Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/345A542AA4D511EF9AE61893762E951A.roa
File: 345A542AA4D511EF9AE61893762E951A.roa (raw, json)
Hash identifier: 5VyF4xkn63dkL9YULNLv/lQgkL7XOY0zh20mkQina8U=
Subject key identifier: E8:E7:80:FD:36:D9:DC:C0:D1:2F:D8:A6:B6:44:50:31:4B:33:4C:BF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D4F5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/345A542AA4D511EF9AE61893762E951A.roa
Signing time: Sun 17 Nov 2024 11:15:08 +0000
ROA not before: Sun 17 Nov 2024 11:15:05 +0000
ROA not after: Wed 27 Nov 2024 11:15:05 +0000
asID: 39600
IP address blocks: 156.238.168.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 54517 (0xd4f5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 17 11:15:05 2024 GMT
Not After : Nov 27 11:15:05 2024 GMT
Subject: CN=6739d03c-4819
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:a5:63:ab:37:e6:c6:ff:2a:fb:81:6c:bf:2b:
b2:ea:46:53:f7:72:8f:59:c2:52:8d:46:44:90:11:
eb:68:d4:61:84:91:5f:25:e9:fe:1b:d6:3a:86:9c:
81:38:38:10:43:69:3d:78:f9:f3:5f:be:b4:9f:57:
a2:2f:08:78:b4:d1:cb:d0:f8:3d:ed:e0:7b:46:3e:
ad:e8:62:a5:1b:b7:d4:a2:38:16:10:ec:c7:46:da:
67:da:f5:47:41:f6:ba:83:05:d2:0a:28:71:8c:34:
81:28:17:3b:f5:54:96:3b:6c:a4:bc:60:d1:3d:9a:
a9:dc:b8:03:da:48:e4:ad:88:7f:fd:f0:26:d4:e7:
54:44:7f:d8:3f:4a:45:70:75:0e:dd:5c:0c:04:03:
5c:18:84:97:ae:27:b1:60:57:39:9b:4f:58:e2:df:
6a:fd:c3:b3:ad:df:82:0b:0c:05:50:55:01:ce:01:
13:38:a4:34:ad:af:62:4e:2d:ea:7d:d9:b5:d5:c7:
86:0c:5e:82:f1:e2:ad:71:6c:67:8e:d9:6e:c9:e0:
fe:67:67:dc:84:d4:07:c2:90:3b:e3:c7:ce:d7:cf:
2a:12:95:ca:ec:38:12:46:ab:9d:80:89:5b:c7:d3:
12:03:c8:79:55:a2:b7:9e:97:04:25:34:b8:bd:63:
39:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:E7:80:FD:36:D9:DC:C0:D1:2F:D8:A6:B6:44:50:31:4B:33:4C:BF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/345A542AA4D511EF9AE61893762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.168.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:33:db:5c:22:81:56:ff:21:f5:f6:cb:6f:81:7e:83:3b:b8:
c7:cb:83:06:a1:d4:5f:56:6f:9e:25:7c:50:2c:aa:66:79:ea:
48:a6:0b:22:f9:09:20:4a:0c:63:65:c7:5c:3f:24:cc:e7:80:
7c:33:6b:9a:6e:f2:8f:eb:c3:98:71:1a:f9:a6:76:2c:64:19:
82:76:0d:68:99:c7:54:1b:3b:aa:f9:47:e4:b4:3d:36:c6:58:
93:f3:a4:dc:23:d5:9a:4d:84:96:0b:73:0c:c5:0e:74:77:4c:
f7:2d:8c:48:ca:31:c4:d7:ee:53:c7:8f:c0:a1:f1:11:f7:c9:
7a:25:e8:3f:c2:59:00:41:57:6d:be:0c:10:0b:d4:65:9b:c4:
ac:b5:fc:ce:ff:5e:15:be:f1:50:61:ef:a1:9b:2a:4c:7c:66:
b0:d2:3b:5a:cb:35:d7:0a:a6:a1:41:b9:67:d8:10:ca:32:fe:
98:5c:d3:d4:9d:85:b0:3f:b0:39:14:86:58:ea:44:7e:6c:2c:
3b:21:f6:11:1b:e1:d9:68:af:c6:36:f6:0f:7d:b7:f8:6f:a8:
22:f6:ff:11:8b:2c:fc:3f:e6:2a:56:4c:34:13:a8:c0:e7:d4:
e3:e2:2a:6e:e4:f4:8b:ae:d1:a5:69:cc:f0:7b:84:b1:d7:19:
5c:81:c1:da
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANT1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTE3MTExNTA1WhcNMjQxMTI3MTExNTA1WjAYMRYw
FAYDVQQDEw02NzM5ZDAzYy00ODE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA8qVjqzfmxv8q+4Fsvyuy6kZT93KPWcJSjUZEkBHraNRhhJFfJen+G9Y6
hpyBODgQQ2k9ePnzX760n1eiLwh4tNHL0Pg97eB7Rj6t6GKlG7fUojgWEOzHRtpn
2vVHQfa6gwXSCihxjDSBKBc79VSWO2ykvGDRPZqp3LgD2kjkrYh//fAm1OdURH/Y
P0pFcHUO3VwMBANcGISXriexYFc5m09Y4t9q/cOzrd+CCwwFUFUBzgETOKQ0ra9i
Ti3qfdm11ceGDF6C8eKtcWxnjtluyeD+Z2fchNQHwpA748fO188qEpXK7DgSRqud
gIlbx9MSA8h5VaK3npcEJTS4vWM5gwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOjn
gP022dzA0S/YprZEUDFLM0y/MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zNDVBNTQyQUE0RDUxMUVGOUFFNjE4OTM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO6oMA0GCSqGSIb3DQEBCwUA
A4IBAQCaM9tcIoFW/yH19stvgX6DO7jHy4MGodRfVm+eJXxQLKpmeepIpgsi+Qkg
SgxjZcdcPyTM54B8M2uabvKP68OYcRr5pnYsZBmCdg1omcdUGzuq+UfktD02xliT
86TcI9WaTYSWC3MMxQ50d0z3LYxIyjHE1+5Tx4/AofER98l6Jeg/wlkAQVdtvgwQ
C9Rlm8SstfzO/14VvvFQYe+hmypMfGaw0jtayzXXCqahQbln2BDKMv6YXNPUnYWw
P7A5FIZY6kR+bCw7IfYRG+HZaK/GNvYPfbf4b6gi9v8Riyz8P+YqVkw0E6jA59Tj
4ipu5PSLrtGlaczwe4Sx1xlcgcHa
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:24 2024 by rpki-client on console-fra.rpki-client.org