Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/41C2EE3C32BC11EFBD3E6CB6762E951A.roa
File: 41C2EE3C32BC11EFBD3E6CB6762E951A.roa (raw, json)
Hash identifier: 3XlVaUQpEypumBcN3SwHVopKtimQD3u5uQzLeRbsAvA=
Subject key identifier: 32:66:B7:EA:8A:40:09:E9:2E:F1:1D:DB:87:6A:E3:81:2B:A8:09:84
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 9490
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/41C2EE3C32BC11EFBD3E6CB6762E951A.roa
Signing time: Tue 25 Jun 2024 06:29:21 +0000
ROA not before: Tue 25 Jun 2024 06:29:18 +0000
ROA not after: Fri 03 Jan 2025 06:29:18 +0000
asID: 40065
IP address blocks: 156.243.2.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 38032 (0x9490)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jun 25 06:29:18 2024 GMT
Not After : Jan 3 06:29:18 2025 GMT
Subject: CN=667a63c1-33ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:fe:db:e1:a1:ed:1e:05:a6:30:21:9c:a6:3b:
e0:11:55:89:a5:85:0e:13:02:7f:52:c9:9d:03:7e:
71:c7:d4:35:d1:c4:6f:5e:69:2d:f6:37:28:45:bd:
01:f8:7b:c9:b5:85:5b:27:d2:4a:9c:9a:ac:1e:f1:
86:bc:8c:4e:a7:e2:d1:7b:cb:31:e2:28:88:be:f8:
3e:eb:d4:2e:53:66:60:ce:28:9c:21:ce:0d:c8:c7:
86:4c:82:91:d1:bb:b7:08:14:ed:53:8c:aa:bf:ea:
15:0f:9b:69:7e:8a:86:26:16:7f:81:fb:96:2b:be:
48:a8:fc:b7:38:e7:49:9b:82:16:db:9a:38:f8:fb:
30:5b:b0:6c:a0:26:37:b2:ac:d8:0f:9b:d7:44:5a:
37:9d:af:84:a9:7c:b3:9a:aa:36:c0:50:21:1c:85:
b7:84:6e:fe:d1:64:a6:bf:07:19:82:c8:2a:be:58:
ae:ea:ff:78:16:27:76:2e:d5:cc:06:87:3a:a3:3c:
b0:8f:8f:26:da:38:56:e6:39:83:48:74:39:b9:3e:
93:07:dd:e2:1e:6e:3f:e7:16:cb:17:de:b1:cf:f9:
7d:a6:2e:7f:ab:63:f5:bb:92:02:35:6b:27:11:af:
47:61:8a:98:7d:e0:bd:10:73:00:3d:83:d1:b3:56:
e0:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:66:B7:EA:8A:40:09:E9:2E:F1:1D:DB:87:6A:E3:81:2B:A8:09:84
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/41C2EE3C32BC11EFBD3E6CB6762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.2.0/23
Signature Algorithm: sha256WithRSAEncryption
41:7b:32:8a:7f:99:e2:e3:8f:16:09:47:e7:ca:96:e4:96:a6:
44:bc:7a:c4:4f:5a:6c:38:45:fd:a1:a3:c5:b7:a9:bb:78:29:
79:b2:5e:7e:07:d8:f6:a5:7c:b8:ae:94:fd:11:08:05:03:b0:
50:65:fd:7f:5a:a3:f6:e4:8b:15:58:a7:ba:d7:7e:26:a9:8d:
24:85:f0:60:4b:b0:1b:69:a8:e8:bd:25:b9:98:9b:fa:bd:b5:
32:58:80:af:d8:e9:19:0f:9f:90:48:87:a8:b9:e9:f4:9d:16:
ff:d1:35:aa:83:1e:f5:35:3b:ac:af:af:78:21:98:df:84:b4:
60:d9:9b:de:7c:9f:4b:7e:7f:72:ee:ad:a7:7d:71:35:5a:e9:
39:78:dc:5b:78:87:b0:aa:34:8b:8b:ef:25:5e:51:cf:a4:e9:
e4:d5:ae:8c:ef:9f:aa:aa:00:45:27:0a:cb:f5:ee:04:13:a3:
76:76:c4:6c:a8:e3:07:cb:a6:a0:40:32:c6:f0:52:a5:df:ba:
4c:e0:f8:64:7d:05:83:be:91:83:e2:36:95:5e:55:4f:96:14:
66:41:18:b6:b5:14:a1:56:02:f8:8a:c9:21:96:ae:a5:53:3f:
99:07:f9:66:be:12:ec:be:23:df:a3:82:6b:f1:13:0d:c9:15:
4e:87:45:98
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAJSQMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNjI1MDYyOTE4WhcNMjUwMTAzMDYyOTE4WjAYMRYw
FAYDVQQDEw02NjdhNjNjMS0zM2ZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsf7b4aHtHgWmMCGcpjvgEVWJpYUOEwJ/UsmdA35xx9Q10cRvXmkt9jco
Rb0B+HvJtYVbJ9JKnJqsHvGGvIxOp+LRe8sx4iiIvvg+69QuU2ZgziicIc4NyMeG
TIKR0bu3CBTtU4yqv+oVD5tpfoqGJhZ/gfuWK75IqPy3OOdJm4IW25o4+PswW7Bs
oCY3sqzYD5vXRFo3na+EqXyzmqo2wFAhHIW3hG7+0WSmvwcZgsgqvliu6v94Fid2
LtXMBoc6ozywj48m2jhW5jmDSHQ5uT6TB93iHm4/5xbLF96xz/l9pi5/q2P1u5IC
NWsnEa9HYYqYfeC9EHMAPYPRs1bgLwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDJm
t+qKQAnpLvEd24dq44ErqAmEMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80MUMyRUUzQzMyQkMxMUVGQkQzRTZDQjY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnPMCMA0GCSqGSIb3DQEBCwUA
A4IBAQBBezKKf5ni448WCUfnypbklqZEvHrET1psOEX9oaPFt6m7eCl5sl5+B9j2
pXy4rpT9EQgFA7BQZf1/WqP25IsVWKe6134mqY0khfBgS7AbaajovSW5mJv6vbUy
WICv2OkZD5+QSIeouen0nRb/0TWqgx71NTusr694IZjfhLRg2ZvefJ9Lfn9y7q2n
fXE1Wuk5eNxbeIewqjSLi+8lXlHPpOnk1a6M75+qqgBFJwrL9e4EE6N2dsRsqOMH
y6agQDLG8FKl37pM4PhkfQWDvpGD4jaVXlVPlhRmQRi2tRShVgL4iskhlq6lUz+Z
B/lmvhLsviPfo4Jr8RMNyRVOh0WY
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:26 2024 by rpki-client on console-fra.rpki-client.org