Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2FD22FC087CC11EF985D6F5A762E951A.roa
File: 2FD22FC087CC11EF985D6F5A762E951A.roa (raw, json)
Hash identifier: BXVd82cQxpCWpyFbJtBFfINRflXPFHaEft7RvvsMKlQ=
Subject key identifier: CF:85:DB:16:C1:2F:D2:FE:8C:B7:85:75:59:B7:C1:F6:48:A8:F3:2F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: C3E9
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2FD22FC087CC11EF985D6F5A762E951A.roa
Signing time: Fri 11 Oct 2024 12:27:32 +0000
ROA not before: Fri 11 Oct 2024 12:27:27 +0000
ROA not after: Fri 20 Dec 2024 12:27:27 +0000
asID: 135097
IP address blocks: 156.250.16.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 50153 (0xc3e9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Oct 11 12:27:27 2024 GMT
Not After : Dec 20 12:27:27 2024 GMT
Subject: CN=670919b4-4e45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:61:5d:dc:e9:fe:d3:1c:e7:8e:c8:74:e3:da:
2d:07:7f:27:eb:4a:4d:38:5f:d9:79:e4:28:ea:e3:
36:ec:30:9f:e9:69:60:8f:51:75:d2:78:dc:50:5c:
98:6c:28:e5:02:a5:13:1b:24:97:50:8f:00:32:43:
39:3e:4d:b0:20:c4:8f:38:ef:ba:38:f1:f4:2e:eb:
a8:4e:e3:10:00:30:c2:24:f2:b8:5f:00:df:55:44:
6f:00:e3:64:ba:3f:27:e8:1a:af:c3:8e:6a:57:b7:
96:37:93:1f:96:0d:4f:da:56:4f:01:40:f9:8f:5c:
1e:31:da:c5:79:70:f9:81:cb:8e:20:fe:08:47:bd:
06:45:27:24:93:15:b6:58:00:48:6e:cf:80:e2:96:
fb:38:b3:f9:05:63:07:a9:c2:a5:c7:c4:22:e2:f4:
e7:93:44:d5:04:99:05:89:ec:15:ef:2d:d0:19:ff:
3d:21:d3:33:e3:2d:e5:1b:d7:65:dc:26:96:db:4e:
1d:ac:1f:51:d5:a2:07:6b:e0:51:cc:36:8b:c8:5c:
c5:c6:50:50:8a:16:8f:0f:f0:63:70:9d:32:50:eb:
34:5d:3a:8e:f1:35:a2:5a:9c:53:c4:2a:17:32:9c:
67:29:95:f3:dc:32:14:22:5d:dd:3e:ce:8b:c1:c9:
8a:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:85:DB:16:C1:2F:D2:FE:8C:B7:85:75:59:B7:C1:F6:48:A8:F3:2F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2FD22FC087CC11EF985D6F5A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.250.16.0/20
Signature Algorithm: sha256WithRSAEncryption
1a:ea:38:38:74:58:f2:8a:e0:e0:94:4b:2d:a7:8f:db:f7:fa:
9f:63:f6:96:08:97:93:c4:3b:86:f4:07:26:f4:b1:da:16:3e:
b4:e5:82:34:a1:07:98:2e:cf:35:c5:3d:5c:cb:5f:ce:ee:5b:
12:16:8b:5d:e0:b9:84:08:a3:95:aa:e8:27:81:2b:45:13:45:
b3:55:fe:11:85:8d:19:ab:16:dc:bd:df:5c:bd:f6:5c:86:33:
f3:a0:fb:41:7b:4e:fd:89:bd:1a:9b:54:76:03:f6:ab:cc:f3:
ca:55:14:cb:0a:d6:50:47:25:e8:0e:86:82:76:04:f0:b2:7e:
30:d5:f4:95:9b:65:1d:98:9f:45:38:a3:3b:3f:b9:27:b5:7e:
60:e5:9f:07:cf:97:d7:47:5a:78:1a:f2:c6:92:12:d9:0e:39:
9e:ab:19:33:c5:20:3a:26:54:0e:fb:df:48:16:5e:c4:a6:2f:
69:4d:00:71:ab:93:d6:55:86:08:59:24:f1:7e:a3:07:ca:45:
95:2f:c6:7e:7b:9d:a0:00:53:e7:29:a8:a5:37:bc:a0:60:64:
03:00:7d:4d:b7:44:53:68:ea:3b:8d:bd:15:de:85:a3:66:df:
05:cf:52:1e:9c:01:76:a1:08:06:ce:3d:3b:6b:14:3c:5f:c9:
c6:1d:60:31
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAMPpMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMDExMTIyNzI3WhcNMjQxMjIwMTIyNzI3WjAYMRYw
FAYDVQQDEw02NzA5MTliNC00ZTQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1WFd3On+0xznjsh049otB38n60pNOF/ZeeQo6uM27DCf6Wlgj1F10njc
UFyYbCjlAqUTGySXUI8AMkM5Pk2wIMSPOO+6OPH0LuuoTuMQADDCJPK4XwDfVURv
AONkuj8n6Bqvw45qV7eWN5Mflg1P2lZPAUD5j1weMdrFeXD5gcuOIP4IR70GRSck
kxW2WABIbs+A4pb7OLP5BWMHqcKlx8Qi4vTnk0TVBJkFiewV7y3QGf89IdMz4y3l
G9dl3CaW204drB9R1aIHa+BRzDaLyFzFxlBQihaPD/BjcJ0yUOs0XTqO8TWiWpxT
xCoXMpxnKZXz3DIUIl3dPs6LwcmK6QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFM+F
2xbBL9L+jLeFdVm3wfZIqPMvMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yRkQyMkZDMDg3Q0MxMUVGOTg1RDZGNUE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnPoQMA0GCSqGSIb3DQEBCwUA
A4IBAQAa6jg4dFjyiuDglEstp4/b9/qfY/aWCJeTxDuG9Acm9LHaFj605YI0oQeY
Ls81xT1cy1/O7lsSFotd4LmECKOVqugngStFE0WzVf4RhY0Zqxbcvd9cvfZchjPz
oPtBe079ib0am1R2A/arzPPKVRTLCtZQRyXoDoaCdgTwsn4w1fSVm2UdmJ9FOKM7
P7kntX5g5Z8Hz5fXR1p4GvLGkhLZDjmeqxkzxSA6JlQO+99IFl7Epi9pTQBxq5PW
VYYIWSTxfqMHykWVL8Z+e52gAFPnKailN7ygYGQDAH1Nt0RTaOo7jb0V3oWjZt8F
z1IenAF2oQgGzj07axQ8X8nGHWAx
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:24 2024 by rpki-client on console-ams.rpki-client.org