Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/445EDBA6353211EFBD6924A2762E951A.roa
File: 445EDBA6353211EFBD6924A2762E951A.roa (raw, json)
Hash identifier: spQ/uG4eCAUH8X/V1iEBO7B7S2tXPY3tAeR8i6Xq4Co=
Subject key identifier: C1:72:4D:DD:08:90:58:29:1C:7F:08:FC:73:F8:75:03:DB:C5:CA:13
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 95E1
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/445EDBA6353211EFBD6924A2762E951A.roa
Signing time: Fri 28 Jun 2024 09:39:09 +0000
ROA not before: Fri 28 Jun 2024 09:39:05 +0000
ROA not after: Wed 12 Feb 2025 09:39:05 +0000
asID: 135600
IP address blocks: 156.246.72.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 38369 (0x95e1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jun 28 09:39:05 2024 GMT
Not After : Feb 12 09:39:05 2025 GMT
Subject: CN=667e84bc-899d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:6a:4a:ba:09:e5:c7:ec:52:1e:33:39:eb:ad:
2a:9a:55:e1:35:48:52:ad:d5:ee:83:6a:5a:dd:55:
bc:12:1b:9c:75:2f:d8:54:5b:dc:e9:30:57:89:0c:
da:f1:58:e6:f4:80:5b:ec:07:2d:e4:7d:22:5c:13:
ad:c6:c5:a8:3f:f2:49:33:51:af:24:30:02:a0:b2:
b8:e4:63:d3:35:f5:2e:87:c2:4b:6b:cc:69:17:c1:
43:a4:b4:32:fa:0d:cf:46:16:dc:ba:fe:20:c2:e1:
5d:72:ca:0c:c3:22:a2:03:50:2a:b3:f4:17:c6:0c:
e0:ac:79:de:34:63:19:8f:5b:75:2d:59:4e:9d:a2:
1b:e7:bb:e4:42:13:27:a4:44:cb:75:b7:4d:de:c7:
a5:6c:48:0c:86:d4:53:9d:97:7b:39:53:09:71:4d:
3f:f3:78:f3:d9:f5:0b:5b:cb:e6:73:95:59:6d:71:
22:40:e1:77:49:16:b3:5a:30:25:94:10:a2:90:08:
96:18:84:40:c9:bb:a2:0b:d6:b5:41:8b:7d:61:11:
cc:dc:68:f5:14:c4:5a:d9:54:92:21:7e:df:3c:29:
21:a7:c6:50:0b:4a:36:99:fa:5f:4b:60:b4:eb:77:
46:ea:10:7e:8f:dc:0b:e3:1e:31:f1:49:83:ce:35:
cc:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:72:4D:DD:08:90:58:29:1C:7F:08:FC:73:F8:75:03:DB:C5:CA:13
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/445EDBA6353211EFBD6924A2762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.246.72.0/21
Signature Algorithm: sha256WithRSAEncryption
4c:73:a7:40:eb:01:f2:56:9c:3e:87:e1:b0:d9:43:93:13:fc:
aa:f9:39:ab:e7:1e:fa:ae:1e:9a:db:4e:42:4a:37:20:77:a2:
ed:a9:19:39:90:ed:99:15:ca:c1:85:9c:3c:03:bc:c0:df:f6:
e9:bb:aa:4e:84:61:42:4e:87:0d:c5:06:15:d6:03:48:c0:7b:
3f:cf:a2:64:34:19:e9:77:3c:52:e4:57:b3:99:be:9a:55:78:
3f:18:67:a5:8a:f7:55:93:dc:2c:a5:64:32:e3:cd:6b:47:ef:
6e:4f:ee:b9:4f:00:70:ca:13:e2:8c:97:a9:6f:f6:10:46:c2:
c7:74:17:ae:ee:70:4c:43:e9:15:4d:86:6e:e4:da:a5:5b:a5:
5a:3e:7e:4c:fa:12:e1:f4:7f:e8:b3:3a:cf:63:50:5c:52:52:
45:26:70:99:b4:61:7a:0f:da:29:f2:fd:da:c0:a3:9d:0b:1a:
c1:03:71:79:75:3c:5e:45:88:fa:ff:59:67:19:05:71:24:cb:
34:df:b4:cd:ad:6f:4d:2b:66:cf:c5:90:59:6e:19:7a:ac:3d:
0f:15:bf:8d:ab:8a:c4:7c:cb:f0:51:a9:64:46:73:67:1a:ab:
6b:f2:2e:d4:d3:97:2b:b6:81:c3:69:79:16:50:e3:41:a8:b9:
c0:db:7c:6f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAJXhMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNjI4MDkzOTA1WhcNMjUwMjEyMDkzOTA1WjAYMRYw
FAYDVQQDEw02NjdlODRiYy04OTlkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAt2pKugnlx+xSHjM5660qmlXhNUhSrdXug2pa3VW8EhucdS/YVFvc6TBX
iQza8Vjm9IBb7Act5H0iXBOtxsWoP/JJM1GvJDACoLK45GPTNfUuh8JLa8xpF8FD
pLQy+g3PRhbcuv4gwuFdcsoMwyKiA1Aqs/QXxgzgrHneNGMZj1t1LVlOnaIb57vk
QhMnpETLdbdN3selbEgMhtRTnZd7OVMJcU0/83jz2fULW8vmc5VZbXEiQOF3SRaz
WjAllBCikAiWGIRAybuiC9a1QYt9YRHM3Gj1FMRa2VSSIX7fPCkhp8ZQC0o2mfpf
S2C063dG6hB+j9wL4x4x8UmDzjXMiQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMFy
Td0IkFgpHH8I/HP4dQPbxcoTMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80NDVFREJBNjM1MzIxMUVGQkQ2OTI0QTI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnPZIMA0GCSqGSIb3DQEBCwUA
A4IBAQBMc6dA6wHyVpw+h+Gw2UOTE/yq+Tmr5x76rh6a205CSjcgd6LtqRk5kO2Z
FcrBhZw8A7zA3/bpu6pOhGFCTocNxQYV1gNIwHs/z6JkNBnpdzxS5Fezmb6aVXg/
GGelivdVk9wspWQy481rR+9uT+65TwBwyhPijJepb/YQRsLHdBeu7nBMQ+kVTYZu
5NqlW6VaPn5M+hLh9H/oszrPY1BcUlJFJnCZtGF6D9op8v3awKOdCxrBA3F5dTxe
RYj6/1lnGQVxJMs037TNrW9NK2bPxZBZbhl6rD0PFb+Nq4rEfMvwUalkRnNnGqtr
8i7U05crtoHDaXkWUONBqLnA23xv
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:27 2024 by rpki-client on console-fra.rpki-client.org