Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3BDF95C0A19211EF8C7E0788762E951A.roa
File: 3BDF95C0A19211EF8C7E0788762E951A.roa (raw, json)
Hash identifier: RwoXlz5FIzIHvIPOxwPDyJAs9EdqsQy+Ra0uwwL2bKk=
Subject key identifier: 7A:B3:8B:C6:C9:A6:86:81:E2:4B:63:5A:BD:A1:D0:7A:E1:27:0A:0E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D22E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3BDF95C0A19211EF8C7E0788762E951A.roa
Signing time: Wed 13 Nov 2024 07:38:11 +0000
ROA not before: Wed 13 Nov 2024 07:38:08 +0000
ROA not after: Mon 16 Dec 2024 07:38:08 +0000
asID: 203020
IP address blocks: 156.251.96.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 53806 (0xd22e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 13 07:38:08 2024 GMT
Not After : Dec 16 07:38:08 2024 GMT
Subject: CN=67345763-1863
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:72:19:ce:98:49:86:e7:e7:ff:fd:26:60:be:
a4:db:56:30:1e:fd:33:0f:61:aa:1e:b0:75:8d:bb:
c1:ea:5a:d0:6c:9c:54:90:8f:36:65:9d:d6:8b:77:
56:29:25:27:59:40:dc:c0:af:9c:fd:b1:8d:88:7d:
e1:90:3d:09:c6:64:0b:65:84:f6:95:3d:ff:96:ed:
ff:24:c7:bb:1b:3a:55:cd:03:d4:3b:23:a5:8b:2d:
e9:73:eb:59:08:2f:3a:37:84:e0:62:91:b1:36:8c:
53:ec:a4:5d:4e:0b:2e:45:c8:29:f0:f4:72:de:18:
a5:1b:ad:ec:ed:19:6d:cd:a7:36:2e:7a:47:d1:e8:
b2:88:81:88:a3:34:1a:e4:f4:0a:67:3b:a1:4b:52:
2e:cf:02:30:75:42:3b:a0:21:b1:d1:53:a9:e5:28:
89:62:f9:5e:fb:ae:65:20:6c:f1:70:55:18:17:bd:
aa:8b:a9:42:c2:07:02:70:30:73:57:10:dc:1b:33:
49:06:08:14:98:58:4d:d5:2d:6f:cb:04:c6:9e:ba:
fd:3d:6d:b8:76:08:da:33:56:12:76:c8:a4:3d:9a:
7b:cb:e4:fc:1c:61:c9:e1:62:ae:81:07:26:6c:3d:
7a:bf:cb:e4:1a:6b:f2:d0:f0:0c:a5:13:f4:3a:59:
19:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:B3:8B:C6:C9:A6:86:81:E2:4B:63:5A:BD:A1:D0:7A:E1:27:0A:0E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3BDF95C0A19211EF8C7E0788762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.251.96.0/20
Signature Algorithm: sha256WithRSAEncryption
57:ee:1d:94:89:52:a4:7f:0e:2a:c1:df:ce:c4:9a:13:7b:3f:
38:c4:eb:7e:60:b0:a5:9f:f1:ba:37:5a:1d:7f:f3:eb:fb:50:
b6:7a:14:19:77:7f:d4:e2:19:25:91:bd:9c:f5:8e:e5:00:fa:
11:e3:da:cc:ff:96:c6:8c:7e:6a:bb:3c:54:b1:18:27:d6:55:
9b:c6:48:91:81:71:11:70:a2:47:89:ae:40:b8:8a:bf:30:d9:
be:4d:a8:06:b0:f9:1e:d8:b0:91:4d:ad:ca:93:f3:63:27:bb:
95:bc:ec:f9:e2:f0:19:4c:fb:07:09:dd:e7:99:69:c0:f9:6f:
1f:b1:27:af:c5:29:e9:74:68:0a:8f:0b:d2:ce:7c:76:86:0d:
cd:7d:26:94:e1:65:70:cf:69:07:1f:f0:ff:c0:6f:23:6d:84:
0f:79:d8:99:f4:c7:b2:48:75:a8:9d:6b:89:55:66:63:1d:9e:
b0:0e:b6:af:28:e2:2e:87:ff:d6:54:72:b8:e3:c8:77:5f:d4:
ee:73:1e:f4:4b:f1:7f:a8:b3:75:68:95:fb:3c:48:4e:8b:e9:
2a:6b:dc:54:a2:5d:cb:42:1b:92:f1:7b:01:a4:42:06:4c:4e:
57:3a:4c:5b:71:15:44:f2:5b:f9:75:09:25:7e:1c:0b:7b:ad:
45:fc:1b:d4
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANIuMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTEzMDczODA4WhcNMjQxMjE2MDczODA4WjAYMRYw
FAYDVQQDEw02NzM0NTc2My0xODYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvnIZzphJhufn//0mYL6k21YwHv0zD2GqHrB1jbvB6lrQbJxUkI82ZZ3W
i3dWKSUnWUDcwK+c/bGNiH3hkD0JxmQLZYT2lT3/lu3/JMe7GzpVzQPUOyOliy3p
c+tZCC86N4TgYpGxNoxT7KRdTgsuRcgp8PRy3hilG63s7Rltzac2LnpH0eiyiIGI
ozQa5PQKZzuhS1IuzwIwdUI7oCGx0VOp5SiJYvle+65lIGzxcFUYF72qi6lCwgcC
cDBzVxDcGzNJBggUmFhN1S1vywTGnrr9PW24dgjaM1YSdsikPZp7y+T8HGHJ4WKu
gQcmbD16v8vkGmvy0PAMpRP0OlkZKQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHqz
i8bJpoaB4ktjWr2h0HrhJwoOMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zQkRGOTVDMEExOTIxMUVGOEM3RTA3ODg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnPtgMA0GCSqGSIb3DQEBCwUA
A4IBAQBX7h2UiVKkfw4qwd/OxJoTez84xOt+YLCln/G6N1odf/Pr+1C2ehQZd3/U
4hklkb2c9Y7lAPoR49rM/5bGjH5quzxUsRgn1lWbxkiRgXERcKJHia5AuIq/MNm+
TagGsPke2LCRTa3Kk/NjJ7uVvOz54vAZTPsHCd3nmWnA+W8fsSevxSnpdGgKjwvS
znx2hg3NfSaU4WVwz2kHH/D/wG8jbYQPediZ9MeySHWonWuJVWZjHZ6wDravKOIu
h//WVHK448h3X9Tucx70S/F/qLN1aJX7PEhOi+kqa9xUol3LQhuS8XsBpEIGTE5X
OkxbcRVE8lv5dQklfhwLe61F/BvU
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:25 2024 by rpki-client on console-fra.rpki-client.org