Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2BA80D30983811EF90ABAF6F762E951A.roa
File: 2BA80D30983811EF90ABAF6F762E951A.roa (raw, json)
Hash identifier: 4RMuo58AQiYC7KDuVjJWzurrL6nuYzXTDvk9017TfCY=
Subject key identifier: C3:7F:83:A7:EF:E6:2F:3C:B8:2D:EC:F0:3E:81:87:BF:66:87:58:B6
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: CB9B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2BA80D30983811EF90ABAF6F762E951A.roa
Signing time: Fri 01 Nov 2024 10:00:49 +0000
ROA not before: Fri 01 Nov 2024 10:00:45 +0000
ROA not after: Mon 25 Nov 2024 10:00:45 +0000
asID: 398704
IP address blocks: 156.245.244.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 52123 (0xcb9b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 1 10:00:45 2024 GMT
Not After : Nov 25 10:00:45 2024 GMT
Subject: CN=6724a6d1-f539
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:64:9f:40:d6:93:0d:a4:83:83:3d:0f:d9:ff:
f1:91:7d:4b:80:cf:1e:a9:6e:94:61:47:fb:8c:fb:
ff:3a:c8:ea:8f:e5:34:16:e2:95:ef:18:8c:a7:cc:
cb:49:c5:6a:27:c3:39:e0:83:24:41:62:aa:cd:7e:
db:80:a9:bd:cd:77:38:39:f4:67:4b:c3:c4:7f:af:
4f:00:79:ea:fe:50:13:46:55:79:f7:98:e5:c9:e1:
56:d9:aa:0a:7e:5e:2e:af:4d:72:33:9c:79:56:78:
be:12:08:5a:b8:b9:ae:ef:79:3f:fe:d6:35:16:5b:
36:a4:8e:39:a0:ea:e7:8b:7d:22:0a:8d:5d:6f:64:
31:d0:f9:b3:88:52:c7:d7:55:1c:8f:61:7c:91:90:
2b:58:0c:ba:57:8c:d3:8e:27:8c:b9:da:96:cc:f3:
52:9f:35:bf:62:3f:60:1f:08:d9:29:af:7c:3c:a8:
1a:60:e6:c4:be:46:7c:b1:0f:9a:b6:56:e7:2a:53:
22:4c:e6:83:d1:11:d2:f0:c4:16:6c:6e:6c:1c:7a:
f0:0f:2d:e2:3f:37:72:23:30:1c:8b:4f:a9:19:a6:
dc:ec:3f:e2:21:26:fa:2e:39:f6:c6:05:49:ca:27:
02:b4:6f:48:46:f2:7d:c1:2a:13:f8:a7:34:39:53:
16:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:7F:83:A7:EF:E6:2F:3C:B8:2D:EC:F0:3E:81:87:BF:66:87:58:B6
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2BA80D30983811EF90ABAF6F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.245.244.0/22
Signature Algorithm: sha256WithRSAEncryption
95:80:d0:f6:cd:fa:d4:02:ba:cd:3b:2b:e9:63:5b:97:45:c1:
a8:08:ea:9d:51:fd:4b:da:92:17:e9:48:6f:bd:9f:00:5a:c1:
54:c1:c8:ba:94:4c:26:08:47:4f:73:d3:10:ad:13:6f:bb:ef:
6f:62:76:14:61:a8:74:3e:9a:7a:bd:39:e8:1d:91:51:71:5b:
25:20:9e:55:1e:6f:70:b7:65:e2:be:03:93:64:e1:36:9c:4c:
dc:3c:bf:fc:47:99:a9:ce:f2:fd:8d:96:52:20:20:7d:83:80:
e5:6f:60:14:0a:d7:88:2b:e9:70:30:6e:2f:5a:cd:9f:23:95:
d9:09:10:ea:14:f8:71:9f:71:47:c5:c5:16:56:4f:6e:14:19:
37:54:49:29:49:00:e9:f6:77:af:a2:00:a9:60:4b:bf:5f:24:
d0:c3:2c:bf:1b:ec:5c:28:2b:0b:40:a8:ad:fd:df:a9:13:f3:
14:20:02:b8:1d:ef:e7:b9:9a:67:4e:c8:31:5c:1c:33:df:a2:
53:39:72:83:1b:6b:94:dd:59:cb:c2:5c:e7:84:59:ed:0e:81:
bf:81:c3:04:3b:8d:57:d7:eb:90:bf:7b:d0:e9:aa:03:bc:d5:
b6:78:d7:a5:94:82:55:d9:eb:1b:8b:07:0d:d6:63:b7:bd:11:
16:55:ea:9f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAMubMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTAxMTAwMDQ1WhcNMjQxMTI1MTAwMDQ1WjAYMRYw
FAYDVQQDEw02NzI0YTZkMS1mNTM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApWSfQNaTDaSDgz0P2f/xkX1LgM8eqW6UYUf7jPv/Osjqj+U0FuKV7xiM
p8zLScVqJ8M54IMkQWKqzX7bgKm9zXc4OfRnS8PEf69PAHnq/lATRlV595jlyeFW
2aoKfl4ur01yM5x5Vni+EghauLmu73k//tY1Fls2pI45oOrni30iCo1db2Qx0Pmz
iFLH11Ucj2F8kZArWAy6V4zTjieMudqWzPNSnzW/Yj9gHwjZKa98PKgaYObEvkZ8
sQ+atlbnKlMiTOaD0RHS8MQWbG5sHHrwDy3iPzdyIzAci0+pGabc7D/iISb6Ljn2
xgVJyicCtG9IRvJ9wSoT+Kc0OVMWxwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMN/
g6fv5i88uC3s8D6Bh79mh1i2MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yQkE4MEQzMDk4MzgxMUVGOTBBQkFGNkY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnPX0MA0GCSqGSIb3DQEBCwUA
A4IBAQCVgND2zfrUArrNOyvpY1uXRcGoCOqdUf1L2pIX6UhvvZ8AWsFUwci6lEwm
CEdPc9MQrRNvu+9vYnYUYah0Ppp6vTnoHZFRcVslIJ5VHm9wt2XivgOTZOE2nEzc
PL/8R5mpzvL9jZZSICB9g4Dlb2AUCteIK+lwMG4vWs2fI5XZCRDqFPhxn3FHxcUW
Vk9uFBk3VEkpSQDp9nevogCpYEu/XyTQwyy/G+xcKCsLQKit/d+pE/MUIAK4He/n
uZpnTsgxXBwz36JTOXKDG2uU3VnLwlznhFntDoG/gcMEO41X1+uQv3vQ6aoDvNW2
eNellIJV2esbiwcN1mO3vREWVeqf
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:22 2024 by rpki-client on console-fra.rpki-client.org