Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3F0A535A9B8B11EF91D76367762E951A.roa
File: 3F0A535A9B8B11EF91D76367762E951A.roa (raw, json)
Hash identifier: 6/9OHG0Iicjo/r1rMcrlCODHiJVo6Tcyx1LW5IP0FSM=
Subject key identifier: 2B:71:00:6D:5A:F3:F2:BC:CE:41:F9:C4:E7:BE:66:54:EA:16:D9:68
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: CEE9
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3F0A535A9B8B11EF91D76367762E951A.roa
Signing time: Tue 05 Nov 2024 15:33:03 +0000
ROA not before: Tue 05 Nov 2024 15:33:00 +0000
ROA not after: Wed 04 Dec 2024 15:33:00 +0000
asID: 200373
IP address blocks: 156.228.96.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 52969 (0xcee9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 5 15:33:00 2024 GMT
Not After : Dec 4 15:33:00 2024 GMT
Subject: CN=672a3aaf-9ac8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:0b:7b:6b:18:de:ff:de:67:88:0b:59:c2:fd:
33:00:00:39:e7:5b:37:0f:6c:82:a8:80:2d:5f:d8:
54:e6:66:1f:c8:42:a3:42:06:2c:a8:b6:15:36:22:
81:1d:df:18:51:d2:75:93:73:58:36:d7:fd:33:5e:
a2:be:42:02:83:33:4c:3c:8e:f2:2d:3f:d8:28:8c:
8f:1f:68:50:53:98:fb:0a:78:b3:83:60:bf:f1:67:
2e:5c:30:3c:a5:fe:bb:05:ec:ae:ee:12:13:aa:c2:
06:7b:b5:17:be:99:08:63:d3:ca:66:57:34:9b:ab:
31:9e:a7:ad:32:58:d5:f7:79:f9:3c:90:50:f4:ab:
fa:89:72:56:ef:34:f1:f8:75:b8:fa:c1:66:89:a5:
d8:58:29:21:ce:19:23:9d:58:2e:69:11:b2:37:e6:
16:c5:59:bb:15:e7:b6:99:04:af:30:6a:a1:dc:6f:
15:55:47:25:4e:92:5d:b6:7a:c6:e1:da:0f:0f:e7:
1f:9f:e6:52:58:10:70:ec:5a:6d:e6:cb:d2:2f:eb:
32:32:3b:57:9a:18:a6:a1:fc:ad:c4:e1:a1:43:e2:
73:09:51:0f:06:96:ff:42:aa:60:40:aa:02:4b:79:
8e:02:e5:8d:8b:cb:0f:b5:6b:81:93:37:f3:71:76:
11:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:71:00:6D:5A:F3:F2:BC:CE:41:F9:C4:E7:BE:66:54:EA:16:D9:68
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3F0A535A9B8B11EF91D76367762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.96.0/20
Signature Algorithm: sha256WithRSAEncryption
8b:26:1c:0e:f0:fc:c8:d6:34:f1:67:51:7f:28:1b:ec:9e:62:
8e:b7:4d:e0:a6:2c:8e:49:64:53:9a:32:c2:8d:8a:b0:2b:dc:
0f:8b:09:22:d3:61:5b:20:b4:1f:67:37:12:c3:74:ec:cf:d7:
b8:05:36:fb:40:ef:ee:2a:11:b6:d7:1c:2a:44:be:a9:0f:e1:
65:44:7d:a4:13:ef:ea:37:4b:ab:d2:6c:06:d0:63:a2:15:6b:
15:80:30:23:bd:9d:fa:d3:53:54:b0:47:72:03:5a:7b:d1:fa:
71:b1:ad:2e:f8:4b:9a:6a:f0:47:05:fe:24:fd:62:47:bf:f3:
4c:5e:74:30:c4:b2:fe:02:8c:ab:6a:8e:43:84:96:80:d1:ca:
a2:7a:7c:ff:ec:a3:b3:aa:a3:ec:47:9b:34:87:af:1e:a2:24:
7f:6b:f3:d0:ee:29:9d:92:b0:17:98:93:e3:18:97:10:04:b6:
5d:39:17:97:c9:81:32:94:cb:c6:60:b3:9e:6c:5e:1b:e9:2f:
89:74:3b:04:15:27:ba:64:ae:17:64:32:18:7b:fb:89:0d:d8:
b4:5b:b6:b1:65:18:6d:30:ef:bd:5d:ce:4a:9f:67:2f:ed:c1:
55:7b:6d:b5:0d:4d:e2:f5:58:29:72:94:2c:58:52:8f:b2:d1:
b1:00:f4:e5
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAM7pMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTA1MTUzMzAwWhcNMjQxMjA0MTUzMzAwWjAYMRYw
FAYDVQQDEw02NzJhM2FhZi05YWM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwQt7axje/95niAtZwv0zAAA551s3D2yCqIAtX9hU5mYfyEKjQgYsqLYV
NiKBHd8YUdJ1k3NYNtf9M16ivkICgzNMPI7yLT/YKIyPH2hQU5j7Cnizg2C/8Wcu
XDA8pf67Beyu7hITqsIGe7UXvpkIY9PKZlc0m6sxnqetMljV93n5PJBQ9Kv6iXJW
7zTx+HW4+sFmiaXYWCkhzhkjnVguaRGyN+YWxVm7Fee2mQSvMGqh3G8VVUclTpJd
tnrG4doPD+cfn+ZSWBBw7Fpt5svSL+syMjtXmhimofytxOGhQ+JzCVEPBpb/Qqpg
QKoCS3mOAuWNi8sPtWuBkzfzcXYRpQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCtx
AG1a8/K8zkH5xOe+ZlTqFtloMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zRjBBNTM1QTlCOEIxMUVGOTFENzYzNjc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnORgMA0GCSqGSIb3DQEBCwUA
A4IBAQCLJhwO8PzI1jTxZ1F/KBvsnmKOt03gpiyOSWRTmjLCjYqwK9wPiwki02Fb
ILQfZzcSw3Tsz9e4BTb7QO/uKhG21xwqRL6pD+FlRH2kE+/qN0ur0mwG0GOiFWsV
gDAjvZ3601NUsEdyA1p70fpxsa0u+EuaavBHBf4k/WJHv/NMXnQwxLL+Aoyrao5D
hJaA0cqienz/7KOzqqPsR5s0h68eoiR/a/PQ7imdkrAXmJPjGJcQBLZdOReXyYEy
lMvGYLOebF4b6S+JdDsEFSe6ZK4XZDIYe/uJDdi0W7axZRhtMO+9Xc5Kn2cv7cFV
e221DU3i9VgpcpQsWFKPstGxAPTl
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:26 2024 by rpki-client on console-fra.rpki-client.org