:dc:
8f:1f:63:25:b0:c6:16:da:58:09:11:ec:10:da:97:
ef:a6:cf:15:35:31:ef:34:6c:5e:4a:95:0d:0e:9e:
2b:6d:a6:8c:79:a5:e8:92:83:8f:6a:24:85:45:bc:
88:38:e2:15:d4:f6:79:71:56:9f:f9:a9:ca:de:3b:
08:93:ee:14:a4:b2:86:47:0c:5a:22:71:5e:49:30:
09:a3:6b:cf:18:fd:d2:db:52:a6:6d:e9:26:00:23:
cb:18:f9:8a:9a:34:2a:e1:15:61:d2:06:88:05:e9:
7a:6b:ba:72:bf:7d:3e:79:ac:fc:7d:78:ee:78:0c:
88:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:86:A1:A0:0E:B2:7B:8C:23:BF:E0:A8:B7:F9:24:B6:F2:1D:B6:55
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/285CFC94FD3811EE8BCBE53C017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.249.48.0/21
Signature Algorithm: sha256WithRSAEncryption
91:aa:bc:a5:dd:19:b4:2f:8b:4c:ae:86:a3:4c:a2:e8:02:08:
4f:b1:80:4f:6c:f2:02:7a:3b:18:30:94:e3:b5:a6:41:30:3c:
d3:06:6e:c9:56:ec:89:88:b1:9c:6a:5f:68:ef:2b:7f:c5:be:
2d:fd:0f:ef:17:d2:b7:c7:9c:69:9e:a0:7a:83:2c:24:79:b3:
b5:de:cb:4a:d9:3d:25:ac:6f:ad:75:38:d9:f0:b3:a1:5c:26:
43:3f:c0:86:7e:dc:94:8e:c5:6e:14:2d:2e:4a:2a:9d:8c:a9:
06:b5:9d:79:26:8c:e2:6d:ff:61:b1:28:d4:2c:25:a7:22:73:
d1:d9:a2:aa:c3:7f:ae:3d:ea:c2:e3:57:8a:af:b5:63:ec:71:
a9:2c:35:1f:8c:99:70:3d:5b:19:50:22:85:f2:7e:23:2d:a2:
21:9c:fd:86:88:c5:ee:f8:6b:48:d8:88:6f:2d:31:7f:97:a2:
64:ef:4e:27:a0:97:2a:9c:ee:4d:13:74:d7:3b:d7:95:2f:00:
c5:c0:e6:f7:0f:36:89:9f:61:4d:55:3d:6c:77:8d:22:3c:61:
13:1f:24:80:9b:de:a7:9a:29:28:98:b4:1c:5e:05:e3:2b:26:
38:bc:e7:69:d8:22:cf:cd:25:97:2b:3f:ee:28:5e:76:52:d3:
ab:5e:6e:63
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAIMpMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNDE4MDQwMDEwWhcNMjQwNDI3MDQwMDEwWjAYMRYw
FAYDVQQDEw02NjIwOWFjZC02NDE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAotKXeD+Knw2LJ3ajZvIFg4FQ1qzlj6FjaecyCaDuPoMTmwxbfFP2YEFY
NKE/Sqr6AxTy0oNRvq+bd7jqvf9E7dMiotUkGnLf8mMXQIjmAldhsC6F3fBOFrd1
2IkCg09D1IGbt9EwHUjK8xdAqwvZEykIuJkvHGrwQDi5GsGeNpvhQFwxy9yPH2Ml
sMYW2lgJEewQ2pfvps8VNTHvNGxeSpUNDp4rbaaMeaXokoOPaiSFRbyIOOIV1PZ5
cVaf+anK3jsIk+4UpLKGRwxaInFeSTAJo2vPGP3S21KmbekmACPLGPmKmjQq4RVh
0gaIBel6a7pyv30+eaz8fXjueAyIeQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBSG
oaAOsnuMI7/gqLf5JLbyHbZVMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yODVDRkM5NEZEMzgxMUVFOEJDQkU1M0MwMTcwMDFCMS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnPkwMA0GCSqGSIb3DQEBCwUA
A4IBAQCRqryl3Rm0L4tMroajTKLoAghPsYBPbPICejsYMJTjtaZBMDzTBm7JVuyJ
iLGcal9o7yt/xb4t/Q/vF9K3x5xpnqB6gywkebO13stK2T0lrG+tdTjZ8LOhXCZD
P8CGftyUjsVuFC0uSiqdjKkGtZ15Jozibf9hsSjULCWnInPR2aKqw3+uPerC41eK
r7Vj7HGpLDUfjJlwPVsZUCKF8n4jLaIhnP2GiMXu+GtI2IhvLTF/l6Jk704noJcq
nO5NE3TXO9eVLwDFwOb3DzaJn2FNVT1sd40iPGETHySAm96nmikomLQcXgXjKyY4
vOdp2CLPzSWXKz/uKF52UtOrXm5j
-----END CERTIFICATE-----
Generated at Thu Apr 25 22:33:42 2024 by rpki-client on console-fra.rpki-client.org