Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2DAA4ECA87C811EFA82A5C42762E951A.roa
File: 2DAA4ECA87C811EFA82A5C42762E951A.roa (raw, json)
Hash identifier: CILSR6ev33v54RyT0CooW+X8Kkg2BbRscaimez7gmnM=
Subject key identifier: 62:F3:8E:2F:60:59:8A:02:2A:92:1E:55:FA:C4:A0:B4:AC:16:DA:66
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: C3D1
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2DAA4ECA87C811EFA82A5C42762E951A.roa
Signing time: Fri 11 Oct 2024 11:58:50 +0000
ROA not before: Fri 11 Oct 2024 11:58:47 +0000
ROA not after: Wed 08 Jan 2025 11:58:47 +0000
asID: 136907
IP address blocks: 156.253.16.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 50129 (0xc3d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Oct 11 11:58:47 2024 GMT
Not After : Jan 8 11:58:47 2025 GMT
Subject: CN=670912fa-7f38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:25:cf:ba:63:bd:20:65:a1:46:2b:1d:2b:02:
31:cf:6b:47:82:81:c2:52:c1:bd:a5:c3:b2:6c:dd:
2e:4a:43:c6:ca:eb:ac:bf:49:8b:45:21:82:7d:fa:
ed:8d:9b:8a:cd:81:52:0c:b0:c6:59:44:85:0c:b3:
eb:0b:cd:8e:9a:98:94:7c:30:8f:d6:25:1c:b1:f1:
bd:86:26:ed:25:66:03:e6:38:5a:36:37:11:fe:da:
e2:22:5e:86:3c:e9:7a:94:fe:1f:fe:ac:9f:7a:e7:
78:b7:44:55:74:47:12:6c:1f:c6:de:a6:09:02:c8:
55:c5:b7:87:2e:f6:e0:00:0d:b0:33:1e:11:b7:c0:
2a:60:c1:1a:e0:49:b6:0e:cc:d6:98:f6:57:66:0b:
d0:f7:7b:b9:74:01:c8:68:bd:be:6a:c3:46:e6:04:
e6:6b:64:f7:19:66:2c:51:94:2a:01:be:cb:91:77:
ab:c4:7a:82:91:18:68:5e:e3:cd:cf:24:09:39:4e:
d9:78:28:1f:36:08:97:03:b6:df:af:e0:11:85:c3:
07:ca:51:de:69:d2:bf:35:15:08:ba:36:d6:9e:09:
b8:2b:2b:0c:a3:29:dc:87:90:7e:83:2c:4f:df:b6:
ba:1b:38:82:56:9e:72:db:40:8e:de:20:de:06:9a:
fc:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:F3:8E:2F:60:59:8A:02:2A:92:1E:55:FA:C4:A0:B4:AC:16:DA:66
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2DAA4ECA87C811EFA82A5C42762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.253.16.0/20
Signature Algorithm: sha256WithRSAEncryption
78:7d:81:fc:8b:68:83:3f:15:f1:9f:dc:41:65:55:8c:4f:2d:
08:a1:77:2c:df:1f:79:1e:61:d5:e2:dc:eb:9e:3c:50:ce:b0:
6c:2b:8f:6a:28:3c:cf:33:43:3a:44:78:a0:3d:25:81:9b:dc:
7c:dc:58:7c:3e:c8:fa:6c:1a:b7:5a:14:2d:57:1f:50:3b:7e:
dd:95:9c:e4:03:03:52:33:01:13:e8:a3:c3:69:1b:e6:e3:fb:
7e:d1:79:b6:41:29:c7:24:d6:9d:d5:b7:05:6e:b3:56:8b:a4:
90:bf:52:3e:35:ec:66:2a:68:f2:1e:8e:9b:3a:08:5f:52:3f:
35:07:3b:34:ad:0a:99:95:ce:a9:0b:f7:ee:19:17:15:15:31:
5f:84:4a:d1:74:4f:2e:7a:6e:3a:33:0f:bc:6d:30:76:23:2a:
56:6c:d8:1d:e9:c1:31:64:04:ed:54:a3:a4:e0:65:0a:4b:0e:
8f:74:c4:2e:49:c1:34:73:e2:7b:84:5b:49:01:ee:fe:64:b4:
cd:ac:29:9f:2d:d2:e6:86:00:3d:8d:80:4a:18:ec:01:05:a0:
06:3b:01:ef:a3:8f:f0:9a:a3:c3:12:f6:83:56:0d:a3:0a:15:
43:22:cd:16:7c:c4:76:fb:9c:65:5d:d8:c7:e6:e9:a0:c2:6c:
29:1e:94:b1
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAMPRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMDExMTE1ODQ3WhcNMjUwMTA4MTE1ODQ3WjAYMRYw
FAYDVQQDEw02NzA5MTJmYS03ZjM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAziXPumO9IGWhRisdKwIxz2tHgoHCUsG9pcOybN0uSkPGyuusv0mLRSGC
ffrtjZuKzYFSDLDGWUSFDLPrC82OmpiUfDCP1iUcsfG9hibtJWYD5jhaNjcR/tri
Il6GPOl6lP4f/qyfeud4t0RVdEcSbB/G3qYJAshVxbeHLvbgAA2wMx4Rt8AqYMEa
4Em2DszWmPZXZgvQ93u5dAHIaL2+asNG5gTma2T3GWYsUZQqAb7LkXerxHqCkRho
XuPNzyQJOU7ZeCgfNgiXA7bfr+ARhcMHylHeadK/NRUIujbWngm4KysMoynch5B+
gyxP37a6GziCVp5y20CO3iDeBpr8AwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGLz
ji9gWYoCKpIeVfrEoLSsFtpmMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yREFBNEVDQTg3QzgxMUVGQTgyQTVDNDI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnP0QMA0GCSqGSIb3DQEBCwUA
A4IBAQB4fYH8i2iDPxXxn9xBZVWMTy0IoXcs3x95HmHV4tzrnjxQzrBsK49qKDzP
M0M6RHigPSWBm9x83Fh8Psj6bBq3WhQtVx9QO37dlZzkAwNSMwET6KPDaRvm4/t+
0Xm2QSnHJNad1bcFbrNWi6SQv1I+NexmKmjyHo6bOghfUj81Bzs0rQqZlc6pC/fu
GRcVFTFfhErRdE8uem46Mw+8bTB2IypWbNgd6cExZATtVKOk4GUKSw6PdMQuScE0
c+J7hFtJAe7+ZLTNrCmfLdLmhgA9jYBKGOwBBaAGOwHvo4/wmqPDEvaDVg2jChVD
Is0WfMR2+5xlXdjH5umgwmwpHpSx
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:24 2024 by rpki-client on console-ams.rpki-client.org