Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/320E800027E011EF91E892F37CDC24C2.roa
File: 320E800027E011EF91E892F37CDC24C2.roa (raw, json)
Hash identifier: sxSNKb0mRvvw7XNaW0fsLOMEA+nXdb07tji6pHcnLyQ=
Subject key identifier: D2:BA:CD:0F:1B:7D:C5:23:38:D7:96:94:C9:53:61:45:39:4C:C5:C2
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 90AE
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/320E800027E011EF91E892F37CDC24C2.roa
Signing time: Tue 11 Jun 2024 10:48:54 +0000
ROA not before: Tue 11 Jun 2024 10:48:50 +0000
ROA not after: Mon 12 May 2025 10:48:50 +0000
asID: 140951
IP address blocks: 156.227.244.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 09 Sep 2024 00:16:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 37038 (0x90ae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jun 11 10:48:50 2024 GMT
Not After : May 12 10:48:50 2025 GMT
Subject: CN=66682b96-c6a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:bc:66:78:d1:bd:8d:27:42:4a:0f:ea:d5:2c:
20:39:d6:71:6d:22:1e:52:43:a7:5f:f6:dd:07:0e:
bc:e3:a9:6a:14:91:9b:c2:55:da:fb:2d:72:b1:ac:
9f:6a:97:ad:84:49:2d:6e:66:92:b4:57:b5:e6:e6:
14:03:35:7f:9a:d7:d1:cb:52:21:bc:b6:48:f5:12:
a8:7f:e0:9c:d4:98:bb:eb:c0:de:d8:18:de:06:b4:
71:b2:17:08:c5:2b:fe:d8:ab:75:47:c7:ea:37:f3:
47:03:02:10:d3:97:87:89:70:25:77:fb:84:5f:10:
b4:72:f9:96:9b:ca:b3:76:6d:b6:a7:ad:fe:7c:c2:
5a:6e:9f:1c:e9:8b:73:f6:f0:73:6b:76:84:aa:d3:
d0:ab:35:97:ba:f0:91:61:df:42:21:b6:ec:4a:66:
2d:62:86:db:9d:92:d3:7c:fa:78:0e:09:cd:1d:9d:
8a:bd:8c:5c:69:2f:ce:bf:a4:44:cb:ed:52:9d:47:
23:8b:63:f5:6d:a4:f6:e1:db:4b:a2:94:65:72:77:
d0:2c:08:bb:df:e9:d7:3a:7f:e8:a0:d0:9f:ee:58:
70:89:4c:d3:e0:a0:7f:97:86:48:2a:f4:37:d3:50:
e3:b9:d5:22:85:93:e6:87:cf:88:e3:0f:1b:db:61:
f5:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:BA:CD:0F:1B:7D:C5:23:38:D7:96:94:C9:53:61:45:39:4C:C5:C2
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/320E800027E011EF91E892F37CDC24C2.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.244.0/23
Signature Algorithm: sha256WithRSAEncryption
70:da:80:9d:bd:cd:8a:ff:65:92:8e:1d:9e:bb:c0:2d:b6:94:
44:48:30:3d:3b:20:93:b0:28:73:69:5b:88:87:a7:b0:52:f9:
ee:91:9b:b7:9f:bf:af:4f:d7:c7:e6:40:4d:9e:b1:69:73:9a:
d3:90:a7:b3:4f:e9:82:d8:88:9a:60:ac:83:d3:a5:0e:7e:2a:
6a:98:a2:a1:e1:5b:2c:52:75:7c:17:30:43:a2:ad:9a:0f:ee:
2e:65:3c:df:19:ee:58:96:d0:1f:9f:01:46:0d:84:e9:43:4d:
19:00:da:03:ff:d8:c8:ca:78:06:cc:aa:c6:81:98:17:6f:f2:
91:03:96:8f:e8:8c:5b:8c:8a:30:d0:88:02:c1:85:31:d1:f3:
07:17:df:db:b6:0d:4e:95:e3:ad:54:87:95:ad:54:1c:e1:be:
a9:ad:ec:3f:72:fc:36:4e:75:c8:c5:99:da:44:e9:d3:83:a1:
a5:8f:98:26:0d:5f:2b:c7:32:65:89:52:b5:00:b9:5d:6b:49:
63:fc:27:30:df:f4:1d:d1:7d:f3:34:57:06:b6:6c:1b:a3:00:
d8:be:ce:d1:8a:f8:ef:53:15:ba:6d:87:bb:c8:09:89:12:26:
23:03:17:5f:2d:f5:48:f5:ef:ce:b2:de:e9:06:4e:72:2f:61:
4b:07:ce:f7
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAJCuMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNjExMTA0ODUwWhcNMjUwNTEyMTA0ODUwWjAYMRYw
FAYDVQQDEw02NjY4MmI5Ni1jNmE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwrxmeNG9jSdCSg/q1SwgOdZxbSIeUkOnX/bdBw6846lqFJGbwlXa+y1y
sayfapethEktbmaStFe15uYUAzV/mtfRy1IhvLZI9RKof+Cc1Ji768De2BjeBrRx
shcIxSv+2Kt1R8fqN/NHAwIQ05eHiXAld/uEXxC0cvmWm8qzdm22p63+fMJabp8c
6Ytz9vBza3aEqtPQqzWXuvCRYd9CIbbsSmYtYobbnZLTfPp4DgnNHZ2KvYxcaS/O
v6REy+1SnUcji2P1baT24dtLopRlcnfQLAi73+nXOn/ooNCf7lhwiUzT4KB/l4ZI
KvQ301DjudUihZPmh8+I4w8b22H16QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNK6
zQ8bfcUjONeWlMlTYUU5TMXCMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zMjBFODAwMDI3RTAxMUVGOTFFODkyRjM3Q0RDMjRDMi5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnOP0MA0GCSqGSIb3DQEBCwUA
A4IBAQBw2oCdvc2K/2WSjh2eu8AttpRESDA9OyCTsChzaVuIh6ewUvnukZu3n7+v
T9fH5kBNnrFpc5rTkKezT+mC2IiaYKyD06UOfipqmKKh4VssUnV8FzBDoq2aD+4u
ZTzfGe5YltAfnwFGDYTpQ00ZANoD/9jIyngGzKrGgZgXb/KRA5aP6IxbjIow0IgC
wYUx0fMHF9/btg1OleOtVIeVrVQc4b6prew/cvw2TnXIxZnaROnTg6Glj5gmDV8r
xzJliVK1ALlda0lj/Ccw3/Qd0X3zNFcGtmwbowDYvs7RivjvUxW6bYe7yAmJEiYj
AxdfLfVI9e/Ost7pBk5yL2FLB873
-----END CERTIFICATE-----
Generated at Sat Sep 7 10:38:29 2024 by rpki-client on console-fra.rpki-client.org