Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4418D05C9F7C11EFA18A11B8762E951A.roa
File: 4418D05C9F7C11EFA18A11B8762E951A.roa (raw, json)
Hash identifier: C9+4Fzk7D5KTf95oS1kOg8fcFLIjDIlHIwgXseyQXjg=
Subject key identifier: AE:7D:C3:FA:C1:55:3A:57:68:98:07:7F:48:59:CA:95:E0:23:00:9A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D0F2
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4418D05C9F7C11EFA18A11B8762E951A.roa
Signing time: Sun 10 Nov 2024 15:55:54 +0000
ROA not before: Sun 10 Nov 2024 15:55:50 +0000
ROA not after: Thu 12 Dec 2024 15:55:50 +0000
asID: 398993
IP address blocks: 156.231.144.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 53490 (0xd0f2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 10 15:55:50 2024 GMT
Not After : Dec 12 15:55:50 2024 GMT
Subject: CN=6730d78a-09d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:4c:9f:26:29:30:2d:dd:ca:f6:68:ee:23:8a:
44:17:f4:f1:68:8e:47:85:a2:1f:c5:88:9b:57:ea:
d8:9b:c0:e6:77:e6:dc:74:24:2c:e2:0e:ce:67:bf:
f9:da:a3:e8:8f:82:57:93:69:2d:b1:ae:18:d1:c7:
74:49:92:96:ec:5c:ef:99:26:d5:8e:af:6a:e6:d1:
2a:10:d6:74:f4:0e:5c:82:34:01:ab:e7:25:79:01:
c5:c9:60:a7:ce:0e:c7:c9:d9:33:1e:ec:6e:57:04:
1d:71:3e:d0:78:61:de:1e:b1:f0:c4:b8:df:35:19:
e6:1a:ff:df:f4:45:ac:a8:ff:16:c9:57:94:4f:10:
97:48:35:d2:bb:b2:4d:83:ae:47:8f:e9:6f:bb:69:
c7:0b:11:5b:2c:f0:fd:9e:d8:76:ae:68:00:73:ab:
0c:17:08:17:d5:e5:0f:76:cf:35:5d:bd:5c:57:84:
66:8c:6f:b5:35:f6:9c:2f:09:19:19:43:20:39:a6:
19:03:0f:38:f3:04:30:0e:01:46:f9:47:52:ea:45:
08:15:91:5e:3a:b2:14:31:8e:35:28:a7:41:06:c0:
b0:f9:fb:55:76:b7:50:3b:4e:7b:e0:18:a3:64:4f:
f9:df:e3:88:bf:dd:af:08:e2:70:46:22:d4:28:bd:
dd:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:7D:C3:FA:C1:55:3A:57:68:98:07:7F:48:59:CA:95:E0:23:00:9A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4418D05C9F7C11EFA18A11B8762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.231.144.0/20
Signature Algorithm: sha256WithRSAEncryption
95:19:86:85:b7:80:2c:96:24:b4:8f:a4:71:a5:a2:74:42:e2:
e6:82:1b:f3:e6:f9:66:5c:88:26:fd:8a:9a:b2:98:07:bf:93:
a1:86:17:e0:c9:fa:94:72:f5:4f:c2:23:ba:13:7f:3c:49:47:
c1:5c:95:17:2a:8a:6d:3a:86:a0:a7:bc:af:3d:21:9f:b8:5c:
d9:7b:4a:69:56:15:16:41:8a:b1:97:a0:61:2c:33:45:1d:fd:
7e:a3:69:28:e7:7e:9f:fc:42:73:e4:1b:f2:67:6a:72:ac:8b:
38:ea:26:d7:92:0e:06:cd:b2:31:b4:10:20:db:a5:9a:de:89:
68:ee:30:55:6b:31:01:f0:57:a3:68:c3:3c:85:2a:63:23:d4:
14:d7:61:e4:ea:1a:92:87:5b:39:19:47:c6:18:b2:c0:3a:e9:
02:ca:a4:12:41:d0:40:af:ce:dc:93:4a:12:72:69:b4:bb:ed:
ec:82:e8:e2:4b:14:26:84:a8:df:1d:42:7c:dd:ee:53:24:c5:
33:18:6e:0d:9a:4c:fa:18:c4:1b:f9:6d:2e:c9:3b:ee:ca:6d:
a1:ff:2a:8f:d1:f5:c0:cd:2e:21:4b:64:59:55:31:bb:4b:2c:
a9:53:e9:00:1c:57:58:92:06:54:08:e4:dc:e4:11:23:f2:a7:
7e:05:6f:f9
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANDyMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTEwMTU1NTUwWhcNMjQxMjEyMTU1NTUwWjAYMRYw
FAYDVQQDEw02NzMwZDc4YS0wOWQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqkyfJikwLd3K9mjuI4pEF/TxaI5HhaIfxYibV+rYm8Dmd+bcdCQs4g7O
Z7/52qPoj4JXk2ktsa4Y0cd0SZKW7FzvmSbVjq9q5tEqENZ09A5cgjQBq+cleQHF
yWCnzg7HydkzHuxuVwQdcT7QeGHeHrHwxLjfNRnmGv/f9EWsqP8WyVeUTxCXSDXS
u7JNg65Hj+lvu2nHCxFbLPD9nth2rmgAc6sMFwgX1eUPds81Xb1cV4RmjG+1Nfac
LwkZGUMgOaYZAw848wQwDgFG+UdS6kUIFZFeOrIUMY41KKdBBsCw+ftVdrdQO057
4BijZE/53+OIv92vCOJwRiLUKL3dcwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFK59
w/rBVTpXaJgHf0hZypXgIwCaMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80NDE4RDA1QzlGN0MxMUVGQTE4QTExQjg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnOeQMA0GCSqGSIb3DQEBCwUA
A4IBAQCVGYaFt4AsliS0j6RxpaJ0QuLmghvz5vlmXIgm/YqaspgHv5OhhhfgyfqU
cvVPwiO6E388SUfBXJUXKoptOoagp7yvPSGfuFzZe0ppVhUWQYqxl6BhLDNFHf1+
o2ko536f/EJz5BvyZ2pyrIs46ibXkg4GzbIxtBAg26Wa3olo7jBVazEB8FejaMM8
hSpjI9QU12Hk6hqSh1s5GUfGGLLAOukCyqQSQdBAr87ck0oScmm0u+3sgujiSxQm
hKjfHUJ83e5TJMUzGG4Nmkz6GMQb+W0uyTvuym2h/yqP0fXAzS4hS2RZVTG7Syyp
U+kAHFdYkgZUCOTc5BEj8qd+BW/5
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:28 2024 by rpki-client on console-ams.rpki-client.org