Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3CA02E7EA45E11EFB43C219B762E951A.roa
File: 3CA02E7EA45E11EFB43C219B762E951A.roa (raw, json)
Hash identifier: 8Yu+TGEVrvpt6QWhn+940lb8dHxMBRUDH6WvNgVqrNI=
Subject key identifier: AF:E4:7F:8D:52:77:7F:67:79:19:64:FB:D4:19:FA:7A:75:98:AF:73
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D446
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3CA02E7EA45E11EFB43C219B762E951A.roa
Signing time: Sat 16 Nov 2024 21:03:32 +0000
ROA not before: Sat 16 Nov 2024 21:03:29 +0000
ROA not after: Fri 29 Nov 2024 21:03:29 +0000
asID: 141342
IP address blocks: 156.238.68.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 54342 (0xd446)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 16 21:03:29 2024 GMT
Not After : Nov 29 21:03:29 2024 GMT
Subject: CN=673908a4-1dfb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:4f:f8:b5:b4:0d:a6:71:ef:c4:bc:f6:3b:a6:
be:f3:f0:31:10:3c:35:c5:4a:08:7b:cd:eb:9e:2f:
09:46:f2:1e:66:ae:4f:3a:f5:7c:a9:de:0a:12:31:
45:4d:1b:3e:06:d2:38:31:a6:e1:53:57:c8:1f:94:
4a:83:f2:1f:ff:14:1b:bc:da:f8:b8:77:07:7f:52:
c7:22:d4:5b:11:f1:6a:25:61:02:f3:95:27:b5:70:
6f:46:6c:eb:13:3d:de:fd:8f:c5:85:cc:27:3a:b4:
88:45:00:9e:1b:6d:09:d8:a6:bd:9c:68:75:31:6b:
9f:bb:82:f7:37:a2:0b:08:45:49:5a:b5:be:34:82:
63:ef:11:ce:ee:a9:3f:23:5f:64:5f:74:4b:43:92:
3d:2b:78:7e:87:b1:60:ad:1d:86:18:69:fa:67:e8:
21:e3:97:95:98:18:31:cd:f7:c8:7c:24:22:44:cc:
32:28:ed:e3:49:82:41:eb:05:87:df:fd:12:17:2f:
b0:c4:4e:c8:ec:64:ef:17:99:7a:da:91:d8:6a:7d:
71:eb:4e:44:ce:a6:aa:c9:31:30:15:ef:53:0c:b8:
6d:d3:a4:52:f0:41:a5:1c:bd:ba:af:cd:c7:cf:48:
31:5a:52:1c:18:aa:22:b0:8e:3e:7e:e6:0a:11:99:
cd:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:E4:7F:8D:52:77:7F:67:79:19:64:FB:D4:19:FA:7A:75:98:AF:73
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3CA02E7EA45E11EFB43C219B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.68.0/23
Signature Algorithm: sha256WithRSAEncryption
0f:b5:c9:ff:b3:1f:1a:00:a6:5e:f1:40:5e:cd:8b:6b:cd:e1:
17:32:eb:d0:28:80:6d:99:55:63:f7:3c:be:5b:7c:8e:53:43:
56:50:9e:3e:4b:2c:0c:9b:17:5f:23:67:95:34:53:df:2c:d8:
07:0e:1f:af:c9:14:ea:2b:f8:76:37:12:10:31:2f:47:13:f3:
c9:75:be:97:ad:ba:ed:98:02:3c:84:9b:b5:89:b9:1d:b0:36:
61:d4:ae:4e:0a:c5:c8:3c:b1:95:a1:33:d9:b5:b6:9b:12:83:
2f:c8:2f:dd:6c:cf:97:4b:62:c1:f2:e0:81:e0:0e:2a:0d:80:
c2:88:95:9d:a5:e6:40:c5:1f:28:9a:29:a5:4c:b4:ff:9f:97:
d9:9a:89:2c:4c:1d:a1:d9:c8:5d:e8:df:50:f4:d6:e2:29:cc:
c3:dd:a1:cb:43:30:dd:4e:7c:16:ef:f8:ef:54:f8:b8:8e:f7:
89:bd:e1:3a:91:0b:2f:b0:80:a0:3b:80:3c:15:3d:eb:91:2d:
91:60:1d:66:3a:ce:9e:c8:2d:80:31:d1:f5:3c:56:42:2f:cc:
d8:fb:60:02:49:66:95:24:29:a5:80:fc:3d:68:70:3d:cd:9d:
2f:55:6f:da:9f:d9:25:67:22:a1:80:cf:7a:25:57:35:d7:6e:
4f:74:ce:55
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANRGMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTE2MjEwMzI5WhcNMjQxMTI5MjEwMzI5WjAYMRYw
FAYDVQQDEw02NzM5MDhhNC0xZGZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwE/4tbQNpnHvxLz2O6a+8/AxEDw1xUoIe83rni8JRvIeZq5POvV8qd4K
EjFFTRs+BtI4MabhU1fIH5RKg/If/xQbvNr4uHcHf1LHItRbEfFqJWEC85UntXBv
RmzrEz3e/Y/FhcwnOrSIRQCeG20J2Ka9nGh1MWufu4L3N6ILCEVJWrW+NIJj7xHO
7qk/I19kX3RLQ5I9K3h+h7FgrR2GGGn6Z+gh45eVmBgxzffIfCQiRMwyKO3jSYJB
6wWH3/0SFy+wxE7I7GTvF5l62pHYan1x605EzqaqyTEwFe9TDLht06RS8EGlHL26
r83Hz0gxWlIcGKoisI4+fuYKEZnNdQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFK/k
f41Sd39neRlk+9QZ+np1mK9zMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zQ0EwMkU3RUE0NUUxMUVGQjQzQzIxOUI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnO5EMA0GCSqGSIb3DQEBCwUA
A4IBAQAPtcn/sx8aAKZe8UBezYtrzeEXMuvQKIBtmVVj9zy+W3yOU0NWUJ4+SywM
mxdfI2eVNFPfLNgHDh+vyRTqK/h2NxIQMS9HE/PJdb6XrbrtmAI8hJu1ibkdsDZh
1K5OCsXIPLGVoTPZtbabEoMvyC/dbM+XS2LB8uCB4A4qDYDCiJWdpeZAxR8omiml
TLT/n5fZmoksTB2h2chd6N9Q9NbiKczD3aHLQzDdTnwW7/jvVPi4jveJveE6kQsv
sICgO4A8FT3rkS2RYB1mOs6eyC2AMdH1PFZCL8zY+2ACSWaVJCmlgPw9aHA9zZ0v
VW/an9klZyKhgM96JVc1125PdM5V
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:25 2024 by rpki-client on console-fra.rpki-client.org