Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/297C7F38B66A11EE9FCE35B5775412E6.roa
File: 297C7F38B66A11EE9FCE35B5775412E6.roa (raw, json)
Hash identifier: tHZftfS/HeQlcw0YwcNuXq4syUyTrNi2wkWrVBLEoF4=
Subject key identifier: A1:40:1D:F4:12:56:E4:3A:58:FA:65:96:DA:0D:48:75:CC:2C:66:BF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 630A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/297C7F38B66A11EE9FCE35B5775412E6.roa
Signing time: Fri 19 Jan 2024 01:29:17 +0000
ROA not before: Fri 19 Jan 2024 01:29:14 +0000
ROA not after: Sat 18 Jan 2025 01:29:14 +0000
asID: 141518
IP address blocks: 156.242.16.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 08 May 2024 00:16:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25354 (0x630a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jan 19 01:29:14 2024 GMT
Not After : Jan 18 01:29:14 2025 GMT
Subject: CN=65a9d06d-c3ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:69:be:57:30:96:3a:93:15:c7:03:ee:2d:2c:
74:0d:46:00:18:b7:73:7d:a8:df:e9:52:12:cc:19:
80:1a:ef:a6:19:64:71:24:91:e0:37:77:60:ef:06:
83:21:86:79:10:93:d9:e2:31:ce:79:fb:a0:6d:3b:
f6:b0:bb:68:a2:55:0e:b8:9e:25:64:08:16:02:77:
36:41:c5:01:8c:9b:99:64:d7:27:22:66:e2:4a:18:
87:68:d6:ed:b3:c5:0e:48:2c:e7:53:2d:5e:b8:7b:
74:36:38:bb:26:22:1a:2a:0a:fb:d8:65:1b:98:cc:
e9:1b:3a:7b:7e:07:b7:c7:e2:59:b8:ca:b7:5e:1d:
75:f9:a4:b4:74:ad:a2:0f:2d:13:81:ff:4e:68:0c:
9f:ac:18:16:d4:e4:67:ef:bf:4f:ff:dd:af:7d:58:
12:ac:ef:6f:b5:d2:90:df:88:7e:f0:6e:82:1b:fd:
00:09:db:3e:49:77:ed:45:c0:57:a1:70:d8:ea:c7:
86:db:5b:a7:8c:9a:3b:bd:29:22:eb:2a:32:e6:2f:
11:b6:8f:26:ef:ec:97:70:e6:6e:38:ff:4b:59:74:
e8:01:a6:cd:da:4c:a3:cd:00:f2:a5:2e:5d:37:fb:
b6:91:b9:7d:9c:4f:d4:19:34:ba:b2:3d:1c:1b:37:
80:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:40:1D:F4:12:56:E4:3A:58:FA:65:96:DA:0D:48:75:CC:2C:66:BF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/297C7F38B66A11EE9FCE35B5775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.242.16.0/21
Signature Algorithm: sha256WithRSAEncryption
37:19:bf:85:b8:66:38:40:8d:41:36:6d:56:c0:05:8c:5e:4b:
2b:88:1b:b9:fb:b0:e8:d0:b7:4d:e9:97:21:82:ef:35:f5:7f:
7e:58:30:57:71:ec:2a:1f:0c:a0:8b:0a:a3:9a:df:42:b0:c9:
b2:d5:a7:c2:1b:45:c4:a0:c1:75:6b:92:0a:57:3e:d3:25:5f:
2f:91:36:fc:75:19:b3:e1:3d:d5:82:78:d5:15:74:a3:cf:e4:
f9:69:b4:c8:9e:a6:3c:79:e5:0c:e7:53:84:c3:b8:0a:02:ea:
c5:e7:88:e4:22:85:14:f6:47:92:57:cf:76:11:fa:0c:25:57:
f9:3b:06:02:94:bd:6e:20:02:32:7c:28:4b:46:cf:c8:6a:a9:
2b:7c:90:0d:ab:fd:ae:34:78:83:75:39:f3:d4:45:0d:0a:31:
60:38:a9:7e:28:ff:bd:be:aa:5a:f4:d3:09:33:e1:3d:04:28:
dc:40:cc:99:63:82:81:e5:11:8e:7f:20:26:6d:e9:43:80:45:
c1:c8:94:ae:8f:bb:18:d9:8c:8f:96:6d:bf:0e:bf:17:08:75:
0e:79:10:6f:74:27:06:a9:60:10:a8:66:a3:0f:e2:1b:f1:22:
9c:75:d1:ed:c4:02:37:95:8e:08:d3:4b:d5:41:d0:b6:da:59:
44:8f:04:1b
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICYwowDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OEYyRDBBUjExMC8GA1UEBRMoNzk3RDg4RDgxM0UyMEZGRjk4MkNDNzQxOUU5NjlC
QUVBNkJGRDY5QjAeFw0yNDAxMTkwMTI5MTRaFw0yNTAxMTgwMTI5MTRaMBgxFjAU
BgNVBAMTDTY1YTlkMDZkLWMzZWEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC0ab5XMJY6kxXHA+4tLHQNRgAYt3N9qN/pUhLMGYAa76YZZHEkkeA3d2Dv
BoMhhnkQk9niMc55+6BtO/awu2iiVQ64niVkCBYCdzZBxQGMm5lk1yciZuJKGIdo
1u2zxQ5ILOdTLV64e3Q2OLsmIhoqCvvYZRuYzOkbOnt+B7fH4lm4yrdeHXX5pLR0
raIPLROB/05oDJ+sGBbU5Gfvv0//3a99WBKs72+10pDfiH7wboIb/QAJ2z5Jd+1F
wFehcNjqx4bbW6eMmju9KSLrKjLmLxG2jybv7Jdw5m44/0tZdOgBps3aTKPNAPKl
Ll03+7aRuX2cT9QZNLqyPRwbN4AvAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUoUAd
9BJW5DpY+mWW2g1IdcwsZr8wHwYDVR0jBBgwFoAUeX2I2BPiD/+YLMdBnpabrqa/
1pswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVBMjI4L2VYMkky
QlBpRF8tWUxNZEJucGFicnFhXzFwcy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2VYMkkyQlBpRF8tWUxNZEJucGFicnFhXzFwcy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVB
MjI4LzI5N0M3RjM4QjY2QTExRUU5RkNFMzVCNTc3NTQxMkU2LnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAOc8hAwDQYJKoZIhvcNAQELBQAD
ggEBADcZv4W4ZjhAjUE2bVbABYxeSyuIG7n7sOjQt03plyGC7zX1f35YMFdx7Cof
DKCLCqOa30KwybLVp8IbRcSgwXVrkgpXPtMlXy+RNvx1GbPhPdWCeNUVdKPP5Plp
tMiepjx55QznU4TDuAoC6sXniOQihRT2R5JXz3YR+gwlV/k7BgKUvW4gAjJ8KEtG
z8hqqSt8kA2r/a40eIN1OfPURQ0KMWA4qX4o/72+qlr00wkz4T0EKNxAzJljgoHl
EY5/ICZt6UOARcHIlK6PuxjZjI+Wbb8OvxcIdQ55EG90JwapYBCoZqMP4hvxIpx1
0e3EAjeVjgjTS9VB0LbaWUSPBBs=
-----END CERTIFICATE-----
Generated at Mon May 6 09:08:06 2024 by rpki-client on console-fra.rpki-client.org