Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/338011EE9AAC11EFB3C2C867762E951A.roa
File: 338011EE9AAC11EFB3C2C867762E951A.roa (raw, json)
Hash identifier: 70oqtSrvVdfiaTztvHSHD6CArDF4NxFMnQ5Bs9VZGQk=
Subject key identifier: 29:E2:B9:04:86:FC:AA:CA:69:E5:4C:83:3E:72:69:FF:F1:DF:69:DC
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: CD9A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/338011EE9AAC11EFB3C2C867762E951A.roa
Signing time: Mon 04 Nov 2024 12:56:26 +0000
ROA not before: Mon 04 Nov 2024 12:56:23 +0000
ROA not after: Tue 03 Dec 2024 12:56:23 +0000
asID: 141883
IP address blocks: 156.255.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 52634 (0xcd9a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 4 12:56:23 2024 GMT
Not After : Dec 3 12:56:23 2024 GMT
Subject: CN=6728c47a-6b13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:10:ab:76:1e:52:42:39:47:c3:bf:fc:48:f8:
e4:c7:b2:b5:f5:93:73:76:97:51:7d:d6:b0:0c:93:
80:d0:16:62:9e:93:cc:17:49:51:be:01:2d:4b:3d:
e1:63:15:4e:c2:87:67:d7:41:5f:9c:79:20:c7:83:
11:07:fc:c2:c7:71:98:67:85:f9:dc:ae:5d:c0:ca:
00:a3:36:46:0d:82:5e:64:c0:84:56:4a:9d:73:a1:
6d:fc:8c:1a:07:94:01:1a:d0:2d:82:cf:45:de:d3:
30:0d:99:43:5c:b3:d2:ab:f3:d0:07:93:7b:2d:78:
e3:15:d9:94:95:17:c0:b1:c3:01:2b:d5:0e:07:28:
fb:07:63:f1:0d:b4:bd:89:50:97:1c:51:dc:2a:c0:
51:64:4b:48:2f:7a:34:37:7a:ab:8b:7b:49:6c:42:
af:17:ca:4c:1c:2f:f5:82:37:75:03:dd:3d:56:56:
5b:93:49:40:95:e2:d5:ab:91:70:76:ce:7f:2d:e6:
7e:c5:99:8e:04:32:7d:45:a9:8e:1e:e5:bb:ea:0c:
f5:80:8d:7f:24:0c:5a:15:74:2e:58:02:14:19:1c:
19:5b:45:78:84:02:ef:a8:c9:5d:b1:77:be:f0:15:
1b:d7:50:f0:ff:10:ec:1e:67:27:bb:77:86:56:7a:
f2:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:E2:B9:04:86:FC:AA:CA:69:E5:4C:83:3E:72:69:FF:F1:DF:69:DC
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/338011EE9AAC11EFB3C2C867762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.255.0.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:d7:52:3a:3c:38:29:e5:a8:6b:10:77:e5:4b:8e:cf:38:3e:
18:89:0a:cb:fc:a8:e8:cc:55:53:10:cb:11:43:c6:50:49:ef:
d2:13:5d:f6:a7:db:41:ee:22:24:bd:b3:aa:78:da:7b:01:c0:
fd:8e:86:11:ed:67:ba:e3:fb:96:5f:5a:c5:4d:fc:59:91:e2:
3d:d3:0f:a3:5d:53:ec:0e:c4:c9:d7:e0:79:09:2b:2e:62:78:
97:e9:37:e9:7b:57:6a:2a:fb:a5:9e:49:f6:07:be:1c:bf:ba:
e2:5d:fa:5b:d6:09:dd:2a:78:e3:51:cd:bf:1d:b6:b4:67:15:
02:30:9c:83:46:1f:05:15:d7:57:9f:a7:e3:1e:b4:29:f2:27:
7e:81:ac:8b:7e:01:d4:97:7b:4c:4d:3c:d2:51:b4:40:f5:44:
a3:3b:0e:04:56:a9:7f:4d:80:d5:ac:89:02:64:52:f3:a9:e6:
e4:e6:99:71:b0:e3:62:a4:56:d5:6a:f6:ec:7f:37:c7:1e:de:
34:a9:fe:33:85:5d:81:0c:3b:5c:c3:aa:cb:ec:11:66:79:b4:
a7:c1:83:74:6c:f8:09:c8:3e:40:33:51:ff:fb:8f:99:95:9a:
a4:b7:f6:88:5c:6d:3f:d5:13:23:f0:d3:96:21:27:a3:12:5a:
51:fe:22:4e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAM2aMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTA0MTI1NjIzWhcNMjQxMjAzMTI1NjIzWjAYMRYw
FAYDVQQDEw02NzI4YzQ3YS02YjEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAshCrdh5SQjlHw7/8SPjkx7K19ZNzdpdRfdawDJOA0BZinpPMF0lRvgEt
Sz3hYxVOwodn10FfnHkgx4MRB/zCx3GYZ4X53K5dwMoAozZGDYJeZMCEVkqdc6Ft
/IwaB5QBGtAtgs9F3tMwDZlDXLPSq/PQB5N7LXjjFdmUlRfAscMBK9UOByj7B2Px
DbS9iVCXHFHcKsBRZEtIL3o0N3qri3tJbEKvF8pMHC/1gjd1A909VlZbk0lAleLV
q5Fwds5/LeZ+xZmOBDJ9RamOHuW76gz1gI1/JAxaFXQuWAIUGRwZW0V4hALvqMld
sXe+8BUb11Dw/xDsHmcnu3eGVnry8wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCni
uQSG/KrKaeVMgz5yaf/x32ncMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zMzgwMTFFRTlBQUMxMUVGQjNDMkM4Njc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP8AMA0GCSqGSIb3DQEBCwUA
A4IBAQCm11I6PDgp5ahrEHflS47POD4YiQrL/KjozFVTEMsRQ8ZQSe/SE132p9tB
7iIkvbOqeNp7AcD9joYR7We64/uWX1rFTfxZkeI90w+jXVPsDsTJ1+B5CSsuYniX
6Tfpe1dqKvulnkn2B74cv7riXfpb1gndKnjjUc2/Hba0ZxUCMJyDRh8FFddXn6fj
HrQp8id+gayLfgHUl3tMTTzSUbRA9USjOw4EVql/TYDVrIkCZFLzqebk5plxsONi
pFbVavbsfzfHHt40qf4zhV2BDDtcw6rL7BFmebSnwYN0bPgJyD5AM1H/+4+ZlZqk
t/aIXG0/1RMj8NOWISejElpR/iJO
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:25 2024 by rpki-client on console-ams.rpki-client.org