Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4AAFCF12A65011EF8B1E3A5E762E951A.roa
File: 4AAFCF12A65011EF8B1E3A5E762E951A.roa (raw, json)
Hash identifier: 0oYLTBuFYTvvF30Sy9/dCHeqWg9Gl9qSymjgm8oBNGk=
Subject key identifier: A4:26:59:90:7F:C1:8C:F5:B7:13:E4:56:90:EE:6B:BE:F4:ED:F1:EE
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D57E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4AAFCF12A65011EF8B1E3A5E762E951A.roa
Signing time: Tue 19 Nov 2024 08:28:45 +0000
ROA not before: Tue 19 Nov 2024 08:28:42 +0000
ROA not after: Sat 23 Nov 2024 08:28:42 +0000
asID: 149014
IP address blocks: 156.236.96.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 54654 (0xd57e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 19 08:28:42 2024 GMT
Not After : Nov 23 08:28:42 2024 GMT
Subject: CN=673c4c3d-d130
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:44:f1:7c:48:8d:08:7c:89:59:de:c7:1b:53:
2e:63:dd:6b:11:07:85:74:74:80:c9:b1:e3:4c:23:
6b:14:f8:e1:71:d0:04:61:04:64:d1:64:ef:95:9e:
87:93:76:73:dc:01:af:4e:d2:46:f8:4d:08:86:f8:
c8:d2:25:09:84:2b:e4:7d:7a:a3:3e:30:b4:b1:00:
91:e9:74:78:9d:0d:95:be:7e:72:90:60:a0:4d:9c:
fb:90:38:a3:11:88:b7:d2:6d:12:d5:b1:b7:37:3b:
a7:e5:af:62:f7:c9:c2:6a:f7:e9:71:c2:3b:3d:4f:
79:52:09:2b:23:1f:f4:df:ae:af:27:2d:4d:6f:b4:
17:e0:aa:ed:c2:67:52:ff:3f:d4:ee:71:76:b6:cd:
dd:49:c8:1e:48:d6:92:2c:fe:af:14:11:ab:8f:be:
81:1b:92:1b:d2:df:7f:89:66:6e:7c:f9:e8:02:a7:
1f:a4:a0:0c:08:74:25:9d:a7:31:b7:52:c8:c7:69:
db:4a:95:87:35:7e:83:cc:2a:5c:e2:8c:79:f4:58:
be:c1:9a:ad:92:39:c1:17:00:f0:2c:4c:32:45:14:
4c:01:ca:4a:b6:8d:8f:ab:83:8f:92:46:98:b7:7e:
86:db:1a:73:fb:48:45:c5:e9:48:be:81:12:90:e9:
a5:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:26:59:90:7F:C1:8C:F5:B7:13:E4:56:90:EE:6B:BE:F4:ED:F1:EE
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4AAFCF12A65011EF8B1E3A5E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.236.96.0/22
Signature Algorithm: sha256WithRSAEncryption
86:b8:ed:c0:82:8a:4d:72:d8:dc:7f:19:67:bb:66:00:63:2c:
b5:2a:09:63:e8:e1:33:7d:1a:ec:e5:28:9e:44:8c:13:87:db:
67:6a:ae:90:6f:e0:77:7a:07:38:39:c0:95:93:66:b3:77:c0:
f8:18:5e:0f:a1:72:08:13:d7:8a:5a:24:2c:97:a6:68:92:d6:
25:75:dd:76:35:c7:76:d2:d9:99:27:f5:91:7e:d6:81:ae:82:
38:92:d0:30:03:4d:08:fd:39:17:7e:78:45:ce:f9:c8:c6:c3:
69:8f:ab:aa:d8:df:64:c6:4a:68:2d:28:2b:d0:68:78:8e:31:
62:7d:af:59:e6:52:d9:14:17:65:8f:96:ba:b1:0a:34:26:3c:
92:91:9e:35:eb:63:8a:ac:fa:fe:31:c7:f4:ce:34:9f:10:18:
b6:0d:02:44:d8:4f:18:32:67:72:c2:86:68:a9:bd:fa:50:53:
20:4f:52:fa:2a:52:31:e6:79:c5:15:4f:3e:34:fb:b7:5a:e6:
e4:ae:6e:ec:50:d3:b1:c0:a6:75:fd:1f:98:d0:0f:17:70:d4:
11:2b:d3:e2:af:52:e2:94:6c:4e:9b:c6:72:98:ee:a5:1a:25:
2b:ae:f1:20:4a:5a:50:28:a0:c3:88:45:5c:f0:b0:24:9e:d5:
03:ee:eb:c4
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANV+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTE5MDgyODQyWhcNMjQxMTIzMDgyODQyWjAYMRYw
FAYDVQQDEw02NzNjNGMzZC1kMTMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA50TxfEiNCHyJWd7HG1MuY91rEQeFdHSAybHjTCNrFPjhcdAEYQRk0WTv
lZ6Hk3Zz3AGvTtJG+E0IhvjI0iUJhCvkfXqjPjC0sQCR6XR4nQ2Vvn5ykGCgTZz7
kDijEYi30m0S1bG3Nzun5a9i98nCavfpccI7PU95UgkrIx/0366vJy1Nb7QX4Krt
wmdS/z/U7nF2ts3dScgeSNaSLP6vFBGrj76BG5Ib0t9/iWZufPnoAqcfpKAMCHQl
nacxt1LIx2nbSpWHNX6DzCpc4ox59Fi+wZqtkjnBFwDwLEwyRRRMAcpKto2Pq4OP
kkaYt36G2xpz+0hFxelIvoESkOmlywIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKQm
WZB/wYz1txPkVpDua7707fHuMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80QUFGQ0YxMkE2NTAxMUVGOEIxRTNBNUU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnOxgMA0GCSqGSIb3DQEBCwUA
A4IBAQCGuO3AgopNctjcfxlnu2YAYyy1Kglj6OEzfRrs5SieRIwTh9tnaq6Qb+B3
egc4OcCVk2azd8D4GF4PoXIIE9eKWiQsl6ZoktYldd12Ncd20tmZJ/WRftaBroI4
ktAwA00I/TkXfnhFzvnIxsNpj6uq2N9kxkpoLSgr0Gh4jjFifa9Z5lLZFBdlj5a6
sQo0JjySkZ4162OKrPr+Mcf0zjSfEBi2DQJE2E8YMmdywoZoqb36UFMgT1L6KlIx
5nnFFU8+NPu3Wubkrm7sUNOxwKZ1/R+Y0A8XcNQRK9Pir1LilGxOm8ZymO6lGiUr
rvEgSlpQKKDDiEVc8LAkntUD7uvE
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:29 2024 by rpki-client on console-ams.rpki-client.org