Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4D16BE9A6A6011EFA574E050762E951A.roa
File: 4D16BE9A6A6011EFA574E050762E951A.roa (raw, json)
Hash identifier: H1r+1M2Ng1XZl9BER/Tq2rECFV1g6IKWro1gLo+ryGc=
Subject key identifier: 6F:4A:93:36:48:13:5C:0C:03:64:45:EA:E3:6A:35:C2:6C:2A:C5:7D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: B17F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4D16BE9A6A6011EFA574E050762E951A.roa
Signing time: Wed 04 Sep 2024 01:52:11 +0000
ROA not before: Wed 04 Sep 2024 01:52:08 +0000
ROA not after: Mon 30 Dec 2024 01:52:08 +0000
asID: 17561
IP address blocks: 156.254.112.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 45439 (0xb17f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 4 01:52:08 2024 GMT
Not After : Dec 30 01:52:08 2024 GMT
Subject: CN=66d7bd4b-3c54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:c2:6b:fc:78:5d:d4:be:39:87:53:95:1c:c7:
d8:1c:6f:93:43:3d:f5:03:86:d8:cf:f2:fa:59:3d:
0c:cd:33:62:de:86:95:03:bb:19:54:30:7d:cb:c2:
54:4b:9c:54:40:db:36:9e:8e:20:a4:7e:0e:e1:3c:
94:55:33:32:5c:24:86:3f:d6:e3:82:b8:b0:31:18:
82:d7:0d:09:bd:64:a2:d3:fc:ff:94:01:92:ec:17:
ee:30:a8:ed:06:94:14:d2:3f:87:c0:49:78:c1:88:
ff:3c:74:4c:16:fb:77:49:c6:84:a0:bb:37:4d:bc:
1b:da:bc:d5:56:e5:6e:20:32:08:d7:b0:0d:d2:ec:
9a:47:c0:6a:5d:8d:ac:34:ed:ce:e2:9b:2e:cf:b8:
d4:28:29:4c:1d:0d:77:0a:13:17:1a:a6:2c:76:14:
ad:7a:57:5c:c5:76:e3:bb:e7:4a:ee:6a:92:7d:1b:
9e:f8:ae:09:d6:08:c6:86:59:8b:e1:61:a5:41:ac:
3e:66:46:66:c8:0b:eb:96:5c:d2:64:8c:00:d9:5a:
00:fd:19:6f:78:aa:24:f2:46:13:ef:6b:97:4b:cc:
c8:25:ce:e9:98:99:54:42:42:b4:98:06:8f:0a:94:
af:3c:d3:ef:89:ed:7f:f7:be:2b:45:4b:2b:7e:14:
8a:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:4A:93:36:48:13:5C:0C:03:64:45:EA:E3:6A:35:C2:6C:2A:C5:7D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4D16BE9A6A6011EFA574E050762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.254.112.0/22
Signature Algorithm: sha256WithRSAEncryption
1d:fb:b5:d2:67:6f:f1:bf:9d:20:1a:7a:7f:00:06:18:3f:4b:
1f:bb:62:9d:92:4d:d0:b0:dc:2d:bb:00:34:6d:19:90:25:62:
62:aa:c5:5c:7e:eb:1d:45:57:f1:4b:bf:e4:2e:c7:00:cb:32:
15:39:94:93:1b:5a:16:a5:ba:a2:4c:53:cb:83:06:06:1c:72:
90:de:ba:c6:6e:a7:6b:7b:52:c3:2a:90:17:b0:44:53:4f:26:
ad:a2:bd:40:bb:fd:76:f3:76:8f:31:d6:6b:ba:ea:69:ce:9a:
f4:18:54:30:40:be:65:39:07:4f:83:24:72:52:08:51:b9:81:
0c:e2:e1:f0:f7:b4:15:b4:5b:25:1c:e2:f7:94:49:14:81:35:
b5:2e:69:86:c0:5c:b8:b8:f9:cd:30:27:7b:1d:ea:37:15:e1:
b0:83:c3:67:f5:33:e2:24:89:83:ac:1c:62:3c:1f:b0:92:d0:
d3:3c:82:8a:e0:e2:6b:80:c3:23:9b:5c:de:50:97:52:8e:c5:
3b:df:60:00:3d:f5:fb:2f:c4:d6:1c:d1:06:38:5b:14:f5:8e:
b3:56:a2:2b:71:dd:e2:e8:46:3b:68:e7:bf:c9:73:c6:f3:56:
cf:72:96:52:35:7d:2c:52:64:47:ec:c8:14:2a:22:fd:c0:78:
04:da:7a:7c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDALF/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwOTA0MDE1MjA4WhcNMjQxMjMwMDE1MjA4WjAYMRYw
FAYDVQQDEw02NmQ3YmQ0Yi0zYzU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAr8Jr/Hhd1L45h1OVHMfYHG+TQz31A4bYz/L6WT0MzTNi3oaVA7sZVDB9
y8JUS5xUQNs2no4gpH4O4TyUVTMyXCSGP9bjgriwMRiC1w0JvWSi0/z/lAGS7Bfu
MKjtBpQU0j+HwEl4wYj/PHRMFvt3ScaEoLs3Tbwb2rzVVuVuIDII17AN0uyaR8Bq
XY2sNO3O4psuz7jUKClMHQ13ChMXGqYsdhSteldcxXbju+dK7mqSfRue+K4J1gjG
hlmL4WGlQaw+ZkZmyAvrllzSZIwA2VoA/RlveKok8kYT72uXS8zIJc7pmJlUQkK0
mAaPCpSvPNPvie1/974rRUsrfhSK4wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFG9K
kzZIE1wMA2RF6uNqNcJsKsV9MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80RDE2QkU5QTZBNjAxMUVGQTU3NEUwNTA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnP5wMA0GCSqGSIb3DQEBCwUA
A4IBAQAd+7XSZ2/xv50gGnp/AAYYP0sfu2Kdkk3QsNwtuwA0bRmQJWJiqsVcfusd
RVfxS7/kLscAyzIVOZSTG1oWpbqiTFPLgwYGHHKQ3rrGbqdre1LDKpAXsERTTyat
or1Au/1283aPMdZruuppzpr0GFQwQL5lOQdPgyRyUghRuYEM4uHw97QVtFslHOL3
lEkUgTW1LmmGwFy4uPnNMCd7Heo3FeGwg8Nn9TPiJImDrBxiPB+wktDTPIKK4OJr
gMMjm1zeUJdSjsU732AAPfX7L8TWHNEGOFsU9Y6zVqIrcd3i6EY7aOe/yXPG81bP
cpZSNX0sUmRH7MgUKiL9wHgE2np8
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:28 2024 by rpki-client on console-fra.rpki-client.org