Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/47BF68FA6A6711EF88521C84762E951A.roa
File: 47BF68FA6A6711EF88521C84762E951A.roa (raw, json)
Hash identifier: iFJ1cB0xuLaxru9DrFykDX0biZTF3Z9AzHIuViGtfpc=
Subject key identifier: 5A:2E:E0:86:78:3F:F6:43:2C:51:9B:6E:FB:98:DC:EC:4E:4C:FF:AD
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: B191
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/47BF68FA6A6711EF88521C84762E951A.roa
Signing time: Wed 04 Sep 2024 02:42:09 +0000
ROA not before: Wed 04 Sep 2024 02:41:56 +0000
ROA not after: Mon 30 Dec 2024 02:41:56 +0000
asID: 17561
IP address blocks: 156.254.116.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 45457 (0xb191)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 4 02:41:56 2024 GMT
Not After : Dec 30 02:41:56 2024 GMT
Subject: CN=66d7c901-b56d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:67:7b:fd:c0:aa:00:99:d1:00:23:4d:8c:f0:
43:1e:8d:37:78:81:b5:97:a9:36:ca:80:3e:d3:3f:
a9:ed:dc:04:05:eb:50:87:60:de:e5:6c:61:c1:8a:
6f:99:ce:d4:a7:7f:67:fd:ad:8b:81:ba:ee:16:3c:
8e:86:19:7a:4c:c4:ba:11:79:01:5a:d9:ff:62:30:
ab:31:d0:c5:df:cb:36:5e:43:ec:31:67:f4:cc:0b:
9c:27:3e:dd:b7:34:f1:a7:7c:30:ca:ec:8b:b0:27:
1f:10:9f:dd:a9:ed:ec:01:6d:3a:21:01:bf:d8:96:
3d:14:f1:32:24:4b:0b:2c:75:fe:99:64:0f:2e:5b:
5b:a9:56:b0:5a:d3:b8:e5:1c:b0:c5:da:61:b1:1f:
40:83:2b:10:75:4c:d4:bb:f5:38:82:06:3c:23:86:
60:52:f2:d0:c7:6b:15:05:85:6a:c0:55:39:6b:42:
28:69:8e:0f:28:48:68:05:18:a1:99:a6:9e:21:c1:
8a:25:02:44:7c:6f:2b:2a:c4:11:01:fb:9d:1d:4f:
fe:59:85:76:3c:bd:05:4a:81:f5:75:d8:17:47:1f:
08:52:9a:c8:18:13:41:a9:83:26:0e:7d:c0:a0:2c:
7c:6e:a9:f1:f5:61:49:71:2a:b4:b0:25:b0:d1:0f:
7d:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:2E:E0:86:78:3F:F6:43:2C:51:9B:6E:FB:98:DC:EC:4E:4C:FF:AD
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/47BF68FA6A6711EF88521C84762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.254.116.0/22
Signature Algorithm: sha256WithRSAEncryption
9b:a8:94:37:64:f1:46:c9:59:29:fe:30:f5:64:c7:a6:69:ba:
d8:78:45:e5:9c:48:a7:e0:ea:69:73:e3:ce:c6:fe:ee:88:6f:
2f:76:0a:c0:63:18:78:95:5e:ac:bb:19:62:4c:af:0e:01:77:
37:cb:50:ed:a7:ec:64:19:5c:c9:e9:47:22:39:ee:68:0b:c3:
e6:54:6e:5d:a9:47:be:f7:e9:48:87:e7:90:ce:0d:16:58:b0:
49:41:48:89:d8:fd:4f:5d:5d:38:89:5e:08:fd:12:2d:27:f6:
1e:28:ff:aa:67:af:c6:8a:73:85:7b:91:8b:61:21:29:23:24:
3a:68:16:2a:e7:63:a7:94:1f:20:44:d7:14:ef:2d:08:e2:f7:
a0:b9:53:f1:e7:5b:f8:f3:c5:36:25:d3:a0:74:ae:27:57:dd:
ab:f5:48:18:42:00:09:69:a9:4b:c8:ff:73:e4:7e:9a:9c:fe:
60:4f:04:b6:8e:9f:a2:ef:99:c4:6d:81:5b:d6:d0:4b:45:29:
15:ca:9b:4f:6a:89:2b:4b:a3:0d:33:9d:ca:65:b7:9a:81:9c:
bb:ea:f0:c7:b0:21:af:77:ae:07:13:55:6f:76:66:46:ae:d5:
1a:f6:d1:6b:6b:d8:31:47:20:71:6a:ae:45:1c:6f:e3:31:f4:
fd:64:88:12
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDALGRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwOTA0MDI0MTU2WhcNMjQxMjMwMDI0MTU2WjAYMRYw
FAYDVQQDEw02NmQ3YzkwMS1iNTZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApmd7/cCqAJnRACNNjPBDHo03eIG1l6k2yoA+0z+p7dwEBetQh2De5Wxh
wYpvmc7Up39n/a2LgbruFjyOhhl6TMS6EXkBWtn/YjCrMdDF38s2XkPsMWf0zAuc
Jz7dtzTxp3wwyuyLsCcfEJ/dqe3sAW06IQG/2JY9FPEyJEsLLHX+mWQPLltbqVaw
WtO45RywxdphsR9AgysQdUzUu/U4ggY8I4ZgUvLQx2sVBYVqwFU5a0IoaY4PKEho
BRihmaaeIcGKJQJEfG8rKsQRAfudHU/+WYV2PL0FSoH1ddgXRx8IUprIGBNBqYMm
Dn3AoCx8bqnx9WFJcSq0sCWw0Q99NwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFou
4IZ4P/ZDLFGbbvuY3OxOTP+tMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80N0JGNjhGQTZBNjcxMUVGODg1MjFDODQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnP50MA0GCSqGSIb3DQEBCwUA
A4IBAQCbqJQ3ZPFGyVkp/jD1ZMemabrYeEXlnEin4Oppc+POxv7uiG8vdgrAYxh4
lV6suxliTK8OAXc3y1Dtp+xkGVzJ6UciOe5oC8PmVG5dqUe+9+lIh+eQzg0WWLBJ
QUiJ2P1PXV04iV4I/RItJ/YeKP+qZ6/GinOFe5GLYSEpIyQ6aBYq52OnlB8gRNcU
7y0I4veguVPx51v488U2JdOgdK4nV92r9UgYQgAJaalLyP9z5H6anP5gTwS2jp+i
75nEbYFb1tBLRSkVyptPaokrS6MNM53KZbeagZy76vDHsCGvd64HE1VvdmZGrtUa
9tFra9gxRyBxaq5FHG/jMfT9ZIgS
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:28 2024 by rpki-client on console-ams.rpki-client.org