Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2CE9AD6EA33911EF90EE3779762E951A.roa
File: 2CE9AD6EA33911EF90EE3779762E951A.roa (raw, json)
Hash identifier: by+adCBEBEGScu9IkiEUw0Q6BtzZEVu0wVg1E02Vjxk=
Subject key identifier: 9D:5A:B3:C9:49:CF:1D:10:0C:4A:21:5E:E6:73:F5:6D:14:78:4D:2B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D323
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2CE9AD6EA33911EF90EE3779762E951A.roa
Signing time: Fri 15 Nov 2024 10:05:43 +0000
ROA not before: Fri 15 Nov 2024 10:05:40 +0000
ROA not after: Sat 23 Nov 2024 10:05:40 +0000
asID: 151979
IP address blocks: 156.247.32.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 54051 (0xd323)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 15 10:05:40 2024 GMT
Not After : Nov 23 10:05:40 2024 GMT
Subject: CN=67371cf7-495b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:01:c7:97:8d:d2:af:ac:66:96:25:52:bd:c6:
73:54:3f:e4:3b:ec:fc:75:64:11:31:4d:2f:bf:ec:
87:19:27:b3:2a:cd:4f:d6:e2:65:2c:fe:ce:72:11:
5b:35:bd:10:2e:45:42:a9:2a:fe:71:e3:a1:b4:8f:
b5:a2:07:21:30:f0:5c:cd:15:41:53:24:5a:ca:60:
2a:31:fc:ba:dc:1d:56:d6:21:b1:b4:5e:2a:ac:a7:
f5:a6:00:86:63:d2:4d:4e:b4:4a:5f:b5:3a:a6:7f:
b4:19:ab:9a:50:c2:24:8b:a9:17:80:cd:83:9a:ed:
35:ec:b1:1c:3a:4e:53:2c:13:04:1d:8f:09:26:30:
58:05:ae:6e:1f:d5:68:3c:e9:17:f7:39:21:23:bf:
7a:fd:97:78:c3:0f:f5:8a:24:d8:34:c1:fd:de:c6:
f4:94:f3:93:de:7a:7d:d2:0d:e3:0b:8b:82:e1:3d:
3b:06:74:0a:1f:63:42:5f:19:79:e8:20:48:83:e9:
9d:0a:bf:ff:c6:3b:7a:1b:64:e3:6c:fd:d3:4a:12:
35:34:ef:03:c9:a1:0e:50:eb:f1:da:a4:47:bb:ac:
d1:dc:dc:8d:de:54:c0:2a:79:6b:17:4f:09:26:ff:
16:f6:29:20:0e:94:12:db:d9:ba:c2:d4:5e:4d:a8:
36:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:5A:B3:C9:49:CF:1D:10:0C:4A:21:5E:E6:73:F5:6D:14:78:4D:2B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2CE9AD6EA33911EF90EE3779762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.247.32.0/19
Signature Algorithm: sha256WithRSAEncryption
0e:bd:33:bc:5f:06:08:1f:e7:c7:b8:36:78:ac:08:44:8f:5d:
0c:da:7a:7c:74:ec:b3:7a:be:3f:af:6f:ef:f1:67:13:f6:66:
1c:7d:fb:34:7b:88:f0:8f:42:20:f9:0c:5a:f4:87:b2:1b:58:
46:7a:7d:ab:77:8f:40:c1:04:77:69:dd:e9:10:09:9c:e5:a7:
1c:88:88:d3:97:9c:f0:0b:45:01:55:fa:88:9a:2a:c6:6a:96:
a7:5a:1d:44:9d:ff:c7:c1:96:ec:99:69:de:b0:c5:e1:ef:5a:
f7:38:19:29:e8:c6:8d:cf:6f:1c:6e:1a:7d:bf:98:94:5a:73:
de:8f:9f:b4:be:1f:67:3d:06:f2:4f:35:22:0f:03:6e:b1:9c:
56:2a:c9:0a:06:8a:31:fc:6a:1c:33:b3:e0:1c:00:2c:11:ba:
96:27:24:3f:9a:98:aa:95:d8:3e:25:b8:10:c3:97:8b:2a:ab:
d7:33:c3:10:7d:41:ca:4c:83:2b:a7:6b:85:ab:e4:07:d2:b4:
4c:f2:03:58:28:8c:0e:2c:fc:f8:d2:f6:10:fb:f3:9d:81:ec:
cb:bc:5e:25:ae:23:63:d5:de:cc:b9:51:21:8e:5a:c4:d6:7b:
17:a8:9c:4c:40:65:a7:95:f6:16:28:40:49:71:2b:f2:b3:b1:
3a:26:af:e5
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANMjMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTE1MTAwNTQwWhcNMjQxMTIzMTAwNTQwWjAYMRYw
FAYDVQQDEw02NzM3MWNmNy00OTViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzgHHl43Sr6xmliVSvcZzVD/kO+z8dWQRMU0vv+yHGSezKs1P1uJlLP7O
chFbNb0QLkVCqSr+ceOhtI+1ogchMPBczRVBUyRaymAqMfy63B1W1iGxtF4qrKf1
pgCGY9JNTrRKX7U6pn+0GauaUMIki6kXgM2Dmu017LEcOk5TLBMEHY8JJjBYBa5u
H9VoPOkX9zkhI796/Zd4ww/1iiTYNMH93sb0lPOT3np90g3jC4uC4T07BnQKH2NC
Xxl56CBIg+mdCr//xjt6G2TjbP3TShI1NO8DyaEOUOvx2qRHu6zR3NyN3lTAKnlr
F08JJv8W9ikgDpQS29m6wtReTag24QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJ1a
s8lJzx0QDEohXuZz9W0UeE0rMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yQ0U5QUQ2RUEzMzkxMUVGOTBFRTM3Nzk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFnPcgMA0GCSqGSIb3DQEBCwUA
A4IBAQAOvTO8XwYIH+fHuDZ4rAhEj10M2np8dOyzer4/r2/v8WcT9mYcffs0e4jw
j0Ig+Qxa9IeyG1hGen2rd49AwQR3ad3pEAmc5acciIjTl5zwC0UBVfqImirGapan
Wh1Enf/HwZbsmWnesMXh71r3OBkp6MaNz28cbhp9v5iUWnPej5+0vh9nPQbyTzUi
DwNusZxWKskKBoox/GocM7PgHAAsEbqWJyQ/mpiqldg+JbgQw5eLKqvXM8MQfUHK
TIMrp2uFq+QH0rRM8gNYKIwOLPz40vYQ+/OdgezLvF4lriNj1d7MuVEhjlrE1nsX
qJxMQGWnlfYWKEBJcSvys7E6Jq/l
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:22 2024 by rpki-client on console-fra.rpki-client.org