Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4B507EA4EC0511EE89DEE571775412E6.roa
File: 4B507EA4EC0511EE89DEE571775412E6.roa (raw, json)
Hash identifier: A2FVAFuzBHzx9Rn8pZsi51YpgD51Y37WqVIhEs8qgbQ=
Subject key identifier: B0:C2:AD:A9:FB:36:64:B6:12:A1:9B:5D:DE:DA:FF:A8:76:3F:73:E2
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 80CA
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4B507EA4EC0511EE89DEE571775412E6.roa
Signing time: Wed 27 Mar 2024 06:43:18 +0000
ROA not before: Wed 27 Mar 2024 06:43:14 +0000
ROA not after: Sat 29 Mar 2025 06:43:14 +0000
asID: 21859
IP address blocks: 156.226.0.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 32970 (0x80ca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Mar 27 06:43:14 2024 GMT
Not After : Mar 29 06:43:14 2025 GMT
Subject: CN=6603c006-b6c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:fd:e2:4e:9f:7b:b2:4e:e9:19:b5:9e:72:ed:
8c:18:fd:89:e4:a0:73:15:7f:e4:7e:d7:a1:c4:53:
68:79:56:cb:8e:9e:21:cd:56:1c:b6:5c:7c:58:b2:
33:c5:c2:dc:c6:8e:06:43:7b:e0:b0:21:c8:c7:03:
96:1a:af:d6:48:f2:f8:77:28:ef:f6:a7:8f:c7:3e:
16:28:e6:d5:eb:e3:59:d9:47:e1:f9:91:3f:e0:47:
38:db:1b:bf:67:90:cc:1f:27:65:f3:7f:0a:cc:f6:
14:cd:d4:23:da:15:1c:a2:d6:30:d4:bc:8d:ea:39:
d7:d6:22:5e:7d:00:34:3f:89:06:80:ec:ee:f9:c2:
f6:31:e3:b5:c0:c7:e6:c0:5a:7d:ce:bc:a8:51:e8:
05:54:c2:c6:0b:7d:7a:82:a2:0f:b6:bd:24:5b:b7:
92:f2:56:ab:98:c6:55:03:b6:87:a9:50:84:42:5c:
cf:80:d0:52:eb:60:5b:cf:7a:9b:ff:d4:90:50:9d:
b4:e6:7a:fa:40:41:02:f4:d2:2e:cf:d4:d5:76:82:
b4:4f:e4:4d:34:28:5d:ec:66:3b:30:94:f4:8a:0f:
34:5e:ad:e8:5f:62:a2:49:1f:92:95:31:41:9b:76:
0d:e0:76:10:fe:b5:c7:49:d6:d8:cf:3e:e4:d7:a4:
13:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:C2:AD:A9:FB:36:64:B6:12:A1:9B:5D:DE:DA:FF:A8:76:3F:73:E2
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4B507EA4EC0511EE89DEE571775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.226.0.0/23
Signature Algorithm: sha256WithRSAEncryption
68:1d:76:b8:a1:14:42:09:63:b5:0a:33:a0:1f:4f:4e:93:41:
9e:db:62:fb:10:cb:db:1b:51:5e:3f:62:a1:67:42:7a:8d:e2:
1f:7b:b7:12:5a:e5:d1:00:4d:4c:84:8d:88:a1:7a:eb:7c:54:
cf:34:cc:91:19:62:3d:51:57:f3:0b:2e:c0:d5:5d:e8:cd:8e:
b1:40:ab:fa:dc:ff:d3:a5:52:d5:f9:89:27:3c:8f:75:95:3d:
ea:d3:f6:be:64:c6:a5:71:92:a8:2c:19:0e:22:0c:71:8d:1c:
ce:34:c3:f2:de:17:0b:f6:da:4b:d0:e8:cd:e9:36:b4:94:73:
bf:12:4a:1e:c2:c8:cb:6f:e2:65:7e:d0:93:73:72:88:41:bf:
43:da:e6:86:c8:40:40:29:92:b3:a9:26:c1:03:90:24:26:9c:
5b:ab:6d:b8:c2:44:71:2f:d9:92:3e:af:34:30:47:73:72:06:
b5:fa:90:27:84:d1:c9:32:18:4a:94:a2:db:05:af:a9:41:39:
04:71:78:27:f4:c1:25:cf:c4:9f:31:a7:77:fd:82:b4:bf:98:
86:e7:6f:73:2e:c2:0b:e8:f7:7e:87:ed:f7:fe:47:8c:1b:53:
8a:30:cd:58:8d:5b:8d:e3:d8:aa:4d:ba:4b:d2:8d:4d:60:d1:
3e:bd:a4:02
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAIDKMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwMzI3MDY0MzE0WhcNMjUwMzI5MDY0MzE0WjAYMRYw
FAYDVQQDEw02NjAzYzAwNi1iNmM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqv3iTp97sk7pGbWecu2MGP2J5KBzFX/kftehxFNoeVbLjp4hzVYctlx8
WLIzxcLcxo4GQ3vgsCHIxwOWGq/WSPL4dyjv9qePxz4WKObV6+NZ2Ufh+ZE/4Ec4
2xu/Z5DMHydl838KzPYUzdQj2hUcotYw1LyN6jnX1iJefQA0P4kGgOzu+cL2MeO1
wMfmwFp9zryoUegFVMLGC316gqIPtr0kW7eS8larmMZVA7aHqVCEQlzPgNBS62Bb
z3qb/9SQUJ205nr6QEEC9NIuz9TVdoK0T+RNNChd7GY7MJT0ig80Xq3oX2KiSR+S
lTFBm3YN4HYQ/rXHSdbYzz7k16QTPwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLDC
ran7NmS2EqGbXd7a/6h2P3PiMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80QjUwN0VBNEVDMDUxMUVFODlERUU1NzE3NzU0MTJFNi5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnOIAMA0GCSqGSIb3DQEBCwUA
A4IBAQBoHXa4oRRCCWO1CjOgH09Ok0Ge22L7EMvbG1FeP2KhZ0J6jeIfe7cSWuXR
AE1MhI2IoXrrfFTPNMyRGWI9UVfzCy7A1V3ozY6xQKv63P/TpVLV+YknPI91lT3q
0/a+ZMalcZKoLBkOIgxxjRzONMPy3hcL9tpL0OjN6Ta0lHO/EkoewsjLb+JlftCT
c3KIQb9D2uaGyEBAKZKzqSbBA5AkJpxbq224wkRxL9mSPq80MEdzcga1+pAnhNHJ
MhhKlKLbBa+pQTkEcXgn9MElz8SfMad3/YK0v5iG529zLsIL6Pd+h+33/keMG1OK
MM1YjVuN49iqTbpL0o1NYNE+vaQC
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:28 2024 by rpki-client on console-fra.rpki-client.org