Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4D63664E5DCE11EFBF06948C762E951A.roa
File: 4D63664E5DCE11EFBF06948C762E951A.roa (raw, json)
Hash identifier: Z4+545sGE8wL+tdlEacCm2S4A1JdN+WR9Gj43n/7/3s=
Subject key identifier: 31:A7:AC:E7:19:7F:89:6E:BC:9C:89:DD:B1:62:4A:03:A3:22:FD:93
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: A86D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4D63664E5DCE11EFBF06948C762E951A.roa
Signing time: Mon 19 Aug 2024 01:56:52 +0000
ROA not before: Mon 19 Aug 2024 01:56:48 +0000
ROA not after: Thu 31 Dec 2026 01:56:48 +0000
asID: 17561
IP address blocks: 156.231.2.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43117 (0xa86d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Aug 19 01:56:48 2024 GMT
Not After : Dec 31 01:56:48 2026 GMT
Subject: CN=66c2a663-5a77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:75:e9:7c:2e:d1:d7:6e:8b:78:15:d7:90:ac:
7c:00:13:70:08:34:e5:27:9d:f0:b9:e6:57:76:8d:
78:cc:f5:05:20:ef:e7:67:d4:39:ea:21:dc:0e:66:
91:ee:3d:bc:95:ea:10:da:41:93:87:5d:ed:9b:86:
a9:98:04:16:33:44:fa:c2:14:0c:13:dc:6f:b6:0b:
79:17:9a:6a:3c:f4:5a:68:3e:c3:e0:07:cc:4b:54:
75:39:f6:9c:ee:27:3e:47:c5:52:49:11:45:3b:73:
62:9d:da:cb:b7:2b:67:31:31:29:33:2a:e1:13:98:
b6:88:ba:88:f6:c1:01:74:b9:10:49:f4:6b:91:27:
64:e0:bf:84:38:d1:6c:e3:9d:6e:e6:d2:2a:0d:b9:
b3:1b:4c:6d:06:18:78:af:92:c8:83:5c:d4:59:43:
33:ea:f3:2c:74:09:70:4d:67:1f:3c:58:2c:e7:b0:
ce:f2:1c:a4:9e:57:aa:60:cc:bb:10:14:d6:f8:80:
de:1e:ba:19:11:07:b6:a6:b4:2c:3a:5c:90:10:f2:
e5:71:4f:9f:85:e4:b1:b2:68:f5:03:b0:90:76:ec:
09:51:07:f4:62:b1:19:fd:5f:d8:01:00:18:30:f6:
d8:2f:fd:c2:bc:81:55:09:b0:bd:74:19:9b:bb:46:
ec:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:A7:AC:E7:19:7F:89:6E:BC:9C:89:DD:B1:62:4A:03:A3:22:FD:93
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4D63664E5DCE11EFBF06948C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.231.2.0/24
Signature Algorithm: sha256WithRSAEncryption
29:93:c2:d1:8b:3a:98:c6:2d:fb:47:bd:e0:b9:94:e3:ae:6e:
a2:9d:3f:4c:c3:a9:73:a3:bf:ec:fe:91:e3:5c:52:16:6b:ab:
c2:df:2e:96:1e:e3:d4:0d:63:1f:98:6f:9d:03:5f:b2:19:54:
7c:ec:06:fd:90:80:e9:93:a6:59:97:a1:5c:90:43:9c:2a:67:
ee:0e:a6:24:9c:d1:63:f7:78:76:ed:f1:a1:9b:71:34:71:0b:
4a:d2:3a:e6:f0:ab:f1:94:ff:53:7f:81:99:d5:cc:c2:12:72:
b1:2f:fd:22:61:e3:d4:08:78:19:9c:8b:49:22:39:46:a2:2e:
49:15:e7:1d:48:49:54:f7:da:84:9f:d5:0c:f8:2d:74:3c:d7:
c5:88:6d:bf:4f:9b:dd:71:1f:99:13:20:5e:49:92:4e:81:7e:
96:9f:8c:47:d9:ac:2d:7d:87:37:5c:61:83:0e:ac:80:fb:9b:
86:3c:a7:01:77:bd:8c:bc:2e:42:af:40:7d:80:59:26:9c:64:
1e:bf:1c:82:06:c2:c7:fb:21:91:0f:ee:36:04:65:fd:bb:cd:
b1:9a:7a:6b:f9:8a:7e:c3:4c:df:56:f4:59:97:6d:52:a3:41:
98:ce:6b:c2:e5:34:be:64:07:5d:0e:de:f6:da:4e:32:48:ef:
c4:24:c2:2d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAKhtMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwODE5MDE1NjQ4WhcNMjYxMjMxMDE1NjQ4WjAYMRYw
FAYDVQQDEw02NmMyYTY2My01YTc3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA33XpfC7R126LeBXXkKx8ABNwCDTlJ53wueZXdo14zPUFIO/nZ9Q56iHc
DmaR7j28leoQ2kGTh13tm4apmAQWM0T6whQME9xvtgt5F5pqPPRaaD7D4AfMS1R1
Ofac7ic+R8VSSRFFO3NindrLtytnMTEpMyrhE5i2iLqI9sEBdLkQSfRrkSdk4L+E
ONFs451u5tIqDbmzG0xtBhh4r5LIg1zUWUMz6vMsdAlwTWcfPFgs57DO8hyknleq
YMy7EBTW+IDeHroZEQe2prQsOlyQEPLlcU+fheSxsmj1A7CQduwJUQf0YrEZ/V/Y
AQAYMPbYL/3CvIFVCbC9dBmbu0bsPQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDGn
rOcZf4luvJyJ3bFiSgOjIv2TMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80RDYzNjY0RTVEQ0UxMUVGQkYwNjk0OEM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOcCMA0GCSqGSIb3DQEBCwUA
A4IBAQApk8LRizqYxi37R73guZTjrm6inT9Mw6lzo7/s/pHjXFIWa6vC3y6WHuPU
DWMfmG+dA1+yGVR87Ab9kIDpk6ZZl6FckEOcKmfuDqYknNFj93h27fGhm3E0cQtK
0jrm8KvxlP9Tf4GZ1czCEnKxL/0iYePUCHgZnItJIjlGoi5JFecdSElU99qEn9UM
+C10PNfFiG2/T5vdcR+ZEyBeSZJOgX6Wn4xH2awtfYc3XGGDDqyA+5uGPKcBd72M
vC5Cr0B9gFkmnGQevxyCBsLH+yGRD+42BGX9u82xmnpr+Yp+w0zfVvRZl21So0GY
zmvC5TS+ZAddDt722k4ySO/EJMIt
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:28 2024 by rpki-client on console-fra.rpki-client.org