Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/41FE082CA0D611EF8678DDB9762E951A.roa
File: 41FE082CA0D611EF8678DDB9762E951A.roa (raw, json)
Hash identifier: Trf4lHdsa9MvqO+3Xqc4ZZrGKhn/ZGUNK49w1VV6cS0=
Subject key identifier: 3C:79:F2:5F:D3:1E:AA:15:07:30:52:27:C9:B3:BA:51:AB:2E:77:D1
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D17B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/41FE082CA0D611EF8678DDB9762E951A.roa
Signing time: Tue 12 Nov 2024 09:12:36 +0000
ROA not before: Tue 12 Nov 2024 09:12:33 +0000
ROA not after: Wed 18 Dec 2024 09:12:33 +0000
asID: 8796
IP address blocks: 156.225.16.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 53627 (0xd17b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 12 09:12:33 2024 GMT
Not After : Dec 18 09:12:33 2024 GMT
Subject: CN=67331c04-90c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:bf:4d:36:74:8c:55:b0:7d:84:cc:86:63:00:
fc:74:8c:f0:f5:bd:a5:e4:80:41:98:70:88:8c:74:
4a:38:bd:66:49:bc:af:c3:e5:30:a1:33:96:c4:1a:
03:b3:bd:c5:ad:82:b2:a2:9d:1b:d9:e5:20:0a:0d:
47:21:41:6f:e5:f1:59:1f:d4:ba:b3:c0:2a:9b:88:
78:4d:cd:c8:2b:2e:92:77:d4:7e:29:76:17:ff:1e:
78:ec:f6:1a:87:d6:32:54:11:96:76:17:6c:6a:de:
a3:b8:e9:45:d0:66:33:3c:bd:ce:f6:fa:ef:5e:4f:
b4:7d:2d:ea:2c:fe:3e:72:35:9f:3c:f3:11:d9:d6:
c6:61:8e:38:bb:da:fc:c2:a4:96:44:76:7f:80:55:
6e:b5:5f:8f:c0:5c:d9:ea:36:0c:24:b0:b4:05:0f:
ee:86:7c:34:16:ec:9b:51:2b:45:21:18:11:15:a2:
b5:12:79:85:7f:78:89:14:37:73:a8:77:27:8e:4b:
d0:78:cf:6b:32:68:fe:62:08:41:25:42:41:78:98:
d5:54:b0:c5:86:67:64:53:81:fd:fe:db:d3:15:10:
cc:05:57:9e:9d:42:92:0b:94:75:fa:05:c0:fa:fd:
7b:00:66:b8:00:40:01:85:59:1e:18:01:66:b4:3c:
e6:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:79:F2:5F:D3:1E:AA:15:07:30:52:27:C9:B3:BA:51:AB:2E:77:D1
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/41FE082CA0D611EF8678DDB9762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.16.0/20
Signature Algorithm: sha256WithRSAEncryption
1f:05:97:96:96:ff:70:2a:6e:4d:4b:b6:4e:54:5e:ca:3a:17:
d8:d1:b8:6e:15:27:ca:c5:69:16:84:61:94:ed:bf:9a:49:39:
80:ba:39:1b:a8:70:bd:35:b2:d0:06:e0:86:99:27:d0:58:58:
14:4e:f5:ec:2f:a1:a2:ec:df:d9:7b:10:f8:9a:0e:2b:e4:f7:
7c:6a:46:be:f7:c0:5f:ff:50:87:c5:4e:9b:e2:e1:79:f8:c2:
89:cc:29:3c:58:99:fb:60:ab:db:fd:73:06:3c:33:02:0f:d1:
b0:41:aa:a1:cd:00:37:bc:6b:09:72:0d:14:f4:37:d3:f3:15:
80:88:52:00:06:08:20:6b:9d:78:0f:89:24:96:c7:c6:1e:6d:
9b:66:9a:5b:56:f9:1c:04:09:42:0b:63:5f:f1:87:a1:a0:5d:
b4:dd:6a:0f:4c:40:e3:fd:1e:bf:13:41:8a:a3:ed:8f:83:c9:
9f:67:e3:75:f0:3c:4b:09:32:cd:64:0e:c3:ab:2f:f7:a1:9a:
d2:c9:ca:0a:14:7d:f0:50:df:66:f2:b9:db:ee:ba:92:dc:f4:
77:b7:95:de:58:33:90:6d:43:ee:cc:69:0c:f3:38:56:3c:cc:
c4:91:f8:5e:2b:ba:f8:e8:d0:59:92:a4:89:a2:35:02:0c:8f:
ce:98:f5:2d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANF7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTEyMDkxMjMzWhcNMjQxMjE4MDkxMjMzWjAYMRYw
FAYDVQQDEw02NzMzMWMwNC05MGMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyr9NNnSMVbB9hMyGYwD8dIzw9b2l5IBBmHCIjHRKOL1mSbyvw+UwoTOW
xBoDs73FrYKyop0b2eUgCg1HIUFv5fFZH9S6s8Aqm4h4Tc3IKy6Sd9R+KXYX/x54
7PYah9YyVBGWdhdsat6juOlF0GYzPL3O9vrvXk+0fS3qLP4+cjWfPPMR2dbGYY44
u9r8wqSWRHZ/gFVutV+PwFzZ6jYMJLC0BQ/uhnw0FuybUStFIRgRFaK1EnmFf3iJ
FDdzqHcnjkvQeM9rMmj+YghBJUJBeJjVVLDFhmdkU4H9/tvTFRDMBVeenUKSC5R1
+gXA+v17AGa4AEABhVkeGAFmtDzmXQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDx5
8l/THqoVBzBSJ8mzulGrLnfRMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80MUZFMDgyQ0EwRDYxMUVGODY3OEREQjk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnOEQMA0GCSqGSIb3DQEBCwUA
A4IBAQAfBZeWlv9wKm5NS7ZOVF7KOhfY0bhuFSfKxWkWhGGU7b+aSTmAujkbqHC9
NbLQBuCGmSfQWFgUTvXsL6Gi7N/ZexD4mg4r5Pd8aka+98Bf/1CHxU6b4uF5+MKJ
zCk8WJn7YKvb/XMGPDMCD9GwQaqhzQA3vGsJcg0U9DfT8xWAiFIABggga514D4kk
lsfGHm2bZppbVvkcBAlCC2Nf8YehoF203WoPTEDj/R6/E0GKo+2Pg8mfZ+N18DxL
CTLNZA7Dqy/3oZrSycoKFH3wUN9m8rnb7rqS3PR3t5XeWDOQbUPuzGkM8zhWPMzE
kfheK7r46NBZkqSJojUCDI/OmPUt
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:26 2024 by rpki-client on console-fra.rpki-client.org