Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4C5B628844D811EF9C86EE75762E951A.roa
File: 4C5B628844D811EF9C86EE75762E951A.roa (raw, json)
Hash identifier: chuONx3FInDPAa/sEK9gqrtKtwI/hBy8s9yO/W6cwU8=
Subject key identifier: D8:DC:F5:C8:E0:3E:99:1E:AA:B1:5B:8F:13:60:9F:1B:3E:26:7C:22
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 9D4B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4C5B628844D811EF9C86EE75762E951A.roa
Signing time: Thu 18 Jul 2024 07:35:26 +0000
ROA not before: Thu 18 Jul 2024 07:35:22 +0000
ROA not after: Tue 24 Sep 2024 07:35:22 +0000
asID: 132839
IP address blocks: 156.242.128.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 09 Sep 2024 00:16:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 40267 (0x9d4b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 18 07:35:22 2024 GMT
Not After : Sep 24 07:35:22 2024 GMT
Subject: CN=6698c5be-0e74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:62:5a:50:b8:9b:e6:5b:b9:34:0e:67:c8:09:
69:98:67:85:bb:1e:e9:81:32:63:37:ca:01:84:2c:
71:82:2c:9a:94:ff:dd:4b:4e:cc:b4:e7:98:3f:0f:
a8:3d:5c:9c:85:a0:f9:d1:15:e6:a4:7e:ce:f8:80:
28:f1:37:4a:b2:72:ab:e5:69:95:16:00:98:09:ff:
f9:e7:6d:c0:83:ad:58:25:c7:43:6a:42:10:96:ce:
66:ce:a7:a9:59:72:cd:9c:98:78:28:eb:d1:9e:21:
3f:8f:2f:23:16:ab:9f:f4:17:52:d6:ba:c8:e1:52:
82:ab:31:14:51:ad:68:3e:1b:db:9b:38:8c:72:01:
7c:23:21:ec:59:5b:22:8c:1d:47:5e:c9:28:20:18:
52:96:28:14:e7:35:25:c2:07:b4:4e:59:78:2c:c1:
b1:3d:65:e6:ec:d2:7b:17:44:0e:08:b5:12:0f:20:
8d:42:fd:51:24:12:e6:b7:38:8e:b0:b9:ef:30:93:
58:8c:25:a1:21:ac:3e:63:29:3e:f3:ed:93:91:09:
1b:cd:1b:35:30:b1:d1:79:ed:9f:71:28:81:4a:77:
37:2e:02:dc:f3:9f:c6:ef:58:ae:fe:07:80:5c:6c:
b6:9f:27:c5:15:fb:14:b8:ca:53:fb:d4:c9:cf:8c:
c3:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:DC:F5:C8:E0:3E:99:1E:AA:B1:5B:8F:13:60:9F:1B:3E:26:7C:22
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4C5B628844D811EF9C86EE75762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.242.128.0/19
Signature Algorithm: sha256WithRSAEncryption
8f:2f:e8:3f:2d:11:ad:38:3f:89:46:43:38:3b:bc:b6:02:a4:
cf:43:e2:5b:79:91:d4:51:6c:78:f7:0b:44:c7:4e:f2:c9:3a:
bd:6c:8e:88:77:00:23:81:16:ae:f0:fd:88:87:19:76:30:65:
08:ce:ad:4b:34:d9:16:c3:97:7e:e6:5a:21:42:ea:ef:44:42:
20:52:7b:bf:74:4a:85:48:98:e2:c7:1b:83:e4:86:1e:50:e5:
3c:19:24:0f:6d:fa:47:d1:70:bd:ba:bd:58:c2:9d:85:16:5a:
2d:cd:a2:5f:3c:b8:14:0b:ce:e3:86:af:ba:ee:5e:0d:19:76:
39:21:27:4c:bf:2e:60:27:ec:5e:8c:3d:8f:89:2a:87:e3:1c:
3f:b9:55:fe:ce:6f:c7:99:f8:6d:d5:1b:b9:75:6f:d5:bb:ed:
31:ee:41:fd:ff:3e:f8:c3:09:37:21:a2:fb:d7:ec:76:f3:49:
f3:a3:19:02:87:88:b2:e1:2c:eb:b5:e6:d0:b2:11:16:ad:65:
fc:9d:60:70:0c:61:b8:f6:31:19:f0:01:1e:8e:58:d0:07:66:
4f:ad:74:82:18:b8:f9:73:d6:f3:71:65:43:15:bc:28:45:7d:
0b:14:91:70:f0:c7:de:6a:31:cf:c2:80:49:e4:89:7d:4d:82:
1f:ee:25:90
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAJ1LMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNzE4MDczNTIyWhcNMjQwOTI0MDczNTIyWjAYMRYw
FAYDVQQDEw02Njk4YzViZS0wZTc0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAq2JaULib5lu5NA5nyAlpmGeFux7pgTJjN8oBhCxxgiyalP/dS07MtOeY
Pw+oPVychaD50RXmpH7O+IAo8TdKsnKr5WmVFgCYCf/5523Ag61YJcdDakIQls5m
zqepWXLNnJh4KOvRniE/jy8jFquf9BdS1rrI4VKCqzEUUa1oPhvbmziMcgF8IyHs
WVsijB1HXskoIBhSligU5zUlwge0Tll4LMGxPWXm7NJ7F0QOCLUSDyCNQv1RJBLm
tziOsLnvMJNYjCWhIaw+Yyk+8+2TkQkbzRs1MLHRee2fcSiBSnc3LgLc85/G71iu
/geAXGy2nyfFFfsUuMpT+9TJz4zDrQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNjc
9cjgPpkeqrFbjxNgnxs+JnwiMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80QzVCNjI4ODQ0RDgxMUVGOUM4NkVFNzU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFnPKAMA0GCSqGSIb3DQEBCwUA
A4IBAQCPL+g/LRGtOD+JRkM4O7y2AqTPQ+JbeZHUUWx49wtEx07yyTq9bI6IdwAj
gRau8P2Ihxl2MGUIzq1LNNkWw5d+5lohQurvREIgUnu/dEqFSJjixxuD5IYeUOU8
GSQPbfpH0XC9ur1Ywp2FFlotzaJfPLgUC87jhq+67l4NGXY5ISdMvy5gJ+xejD2P
iSqH4xw/uVX+zm/Hmfht1Ru5dW/Vu+0x7kH9/z74wwk3IaL71+x280nzoxkCh4iy
4SzrtebQshEWrWX8nWBwDGG49jEZ8AEejljQB2ZPrXSCGLj5c9bzcWVDFbwoRX0L
FJFw8MfeajHPwoBJ5Il9TYIf7iWQ
-----END CERTIFICATE-----
Generated at Sat Sep 7 10:38:32 2024 by rpki-client on console-fra.rpki-client.org