Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2B36300A952E11EFBA3D79BF762E951A.roa
File: 2B36300A952E11EFBA3D79BF762E951A.roa (raw, json)
Hash identifier: W18UIpB/DuH4LQxpDClWEjDF7qykdHgz5Hblf4qUx0k=
Subject key identifier: 9B:30:42:15:3E:96:1F:B8:7E:BA:AF:7E:56:EC:CD:01:11:55:A4:25
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: C95C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2B36300A952E11EFBA3D79BF762E951A.roa
Signing time: Mon 28 Oct 2024 13:11:40 +0000
ROA not before: Mon 28 Oct 2024 13:11:36 +0000
ROA not after: Sat 30 Nov 2024 13:11:36 +0000
asID: 203020
IP address blocks: 156.228.12.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 51548 (0xc95c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Oct 28 13:11:36 2024 GMT
Not After : Nov 30 13:11:36 2024 GMT
Subject: CN=671f8d8c-8496
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:8a:fe:29:2a:bc:ac:4e:1a:d5:26:b7:fb:fa:
c1:c2:d0:33:fc:c0:28:ba:3b:85:3c:84:ca:4e:24:
9c:fb:1f:89:ac:8e:09:87:03:83:39:75:ed:6f:48:
ae:e3:d1:34:dc:ff:0c:e3:65:d6:c1:95:64:b7:8b:
cf:e3:be:aa:2b:1c:8f:40:08:c1:1a:b4:df:de:db:
86:cc:90:67:48:58:e1:82:a0:a0:d8:78:38:64:c5:
f6:62:b9:a1:04:e9:9a:a0:b6:77:6a:72:90:94:e3:
22:8b:72:ab:ac:87:33:1a:90:e7:bd:02:43:d8:91:
c3:e6:e5:10:2f:cb:2d:f5:9e:91:3b:3e:1e:57:9d:
da:f6:76:f9:0e:6b:e2:97:48:ec:23:e5:cd:26:25:
8c:1b:8e:80:af:6e:40:22:96:32:67:f6:34:9e:50:
a3:49:c1:f6:10:d0:96:0e:d4:45:9f:47:10:fb:03:
f1:78:e3:ae:87:19:f4:87:f5:58:1a:58:08:39:29:
92:f9:1d:24:d8:0e:27:ae:de:a9:98:c8:39:c5:1f:
49:85:d0:75:24:24:ad:2c:83:c4:80:38:7d:a9:20:
be:e6:1e:4d:f0:bd:05:5d:77:a4:6e:58:96:50:9e:
d1:68:34:44:fb:3d:40:56:3c:da:6b:97:bd:03:f4:
88:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:30:42:15:3E:96:1F:B8:7E:BA:AF:7E:56:EC:CD:01:11:55:A4:25
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2B36300A952E11EFBA3D79BF762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.12.0/24
Signature Algorithm: sha256WithRSAEncryption
88:12:3b:a5:7c:d7:42:c1:b4:98:47:15:18:5b:b0:17:6e:b6:
05:dc:1d:9c:65:db:68:21:1a:24:ce:b8:0c:af:cc:df:f4:d6:
cc:e3:d2:ad:cb:1c:f8:f2:52:1a:be:0d:f9:90:fb:9e:2d:a7:
50:93:d4:0f:52:71:02:42:f5:94:e1:1c:a8:5c:e6:34:ee:2d:
71:34:45:a7:74:6f:4d:6d:1e:2a:88:99:e8:74:ec:3c:d6:28:
b3:f0:25:d2:64:c7:9f:cc:f3:d0:d1:78:69:32:c0:46:53:23:
bb:1e:8a:22:b9:a5:15:1f:83:35:bb:c7:d8:cf:8a:78:76:34:
ad:c3:f4:c7:34:a7:3f:da:35:b9:33:5e:15:62:2e:63:29:98:
ea:c1:8c:cf:b2:cd:2b:2c:79:92:ba:1c:05:8f:0b:7b:7e:3a:
8b:01:63:43:2d:c8:6b:65:a3:67:13:81:ea:08:4a:89:8b:71:
34:ef:92:d3:c2:a8:96:72:f9:7c:d4:33:22:7f:9a:f4:8f:f6:
ee:86:e8:04:ef:15:f3:32:95:3f:2a:af:e0:9b:aa:01:58:4c:
a0:c0:6f:8a:d1:44:3f:58:f8:80:13:2f:10:e7:ab:06:3e:c1:
10:86:ee:cb:5d:83:2a:28:4d:ee:5e:e8:ef:aa:e0:06:03:d7:
ff:e3:a4:1b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAMlcMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMDI4MTMxMTM2WhcNMjQxMTMwMTMxMTM2WjAYMRYw
FAYDVQQDEw02NzFmOGQ4Yy04NDk2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwor+KSq8rE4a1Sa3+/rBwtAz/MAoujuFPITKTiSc+x+JrI4JhwODOXXt
b0iu49E03P8M42XWwZVkt4vP476qKxyPQAjBGrTf3tuGzJBnSFjhgqCg2Hg4ZMX2
YrmhBOmaoLZ3anKQlOMii3KrrIczGpDnvQJD2JHD5uUQL8st9Z6ROz4eV53a9nb5
Dmvil0jsI+XNJiWMG46Ar25AIpYyZ/Y0nlCjScH2ENCWDtRFn0cQ+wPxeOOuhxn0
h/VYGlgIOSmS+R0k2A4nrt6pmMg5xR9JhdB1JCStLIPEgDh9qSC+5h5N8L0FXXek
bliWUJ7RaDRE+z1AVjzaa5e9A/SIlQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJsw
QhU+lh+4frqvflbszQERVaQlMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yQjM2MzAwQTk1MkUxMUVGQkEzRDc5QkY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOQMMA0GCSqGSIb3DQEBCwUA
A4IBAQCIEjulfNdCwbSYRxUYW7AXbrYF3B2cZdtoIRokzrgMr8zf9NbM49Ktyxz4
8lIavg35kPueLadQk9QPUnECQvWU4RyoXOY07i1xNEWndG9NbR4qiJnodOw81iiz
8CXSZMefzPPQ0XhpMsBGUyO7HooiuaUVH4M1u8fYz4p4djStw/THNKc/2jW5M14V
Yi5jKZjqwYzPss0rLHmSuhwFjwt7fjqLAWNDLchrZaNnE4HqCEqJi3E075LTwqiW
cvl81DMif5r0j/buhugE7xXzMpU/Kq/gm6oBWEygwG+K0UQ/WPiAEy8Q56sGPsEQ
hu7LXYMqKE3uXujvquAGA9f/46Qb
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:24 2024 by rpki-client on console-ams.rpki-client.org