Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4595F91CA45611EF8A27286A762E951A.roa
File: 4595F91CA45611EF8A27286A762E951A.roa (raw, json)
Hash identifier: cnWVqHMaEXDpbGJgmzKtylCnzuafmsI9k0GMzVKUtOU=
Subject key identifier: FE:2A:FD:F9:A7:6F:49:E8:99:30:76:08:6E:44:00:C0:A5:36:40:CB
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D3F8
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4595F91CA45611EF8A27286A762E951A.roa
Signing time: Sat 16 Nov 2024 20:06:31 +0000
ROA not before: Sat 16 Nov 2024 20:06:28 +0000
ROA not after: Tue 26 Nov 2024 20:06:28 +0000
asID: 39600
IP address blocks: 156.237.124.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 54264 (0xd3f8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 16 20:06:28 2024 GMT
Not After : Nov 26 20:06:28 2024 GMT
Subject: CN=6738fb47-e91d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:b1:38:af:d3:f7:50:ba:ce:80:1a:21:c1:15:
83:45:7a:6a:2b:6b:59:a8:8f:5f:b7:3e:69:93:c7:
65:6f:45:3f:8d:13:eb:a0:ca:fc:b8:b9:0d:14:18:
c4:33:5a:86:b4:75:d1:96:eb:07:99:54:92:6e:bd:
ad:b6:d8:26:83:9b:a8:75:ff:83:a9:3b:4b:68:ce:
e9:86:04:6b:f3:b3:6c:90:91:e0:c9:53:72:04:93:
fe:23:c8:6e:44:38:cb:31:d3:7e:36:c8:67:99:56:
10:bc:53:b0:41:77:1b:3b:e9:50:4d:07:7e:f7:e2:
99:92:85:e7:b2:22:31:b1:e5:d2:b6:fa:89:15:75:
61:c5:e2:06:62:ab:fe:fb:e2:eb:42:67:7a:8b:b7:
9b:4a:c5:66:10:11:49:50:51:f8:89:1d:18:d9:93:
b4:65:c7:98:ff:0b:56:2d:a2:00:51:9f:72:54:ba:
a4:ef:ec:11:06:1a:c8:ad:0c:9b:41:71:24:fe:57:
c4:85:48:a1:35:81:f8:67:28:ca:62:48:f7:a2:81:
d4:ea:27:26:fa:12:27:e3:0f:c0:1a:d4:60:0e:b1:
66:0a:51:99:ca:1c:84:e1:60:d7:fd:62:b5:5a:a2:
17:99:b1:c6:d5:46:94:49:4b:50:08:1f:f7:59:da:
95:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:2A:FD:F9:A7:6F:49:E8:99:30:76:08:6E:44:00:C0:A5:36:40:CB
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4595F91CA45611EF8A27286A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.237.124.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:c1:16:61:f8:f2:1b:bb:10:a8:a2:e8:b0:19:da:c4:08:c0:
02:34:be:a8:70:b9:4c:c4:34:4f:28:a8:44:53:a0:b6:e3:a8:
8a:33:44:4e:92:fe:1e:8e:e4:84:f3:0c:a0:44:0d:73:6f:a9:
80:be:50:58:95:ea:db:84:fd:36:c2:62:39:9d:8c:2f:7d:92:
62:55:50:21:9e:ab:53:5d:bc:22:6a:e4:f5:c6:20:ad:cc:c0:
61:7c:a4:33:fd:f3:2b:5d:8e:75:c8:57:0d:89:a8:6c:50:0d:
27:45:b6:c3:5f:46:98:30:08:66:26:58:95:1a:32:f7:43:20:
11:9e:c2:4a:de:4d:60:0e:d4:16:42:ad:71:d6:4f:85:89:08:
82:83:52:66:96:25:95:cc:5d:68:f2:6a:15:9d:39:59:d1:68:
d4:51:e6:05:77:17:fe:a2:ad:7c:cc:b3:20:cd:ed:27:4d:5c:
48:b7:e2:6a:8f:7b:d7:af:f1:db:8a:c5:d6:04:0f:a7:e5:1f:
55:95:e0:e5:b0:f8:df:14:d4:60:3a:ed:b6:5e:c0:8c:6d:4a:
52:5e:83:1a:53:00:2b:17:e7:1c:ca:d0:de:e8:e9:da:b7:f9:
ff:da:9a:18:32:8d:5c:d0:16:d5:06:ec:5c:73:0e:3d:79:e9:
b9:b6:18:44
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANP4MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTE2MjAwNjI4WhcNMjQxMTI2MjAwNjI4WjAYMRYw
FAYDVQQDEw02NzM4ZmI0Ny1lOTFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAp7E4r9P3ULrOgBohwRWDRXpqK2tZqI9ftz5pk8dlb0U/jRProMr8uLkN
FBjEM1qGtHXRlusHmVSSbr2tttgmg5uodf+DqTtLaM7phgRr87NskJHgyVNyBJP+
I8huRDjLMdN+NshnmVYQvFOwQXcbO+lQTQd+9+KZkoXnsiIxseXStvqJFXVhxeIG
Yqv+++LrQmd6i7ebSsVmEBFJUFH4iR0Y2ZO0ZceY/wtWLaIAUZ9yVLqk7+wRBhrI
rQybQXEk/lfEhUihNYH4ZyjKYkj3ooHU6icm+hIn4w/AGtRgDrFmClGZyhyE4WDX
/WK1WqIXmbHG1UaUSUtQCB/3WdqV3wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFP4q
/fmnb0nomTB2CG5EAMClNkDLMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80NTk1RjkxQ0E0NTYxMUVGOEEyNzI4NkE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO18MA0GCSqGSIb3DQEBCwUA
A4IBAQA+wRZh+PIbuxCoouiwGdrECMACNL6ocLlMxDRPKKhEU6C246iKM0ROkv4e
juSE8wygRA1zb6mAvlBYlerbhP02wmI5nYwvfZJiVVAhnqtTXbwiauT1xiCtzMBh
fKQz/fMrXY51yFcNiahsUA0nRbbDX0aYMAhmJliVGjL3QyARnsJK3k1gDtQWQq1x
1k+FiQiCg1JmliWVzF1o8moVnTlZ0WjUUeYFdxf+oq18zLMgze0nTVxIt+Jqj3vX
r/HbisXWBA+n5R9VleDlsPjfFNRgOu22XsCMbUpSXoMaUwArF+ccytDe6Onat/n/
2poYMo1c0BbVBuxccw49eem5thhE
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:28 2024 by rpki-client on console-ams.rpki-client.org