Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/432A9A94A70711EFAB6A8A5B762E951A.roa
File: 432A9A94A70711EFAB6A8A5B762E951A.roa (raw, json)
Hash identifier: RUdeZrtubfHA3KbHpXjGjNbVixOg40qPTV0Wjm6rtuQ=
Subject key identifier: 88:D0:56:B7:08:19:73:39:9C:88:25:E5:7B:73:A2:1C:0B:A1:D5:91
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D597
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/432A9A94A70711EFAB6A8A5B762E951A.roa
Signing time: Wed 20 Nov 2024 06:18:31 +0000
ROA not before: Wed 20 Nov 2024 06:18:27 +0000
ROA not after: Sun 22 Dec 2024 06:18:27 +0000
asID: 395793
IP address blocks: 156.228.62.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 54679 (0xd597)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 20 06:18:27 2024 GMT
Not After : Dec 22 06:18:27 2024 GMT
Subject: CN=673d7f36-d106
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:bf:17:46:bc:d2:3b:cb:7c:17:43:f2:8d:52:
36:79:f3:ad:1b:35:d9:ba:13:1b:72:6a:2e:f8:4c:
25:6a:75:98:38:e3:f5:b1:e0:a0:b0:b4:0a:90:7f:
ab:42:82:9c:23:2a:07:b8:cc:fb:09:79:ba:57:a0:
be:44:be:fd:41:57:bc:d6:e8:55:4f:97:b7:f4:b3:
9b:53:a2:fa:24:18:7c:69:e1:bd:39:67:87:48:2c:
7e:9d:ca:74:04:ed:15:c8:56:d6:9d:e8:c3:ae:53:
1c:fa:73:10:5d:4f:63:82:ca:bd:cd:89:36:f9:0e:
31:f3:8b:51:47:0a:db:88:fe:bd:35:0e:60:5c:23:
71:8b:89:cd:e3:66:6d:16:06:2f:84:ed:76:78:5b:
43:e5:b6:2e:e0:91:9e:8a:eb:1e:4c:20:69:b3:db:
19:c9:2c:77:66:9f:2c:93:33:5c:e4:19:8b:b7:37:
ae:78:79:ce:1e:23:84:a4:73:e7:be:89:bc:b5:9f:
d7:f5:d9:8b:e5:ce:f8:c5:dc:f4:4e:09:80:a1:ba:
3e:d5:d8:a4:d2:31:78:3f:92:0e:cd:e4:46:68:0b:
57:02:da:c5:f1:cc:05:e8:89:e5:f9:4d:e2:3f:a4:
ff:3f:64:48:b7:e2:a0:54:98:b5:d6:94:5c:a8:1c:
29:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:D0:56:B7:08:19:73:39:9C:88:25:E5:7B:73:A2:1C:0B:A1:D5:91
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/432A9A94A70711EFAB6A8A5B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.62.0/24
Signature Algorithm: sha256WithRSAEncryption
91:b4:60:24:da:84:c0:d3:d3:00:09:9f:29:04:19:4a:58:f6:
fb:78:f4:2c:86:66:e1:4f:56:85:6d:e0:7d:2d:a4:1e:0a:8c:
23:69:30:84:fc:75:49:ca:06:55:88:6b:f0:3b:84:60:b7:dd:
54:e8:ec:6b:36:3f:e0:37:0a:c1:96:49:77:08:e4:93:7e:45:
fc:68:13:82:0b:6e:ec:cb:25:79:15:64:b4:4e:93:e8:4a:5a:
1e:0f:d8:b9:88:de:dd:99:25:ed:0b:d2:b1:aa:c7:bc:bf:e3:
3b:91:35:07:02:5f:93:5c:39:5a:eb:1d:6a:54:c9:1f:ef:1b:
ef:9e:58:b1:41:4b:69:df:ac:e2:24:69:ee:be:81:9a:ad:37:
67:15:5a:8d:3d:09:42:7d:53:a1:52:d9:b0:4c:05:6f:2e:ea:
d2:52:d6:74:c2:83:3d:d5:20:c6:01:a4:b6:e7:b2:e6:a8:6c:
9d:73:97:eb:a9:dd:4a:cf:bc:c8:b1:09:1e:ab:a6:f7:02:4e:
56:51:b8:eb:b2:61:d9:61:21:88:f8:79:45:02:97:9b:d1:fe:
10:1e:ae:a6:06:8d:76:1a:8a:e2:d8:f3:94:f3:9a:9a:9d:f2:
2c:24:b3:43:7c:91:ee:ba:1d:2e:f3:d3:17:5f:8f:25:0a:8e:
81:7a:68:12
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANWXMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTIwMDYxODI3WhcNMjQxMjIyMDYxODI3WjAYMRYw
FAYDVQQDEw02NzNkN2YzNi1kMTA2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0b8XRrzSO8t8F0PyjVI2efOtGzXZuhMbcmou+EwlanWYOOP1seCgsLQK
kH+rQoKcIyoHuMz7CXm6V6C+RL79QVe81uhVT5e39LObU6L6JBh8aeG9OWeHSCx+
ncp0BO0VyFbWnejDrlMc+nMQXU9jgsq9zYk2+Q4x84tRRwrbiP69NQ5gXCNxi4nN
42ZtFgYvhO12eFtD5bYu4JGeiuseTCBps9sZySx3Zp8skzNc5BmLtzeueHnOHiOE
pHPnvom8tZ/X9dmL5c74xdz0TgmAobo+1dik0jF4P5IOzeRGaAtXAtrF8cwF6Inl
+U3iP6T/P2RIt+KgVJi11pRcqBwpnwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIjQ
VrcIGXM5nIgl5XtzohwLodWRMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80MzJBOUE5NEE3MDcxMUVGQUI2QThBNUI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOQ+MA0GCSqGSIb3DQEBCwUA
A4IBAQCRtGAk2oTA09MACZ8pBBlKWPb7ePQshmbhT1aFbeB9LaQeCowjaTCE/HVJ
ygZViGvwO4Rgt91U6OxrNj/gNwrBlkl3COSTfkX8aBOCC27syyV5FWS0TpPoSloe
D9i5iN7dmSXtC9Kxqse8v+M7kTUHAl+TXDla6x1qVMkf7xvvnlixQUtp36ziJGnu
voGarTdnFVqNPQlCfVOhUtmwTAVvLurSUtZ0woM91SDGAaS257LmqGydc5frqd1K
z7zIsQkeq6b3Ak5WUbjrsmHZYSGI+HlFApeb0f4QHq6mBo12Gori2POU85qanfIs
JLNDfJHuuh0u89MXX48lCo6BemgS
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:26 2024 by rpki-client on console-fra.rpki-client.org