Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/30FA813C5EF411EFA48B77A6762E951A.roa
File: 30FA813C5EF411EFA48B77A6762E951A.roa (raw, json)
Hash identifier: 5MT3E32q9Jws/9a+6mlUj6+fw5uyBUAO2F7izCmlYss=
Subject key identifier: 71:3B:E6:91:05:2C:76:62:5F:25:E7:2A:84:7C:C7:9C:F0:A5:8D:43
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: AA0A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/30FA813C5EF411EFA48B77A6762E951A.roa
Signing time: Tue 20 Aug 2024 13:00:36 +0000
ROA not before: Tue 20 Aug 2024 13:00:30 +0000
ROA not after: Tue 27 May 2025 13:00:30 +0000
asID: 399077
IP address blocks: 156.251.10.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43530 (0xaa0a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Aug 20 13:00:30 2024 GMT
Not After : May 27 13:00:30 2025 GMT
Subject: CN=66c49374-6168
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:16:ab:31:a9:f1:d3:d0:96:52:c6:5e:53:31:
45:9b:f8:66:bb:18:0f:62:4f:67:90:19:79:f3:8f:
80:fb:39:59:7d:96:9f:a4:b8:cf:18:1e:40:6c:e9:
12:7d:02:0a:89:34:a3:3c:fd:fb:43:7f:8e:1f:21:
9e:34:b1:b7:63:2e:4e:8f:65:42:f8:fc:8e:48:91:
08:ee:e3:ba:3a:19:59:eb:62:65:37:6a:41:93:29:
07:81:3f:6f:48:51:16:e2:54:53:a1:fd:20:e7:59:
fd:9f:04:01:1a:b7:e7:4b:bb:9b:33:70:c0:ff:2c:
ba:b4:59:5e:ba:7b:b9:f3:5a:86:e3:95:db:ac:02:
d8:e4:84:70:b2:1d:e1:a5:28:ea:64:cf:ee:dc:37:
9c:22:dc:be:d4:72:69:51:fa:e7:1f:fe:84:72:a0:
91:ea:ba:35:0c:15:e2:92:b4:e9:45:f6:01:f5:a1:
b7:84:e0:3f:33:a4:d1:49:e0:76:ba:c3:4f:f9:22:
54:43:ba:67:c6:b3:b4:96:18:7a:05:80:55:9a:06:
8c:4d:f4:85:32:28:56:df:9c:ea:05:6f:4f:ad:7c:
fc:c7:f5:e8:53:7a:b4:1f:cc:db:4d:b3:1a:9d:c7:
8d:bb:da:a9:d3:e7:2d:34:76:6f:06:47:a5:53:10:
3d:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:3B:E6:91:05:2C:76:62:5F:25:E7:2A:84:7C:C7:9C:F0:A5:8D:43
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/30FA813C5EF411EFA48B77A6762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.251.10.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:84:33:24:63:d7:29:26:c6:93:2e:a3:a3:89:61:ca:25:46:
76:0e:7c:d5:98:b0:dd:d8:5a:33:ef:2d:f8:b7:8b:3a:21:72:
0c:ef:e7:f3:85:40:9d:9f:df:d7:7c:c0:15:09:77:7c:f7:3f:
3b:1e:ac:11:a9:b4:32:34:39:89:23:aa:05:c2:a3:66:5c:57:
9a:5a:c0:68:d8:99:fe:64:17:0b:ea:7d:d1:33:4b:87:19:b9:
aa:28:7d:72:a5:c7:92:8a:5e:9f:34:dd:36:67:49:e2:a5:9f:
bf:c8:71:63:8a:45:34:94:88:0f:38:40:82:5e:fc:6e:3f:7a:
50:8b:46:23:54:34:50:00:ab:e9:e8:79:6f:d8:ea:52:b8:9a:
68:bd:1d:0c:e8:50:8c:9c:af:8b:e3:dd:ca:15:0c:2a:9d:74:
2a:58:d1:ef:00:5d:4d:63:2f:ad:e7:ce:3c:3b:96:84:ad:9e:
09:6b:69:76:61:2f:bb:87:b6:44:a9:33:35:81:a8:00:53:70:
e6:f7:b6:ea:e3:f9:71:08:00:a0:14:c6:b1:27:dc:70:89:bd:
c2:a2:65:bd:64:ae:40:e6:ba:19:25:cd:32:8d:b2:b9:99:d3:
59:10:63:83:0a:b7:b4:90:06:19:b7:90:64:19:c7:28:37:45:
9c:e4:36:aa
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAKoKMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwODIwMTMwMDMwWhcNMjUwNTI3MTMwMDMwWjAYMRYw
FAYDVQQDEw02NmM0OTM3NC02MTY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuharManx09CWUsZeUzFFm/hmuxgPYk9nkBl584+A+zlZfZafpLjPGB5A
bOkSfQIKiTSjPP37Q3+OHyGeNLG3Yy5Oj2VC+PyOSJEI7uO6OhlZ62JlN2pBkykH
gT9vSFEW4lRTof0g51n9nwQBGrfnS7ubM3DA/yy6tFleunu581qG45XbrALY5IRw
sh3hpSjqZM/u3DecIty+1HJpUfrnH/6EcqCR6ro1DBXikrTpRfYB9aG3hOA/M6TR
SeB2usNP+SJUQ7pnxrO0lhh6BYBVmgaMTfSFMihW35zqBW9PrXz8x/XoU3q0H8zb
TbManceNu9qp0+ctNHZvBkelUxA9mwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHE7
5pEFLHZiXyXnKoR8x5zwpY1DMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zMEZBODEzQzVFRjQxMUVGQTQ4Qjc3QTY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPsKMA0GCSqGSIb3DQEBCwUA
A4IBAQBOhDMkY9cpJsaTLqOjiWHKJUZ2DnzVmLDd2Foz7y34t4s6IXIM7+fzhUCd
n9/XfMAVCXd89z87HqwRqbQyNDmJI6oFwqNmXFeaWsBo2Jn+ZBcL6n3RM0uHGbmq
KH1ypceSil6fNN02Z0nipZ+/yHFjikU0lIgPOECCXvxuP3pQi0YjVDRQAKvp6Hlv
2OpSuJpovR0M6FCMnK+L493KFQwqnXQqWNHvAF1NYy+t5848O5aErZ4Ja2l2YS+7
h7ZEqTM1gagAU3Dm97bq4/lxCACgFMaxJ9xwib3ComW9ZK5A5roZJc0yjbK5mdNZ
EGODCre0kAYZt5BkGccoN0Wc5Daq
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:23 2024 by rpki-client on console-fra.rpki-client.org