Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/308DD394A2E711EEBA49EE6AD25BE465.roa
File: 308DD394A2E711EEBA49EE6AD25BE465.roa (raw, json)
Hash identifier: RawhYuOBj+UiE6l6swerQRZScoHsgH940c4W3VEjaqA=
Subject key identifier: FA:DA:F5:1C:4A:8D:89:19:95:E0:80:45:97:6E:9E:4F:D1:07:F2:8D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 5906
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/308DD394A2E711EEBA49EE6AD25BE465.roa
Signing time: Mon 25 Dec 2023 05:33:53 +0000
ROA not before: Mon 25 Dec 2023 05:33:50 +0000
ROA not after: Mon 13 Jan 2025 05:33:50 +0000
asID: 139057
IP address blocks: 156.225.96.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22790 (0x5906)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Dec 25 05:33:50 2023 GMT
Not After : Jan 13 05:33:50 2025 GMT
Subject: CN=65891441-0310
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:45:a5:b8:e5:c8:d0:0c:3e:83:b8:8e:c2:5d:
d0:c1:64:b2:41:cd:97:84:38:08:3c:78:aa:bf:8a:
61:17:41:9c:46:23:50:ff:54:e9:88:b3:e1:64:bc:
98:ac:5d:52:49:b7:1a:7e:2c:ac:99:97:99:f3:20:
e4:36:1d:a0:bf:ca:64:8f:fc:77:b7:b6:28:fc:bd:
e2:8f:8a:15:90:20:fb:f8:41:f7:1d:c4:48:a8:e5:
ad:2a:bf:2e:37:63:6c:5a:c3:6b:dd:13:aa:fc:8e:
0d:fb:85:17:57:fb:1a:17:0d:42:fa:c6:8c:5d:10:
99:e8:e2:4f:b9:03:f0:41:f2:2d:64:74:0c:b0:9e:
12:2f:24:f8:44:a3:f2:f8:83:96:46:16:5a:3a:3a:
4c:96:b0:6c:15:0f:da:fa:eb:be:03:2f:76:b0:31:
51:7d:31:75:33:8e:6d:6f:c4:38:82:5c:36:ec:52:
12:93:8b:f6:01:20:b2:09:41:ad:db:eb:52:39:56:
57:93:25:d0:17:a2:4c:13:f7:77:c6:fa:73:1b:4c:
63:cd:80:fc:8c:19:2d:be:be:e5:07:07:86:4d:66:
5c:ae:37:41:9b:55:60:d7:78:6d:5f:2e:58:36:20:
45:f8:ee:24:d7:cf:07:6c:27:0e:cd:3d:9e:c4:9b:
04:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:DA:F5:1C:4A:8D:89:19:95:E0:80:45:97:6E:9E:4F:D1:07:F2:8D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/308DD394A2E711EEBA49EE6AD25BE465.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.96.0/24
Signature Algorithm: sha256WithRSAEncryption
09:1f:b8:4f:7b:17:ad:41:cd:32:db:48:c4:6b:ef:a7:15:34:
c9:41:5d:cd:90:ad:4f:f4:97:20:8f:ba:9e:49:37:fc:d4:3d:
4f:7c:13:3b:57:38:9c:63:e4:0e:6c:13:82:6c:02:9f:28:ec:
d0:55:d2:61:4e:68:b8:d6:a5:1a:5b:b1:cb:f5:a8:8f:4a:76:
a1:ab:58:88:d0:2f:f9:36:c0:e0:a4:23:28:fd:e7:c7:31:2e:
3c:27:20:a0:bd:2f:1b:5f:f3:34:37:6a:8c:96:2e:65:e3:a1:
00:59:04:46:ba:2f:eb:3c:f4:0b:ad:e2:02:8f:15:f4:a6:85:
98:78:6c:18:e6:de:a8:e3:64:cf:6c:8e:54:4e:32:3b:39:46:
e1:ea:4a:3e:a5:b3:a9:65:75:7b:37:bb:58:5e:31:9e:ab:b1:
71:09:8e:9c:3d:f7:be:55:cd:27:15:76:46:69:a9:9f:56:40:
7b:b5:9b:9e:1f:22:c9:61:8d:c9:3f:eb:a7:aa:f5:b6:77:b3:
ed:f5:18:e7:68:b3:81:0f:54:f7:e9:c8:2d:41:7b:e7:d4:60:
5a:30:3f:8e:73:35:b4:5d:05:16:7a:4e:e6:5d:0c:cd:54:f2:
0b:20:65:75:e7:55:18:0b:cc:71:dd:f1:12:7b:04:c3:1e:1c:
dd:60:f4:d1
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICWQYwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBUjExMC8GA1UEBRMoNzk3RDg4RDgxM0UyMEZGRjk4MkNDNzQxOUU5NjlC
QUVBNkJGRDY5QjAeFw0yMzEyMjUwNTMzNTBaFw0yNTAxMTMwNTMzNTBaMBgxFjAU
BgNVBAMTDTY1ODkxNDQxLTAzMTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCtRaW45cjQDD6DuI7CXdDBZLJBzZeEOAg8eKq/imEXQZxGI1D/VOmIs+Fk
vJisXVJJtxp+LKyZl5nzIOQ2HaC/ymSP/He3tij8veKPihWQIPv4QfcdxEio5a0q
vy43Y2xaw2vdE6r8jg37hRdX+xoXDUL6xoxdEJno4k+5A/BB8i1kdAywnhIvJPhE
o/L4g5ZGFlo6OkyWsGwVD9r6674DL3awMVF9MXUzjm1vxDiCXDbsUhKTi/YBILIJ
Qa3b61I5VleTJdAXokwT93fG+nMbTGPNgPyMGS2+vuUHB4ZNZlyuN0GbVWDXeG1f
Llg2IEX47iTXzwdsJw7NPZ7EmwSPAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQU+tr1
HEqNiRmV4IBFl26eT9EH8o0wHwYDVR0jBBgwFoAUeX2I2BPiD/+YLMdBnpabrqa/
1pswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVBMjI4L2VYMkky
QlBpRF8tWUxNZEJucGFicnFhXzFwcy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2VYMkkyQlBpRF8tWUxNZEJucGFicnFhXzFwcy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVB
MjI4LzMwOEREMzk0QTJFNzExRUVCQTQ5RUU2QUQyNUJFNDY1LnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACc4WAwDQYJKoZIhvcNAQELBQAD
ggEBAAkfuE97F61BzTLbSMRr76cVNMlBXc2QrU/0lyCPup5JN/zUPU98EztXOJxj
5A5sE4JsAp8o7NBV0mFOaLjWpRpbscv1qI9KdqGrWIjQL/k2wOCkIyj958cxLjwn
IKC9Lxtf8zQ3aoyWLmXjoQBZBEa6L+s89Aut4gKPFfSmhZh4bBjm3qjjZM9sjlRO
Mjs5RuHqSj6ls6lldXs3u1heMZ6rsXEJjpw9975VzScVdkZpqZ9WQHu1m54fIslh
jck/66eq9bZ3s+31GOdos4EPVPfpyC1Be+fUYFowP45zNbRdBRZ6TuZdDM1U8gsg
ZXXnVRgLzHHd8RJ7BMMeHN1g9NE=
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:23 2024 by rpki-client on console-fra.rpki-client.org