Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3F84103A9AB111EF9FC11587762E951A.roa
File: 3F84103A9AB111EF9FC11587762E951A.roa (raw, json)
Hash identifier: j0yIPpNXFHE/mqJOoNkujqhCE3GbCUNLcer7lz4YoIM=
Subject key identifier: 1C:8A:30:DF:82:86:68:B8:59:4B:C4:3D:98:1B:51:D7:FC:78:30:EF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: CDCA
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3F84103A9AB111EF9FC11587762E951A.roa
Signing time: Mon 04 Nov 2024 13:32:34 +0000
ROA not before: Mon 04 Nov 2024 13:32:30 +0000
ROA not after: Tue 03 Dec 2024 13:32:30 +0000
asID: 141883
IP address blocks: 156.240.0.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 52682 (0xcdca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 4 13:32:30 2024 GMT
Not After : Dec 3 13:32:30 2024 GMT
Subject: CN=6728ccf2-db6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:5c:eb:d6:25:87:aa:2b:62:3d:85:53:ac:d7:
4c:c3:76:8c:17:c2:6f:29:4f:41:e8:1b:09:da:4f:
6d:a7:42:66:d1:df:0f:f4:88:b5:ad:ea:0e:68:18:
f0:2e:ff:c3:d4:6f:89:8a:30:34:d9:ed:58:64:3d:
f5:7d:41:f5:4f:20:53:30:8c:2b:f5:82:e3:7b:d0:
6e:91:ab:98:df:04:30:49:f0:4d:43:2a:70:cd:a4:
6a:a1:0e:b9:bb:e1:32:24:5d:90:29:31:b8:4d:2e:
31:40:59:5d:9a:32:6d:5b:86:18:0d:12:35:48:69:
89:53:6c:b4:e5:f2:6b:ef:88:25:f1:37:ca:96:a3:
23:1d:c3:48:ad:6e:87:7d:05:43:e6:a6:08:13:d9:
15:59:ae:4d:96:2b:f6:02:b4:6e:f2:30:c3:d1:69:
1c:09:4b:37:5b:e0:7f:ed:61:a6:e5:78:6d:a6:35:
ef:d6:eb:01:15:1d:a1:b2:fb:99:42:93:73:5a:d3:
a6:9d:3a:8d:61:0f:ed:94:47:2c:95:0d:b7:ff:ed:
e7:9f:4e:d7:e9:9f:e7:cd:e7:63:90:4a:0a:bf:53:
2b:00:d1:4c:b3:4f:cc:31:dc:a9:f9:25:e9:12:ac:
0b:0f:22:ca:99:bb:90:96:a5:80:7f:40:51:3c:be:
c4:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:8A:30:DF:82:86:68:B8:59:4B:C4:3D:98:1B:51:D7:FC:78:30:EF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3F84103A9AB111EF9FC11587762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.240.0.0/19
Signature Algorithm: sha256WithRSAEncryption
02:e5:0f:da:c1:3c:bf:cb:5d:f6:96:4a:ba:2a:c2:99:a5:4b:
54:10:c1:87:0b:95:44:cd:32:c5:11:ce:92:cc:3a:2a:ed:20:
80:6f:61:36:6a:95:ff:20:c5:e8:11:79:67:ff:18:7f:dc:29:
7a:0b:52:3a:72:dd:8f:fa:8a:df:db:46:5f:cc:cb:ae:ba:e1:
30:c9:b4:f5:f9:9f:ee:55:f7:d0:16:ac:c2:4a:8f:65:53:97:
81:07:8d:99:b9:7a:d6:6a:f7:77:f2:71:77:63:e4:f4:b8:cc:
3f:2d:86:52:e9:44:b2:17:66:c8:18:ba:3b:92:4c:92:86:ce:
b8:fa:54:58:72:6b:6d:81:26:e6:b7:a7:3f:7d:58:31:0c:e0:
be:ad:fd:a9:a3:33:2e:e3:f5:6a:be:5e:db:ec:a2:84:76:2d:
76:da:3e:4c:35:6b:9a:d5:2d:79:84:8a:45:23:31:c5:7d:45:
b7:e9:ad:be:2f:cc:4b:26:77:85:8e:aa:4a:76:5f:2d:5c:15:
b6:aa:15:b2:bb:d4:91:85:46:ec:69:a9:83:10:f0:67:25:5c:
1c:61:d0:7a:37:b5:4b:22:bc:ee:ea:c8:29:87:c6:a6:62:66:
82:d4:6a:0d:8b:7b:1e:68:7e:01:3c:de:3d:4d:1e:ca:5a:28:
6f:8f:c9:dd
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAM3KMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTA0MTMzMjMwWhcNMjQxMjAzMTMzMjMwWjAYMRYw
FAYDVQQDEw02NzI4Y2NmMi1kYjZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA51zr1iWHqitiPYVTrNdMw3aMF8JvKU9B6BsJ2k9tp0Jm0d8P9Ii1reoO
aBjwLv/D1G+JijA02e1YZD31fUH1TyBTMIwr9YLje9BukauY3wQwSfBNQypwzaRq
oQ65u+EyJF2QKTG4TS4xQFldmjJtW4YYDRI1SGmJU2y05fJr74gl8TfKlqMjHcNI
rW6HfQVD5qYIE9kVWa5Nliv2ArRu8jDD0WkcCUs3W+B/7WGm5XhtpjXv1usBFR2h
svuZQpNzWtOmnTqNYQ/tlEcslQ23/+3nn07X6Z/nzedjkEoKv1MrANFMs0/MMdyp
+SXpEqwLDyLKmbuQlqWAf0BRPL7EsQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFByK
MN+Chmi4WUvEPZgbUdf8eDDvMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zRjg0MTAzQTlBQjExMUVGOUZDMTE1ODc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFnPAAMA0GCSqGSIb3DQEBCwUA
A4IBAQAC5Q/awTy/y132lkq6KsKZpUtUEMGHC5VEzTLFEc6SzDoq7SCAb2E2apX/
IMXoEXln/xh/3Cl6C1I6ct2P+orf20ZfzMuuuuEwybT1+Z/uVffQFqzCSo9lU5eB
B42ZuXrWavd38nF3Y+T0uMw/LYZS6USyF2bIGLo7kkyShs64+lRYcmttgSbmt6c/
fVgxDOC+rf2pozMu4/Vqvl7b7KKEdi122j5MNWua1S15hIpFIzHFfUW36a2+L8xL
JneFjqpKdl8tXBW2qhWyu9SRhUbsaamDEPBnJVwcYdB6N7VLIrzu6sgph8amYmaC
1GoNi3seaH4BPN49TR7KWihvj8nd
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:26 2024 by rpki-client on console-fra.rpki-client.org