Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2F71060C3FBE11EEA01B4F7E4AD9E6FC.roa
File: 2F71060C3FBE11EEA01B4F7E4AD9E6FC.roa (raw, json)
Hash identifier: 4xw/4cvPGkyUxEf/E1MhjwO6ipO3Jx9tofFmt/psVO4=
Subject key identifier: 16:F4:CC:14:66:77:7B:D1:86:66:7B:EA:9E:AC:81:38:D7:F3:F6:11
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 369B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2F71060C3FBE11EEA01B4F7E4AD9E6FC.roa
Signing time: Mon 21 Aug 2023 01:00:57 +0000
ROA not before: Mon 21 Aug 2023 01:00:53 +0000
ROA not after: Sat 29 Nov 2025 01:00:53 +0000
asID: 133012
IP address blocks: 156.248.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13979 (0x369b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Aug 21 01:00:53 2023 GMT
Not After : Nov 29 01:00:53 2025 GMT
Subject: CN=64e2b749-d066
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:b7:39:60:3d:de:42:3c:fc:ca:4c:fc:92:94:
e4:51:97:a3:73:f5:cf:70:f1:df:35:f0:bf:30:2f:
d8:9f:4d:ff:c3:71:49:be:4c:41:3f:b4:b4:83:c5:
e8:3c:c7:71:26:96:27:8f:2f:78:f0:17:90:aa:6a:
f8:e8:49:48:cf:9e:2c:92:93:a7:72:10:36:84:2b:
d6:5d:ae:8e:78:29:28:49:67:bb:8e:07:55:90:a1:
5d:0f:70:2c:15:a8:9f:44:64:98:b3:f0:81:bb:aa:
63:d2:24:27:ff:42:db:99:35:fc:c4:23:11:50:ec:
e0:a7:95:3f:58:05:40:2d:27:5e:64:9b:d1:90:6c:
d2:14:8e:3d:0d:62:ac:d3:44:4d:b1:20:81:c3:60:
ea:38:54:5c:77:e7:43:92:d1:cb:ed:99:2a:94:e9:
42:1a:8e:de:c7:11:6e:96:a9:af:67:7b:27:2b:cd:
8f:d5:1f:37:15:7a:14:a2:97:c7:58:2f:3d:e6:d1:
e8:2d:31:b5:86:79:1d:ff:5f:75:56:86:cf:d0:22:
b5:09:67:b5:90:c9:ad:1e:8d:cd:80:dc:bd:e3:5f:
a0:a7:53:9d:38:14:85:73:ab:1b:2f:c6:97:17:8a:
55:c9:db:d0:15:f0:7d:ad:6a:1c:5b:42:ac:6b:7c:
ff:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:F4:CC:14:66:77:7B:D1:86:66:7B:EA:9E:AC:81:38:D7:F3:F6:11
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2F71060C3FBE11EEA01B4F7E4AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.248.3.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:5c:df:72:c3:6c:00:b4:26:20:8b:eb:c3:ca:23:8e:9b:1e:
25:4d:a5:d1:61:43:5d:1e:6f:b5:6f:bf:81:97:b4:12:b6:e0:
74:f6:56:34:6e:27:e0:40:d6:b0:63:d0:24:c0:fd:3b:03:b0:
be:84:61:c9:eb:fe:24:38:b6:a6:0a:f7:03:14:01:8d:11:53:
07:22:ea:49:0c:51:74:e6:d0:05:be:8a:f8:64:89:21:25:ae:
bb:22:c7:2a:fd:69:30:3a:cb:bf:ac:19:71:14:3d:d6:11:49:
e0:40:0e:22:96:6b:9f:5a:1b:75:f3:71:0a:ea:37:8e:0a:11:
d6:5c:c5:91:a5:cb:33:3e:b4:20:ff:de:5b:7c:d4:7c:09:52:
65:d0:e2:3e:c4:02:bc:d7:a8:f8:65:9e:3d:7b:7b:98:64:f8:
73:08:60:4c:60:d3:34:49:b0:df:9e:b5:9a:5d:7c:15:64:21:
e0:24:d4:a8:eb:63:05:44:63:5d:bf:59:41:3a:a1:76:51:8b:
d9:4e:af:97:5c:e5:83:91:61:c8:20:8c:d4:07:40:df:4b:42:
e8:e8:dc:e3:22:db:bf:8e:1a:80:ad:30:2f:bb:5a:e4:ed:7d:
ad:44:42:c4:0a:8f:55:21:52:a1:30:65:a3:23:ae:67:38:74:
ad:4f:bd:4a
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICNpswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBUjExMC8GA1UEBRMoNzk3RDg4RDgxM0UyMEZGRjk4MkNDNzQxOUU5NjlC
QUVBNkJGRDY5QjAeFw0yMzA4MjEwMTAwNTNaFw0yNTExMjkwMTAwNTNaMBgxFjAU
BgNVBAMTDTY0ZTJiNzQ5LWQwNjYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDQtzlgPd5CPPzKTPySlORRl6Nz9c9w8d818L8wL9ifTf/DcUm+TEE/tLSD
xeg8x3EmliePL3jwF5CqavjoSUjPniySk6dyEDaEK9Zdro54KShJZ7uOB1WQoV0P
cCwVqJ9EZJiz8IG7qmPSJCf/QtuZNfzEIxFQ7OCnlT9YBUAtJ15km9GQbNIUjj0N
YqzTRE2xIIHDYOo4VFx350OS0cvtmSqU6UIajt7HEW6Wqa9neycrzY/VHzcVehSi
l8dYLz3m0egtMbWGeR3/X3VWhs/QIrUJZ7WQya0ejc2A3L3jX6CnU504FIVzqxsv
xpcXilXJ29AV8H2tahxbQqxrfP9DAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUFvTM
FGZ3e9GGZnvqnqyBONfz9hEwHwYDVR0jBBgwFoAUeX2I2BPiD/+YLMdBnpabrqa/
1pswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVBMjI4L2VYMkky
QlBpRF8tWUxNZEJucGFicnFhXzFwcy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2VYMkkyQlBpRF8tWUxNZEJucGFicnFhXzFwcy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVB
MjI4LzJGNzEwNjBDM0ZCRTExRUVBMDFCNEY3RTRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACc+AMwDQYJKoZIhvcNAQELBQAD
ggEBAKJc33LDbAC0JiCL68PKI46bHiVNpdFhQ10eb7Vvv4GXtBK24HT2VjRuJ+BA
1rBj0CTA/TsDsL6EYcnr/iQ4tqYK9wMUAY0RUwci6kkMUXTm0AW+ivhkiSElrrsi
xyr9aTA6y7+sGXEUPdYRSeBADiKWa59aG3XzcQrqN44KEdZcxZGlyzM+tCD/3lt8
1HwJUmXQ4j7EArzXqPhlnj17e5hk+HMIYExg0zRJsN+etZpdfBVkIeAk1KjrYwVE
Y12/WUE6oXZRi9lOr5dc5YORYcggjNQHQN9LQujo3OMi27+OGoCtMC+7WuTtfa1E
QsQKj1UhUqEwZaMjrmc4dK1PvUo=
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:23 2024 by rpki-client on console-fra.rpki-client.org