Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/33BBFF0A32BB11EF888375AD762E951A.roa
File: 33BBFF0A32BB11EF888375AD762E951A.roa (raw, json)
Hash identifier: fG2ZJVHvT9lvR+v/ZXPqhbMO5SYCCAWyGSd0uuWQmw8=
Subject key identifier: 81:C6:F9:92:9D:F1:FE:AF:9C:5E:93:12:11:A2:FA:5C:D3:61:56:A7
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 947E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/33BBFF0A32BB11EF888375AD762E951A.roa
Signing time: Tue 25 Jun 2024 06:21:48 +0000
ROA not before: Tue 25 Jun 2024 06:21:45 +0000
ROA not after: Fri 03 Jan 2025 06:21:45 +0000
asID: 40065
IP address blocks: 156.227.16.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 38014 (0x947e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jun 25 06:21:45 2024 GMT
Not After : Jan 3 06:21:45 2025 GMT
Subject: CN=667a61fc-ffd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:33:3c:d5:88:13:02:89:96:de:e0:08:2f:57:
a1:5f:41:3f:fe:cd:c6:76:7d:45:60:7c:b2:87:8a:
22:62:3b:a6:76:7c:25:fa:b2:b6:41:9a:57:4b:a8:
4d:fe:68:5b:37:43:41:37:5b:b0:33:90:ea:72:4c:
b4:2b:ab:7d:e2:76:57:c5:e8:5b:d8:0f:5c:59:8e:
bf:a0:db:2e:8a:b3:4d:e1:f0:a1:38:1e:eb:1b:c5:
f4:eb:29:bf:9e:10:40:76:c7:ae:00:d0:f2:f4:ad:
70:48:61:60:cf:d7:4d:59:32:ac:12:45:9a:e9:fe:
aa:fd:45:bb:4d:3a:52:b8:98:0f:82:d2:1b:b1:50:
77:55:da:21:71:42:00:a6:57:1d:d4:7f:d0:19:49:
78:e8:73:07:b9:14:c0:95:81:8f:88:6a:e4:fb:ba:
cc:c9:83:20:e3:2c:83:85:c3:bf:9c:2c:82:f3:ca:
b6:01:4e:2c:75:65:c2:d8:55:7c:9f:db:dd:c6:2e:
65:2e:ae:52:2b:97:66:ef:9b:b1:28:b5:03:53:ba:
16:cc:42:a4:81:2f:f3:68:86:b5:a9:dd:98:f3:16:
8a:1d:9d:dc:f8:48:fb:7f:40:da:4e:cc:57:e8:4b:
d2:85:aa:90:6a:18:f0:a9:9d:4a:01:54:4c:41:e1:
31:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:C6:F9:92:9D:F1:FE:AF:9C:5E:93:12:11:A2:FA:5C:D3:61:56:A7
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/33BBFF0A32BB11EF888375AD762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.16.0/22
Signature Algorithm: sha256WithRSAEncryption
88:6d:dc:3f:39:11:56:46:aa:96:ec:70:01:e6:ba:3b:59:29:
1b:44:e2:10:a0:1f:41:76:a1:83:f1:7e:01:b6:0d:1d:f9:1e:
90:d8:cf:99:78:aa:c7:ab:41:fb:af:63:2c:7d:4b:9b:f1:12:
1e:e9:67:34:87:5a:8f:f4:46:a7:0f:d8:41:66:51:c7:f6:af:
5e:0b:5e:91:14:e0:5f:74:28:ae:1a:5e:99:d0:2f:e6:03:e3:
73:68:53:c6:74:8e:43:ca:99:5c:65:17:7f:41:e4:eb:ea:bc:
9b:a5:58:dd:3c:64:a4:d4:48:a4:df:79:9f:21:43:31:a2:68:
56:ff:40:07:20:25:78:db:d5:a6:26:79:dd:1b:c7:15:14:5b:
9e:d7:47:03:e6:d3:66:e9:9e:64:60:3e:96:58:71:9f:e5:11:
5b:34:ae:9f:3b:7b:d4:59:ea:9b:3d:c3:7c:0a:74:e5:b8:02:
ba:58:50:b7:43:65:b0:b5:61:90:a8:2a:9e:1c:fd:e6:a9:e6:
a5:55:32:a1:1b:44:92:b5:b2:c4:36:ca:65:bb:2e:f3:f6:56:
6d:11:0e:98:25:77:92:f3:df:96:08:13:62:96:b3:39:03:c3:
cb:94:a0:ac:e7:46:ab:ef:9c:c9:2e:3a:7e:94:de:06:9a:b9:
6a:9b:b7:c3
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAJR+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNjI1MDYyMTQ1WhcNMjUwMTAzMDYyMTQ1WjAYMRYw
FAYDVQQDEw02NjdhNjFmYy1mZmQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvzM81YgTAomW3uAIL1ehX0E//s3Gdn1FYHyyh4oiYjumdnwl+rK2QZpX
S6hN/mhbN0NBN1uwM5Dqcky0K6t94nZXxehb2A9cWY6/oNsuirNN4fChOB7rG8X0
6ym/nhBAdseuANDy9K1wSGFgz9dNWTKsEkWa6f6q/UW7TTpSuJgPgtIbsVB3Vdoh
cUIAplcd1H/QGUl46HMHuRTAlYGPiGrk+7rMyYMg4yyDhcO/nCyC88q2AU4sdWXC
2FV8n9vdxi5lLq5SK5dm75uxKLUDU7oWzEKkgS/zaIa1qd2Y8xaKHZ3c+Ej7f0Da
TsxX6EvShaqQahjwqZ1KAVRMQeExAQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIHG
+ZKd8f6vnF6TEhGi+lzTYVanMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zM0JCRkYwQTMyQkIxMUVGODg4Mzc1QUQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnOMQMA0GCSqGSIb3DQEBCwUA
A4IBAQCIbdw/ORFWRqqW7HAB5ro7WSkbROIQoB9BdqGD8X4Btg0d+R6Q2M+ZeKrH
q0H7r2MsfUub8RIe6Wc0h1qP9EanD9hBZlHH9q9eC16RFOBfdCiuGl6Z0C/mA+Nz
aFPGdI5DyplcZRd/QeTr6rybpVjdPGSk1Eik33mfIUMxomhW/0AHICV429WmJnnd
G8cVFFue10cD5tNm6Z5kYD6WWHGf5RFbNK6fO3vUWeqbPcN8CnTluAK6WFC3Q2Ww
tWGQqCqeHP3mqealVTKhG0SStbLENspluy7z9lZtEQ6YJXeS89+WCBNilrM5A8PL
lKCs50ar75zJLjp+lN4Gmrlqm7fD
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:24 2024 by rpki-client on console-fra.rpki-client.org