Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5147DD1E9B7A11EF8E969F7B762E951A.roa
File: 5147DD1E9B7A11EF8E969F7B762E951A.roa (raw, json)
Hash identifier: qKt8C3v/S5SBePEKP01av5zoZCcZCjUT4FpcGihayY4=
Subject key identifier: 13:79:6D:C5:BE:8F:E6:DF:3E:84:57:D3:04:F9:17:13:3B:68:28:06
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: CE5B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5147DD1E9B7A11EF8E969F7B762E951A.roa
Signing time: Tue 05 Nov 2024 13:31:52 +0000
ROA not before: Tue 05 Nov 2024 13:31:49 +0000
ROA not after: Mon 13 Jan 2025 13:31:49 +0000
asID: 22773
IP address blocks: 156.232.0.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 52827 (0xce5b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 5 13:31:49 2024 GMT
Not After : Jan 13 13:31:49 2025 GMT
Subject: CN=672a1e48-865d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:6a:82:1a:50:eb:80:da:c7:4a:14:73:25:5e:
0f:41:3c:e7:c0:6e:0e:32:e8:64:dd:d9:0e:5b:03:
4f:55:07:c2:ad:d8:67:90:f3:8e:14:6b:56:f0:d9:
89:46:8c:ed:34:c1:cb:df:70:e6:ca:24:67:16:d8:
9c:a4:af:a0:d8:20:08:05:4c:a3:32:3e:27:67:95:
b9:f8:d6:67:8a:e0:19:9d:0b:0f:30:8d:03:40:18:
0d:5f:c8:30:62:ed:c4:31:88:3d:4e:01:89:78:fc:
bf:0b:38:ae:a6:32:e1:c0:20:e6:34:e5:5d:32:a6:
a6:6c:dd:3f:8e:09:34:2c:61:77:38:0b:12:15:ac:
74:fd:12:2f:20:b3:7c:61:aa:d7:23:51:1f:9d:fe:
e0:87:2f:34:3e:a6:a0:7e:60:6e:53:a4:91:6b:1e:
00:2d:e6:74:6e:ad:49:24:05:d4:e2:ed:8d:ac:31:
71:96:3a:12:8c:b0:90:a0:60:d8:f7:0b:04:ac:07:
bb:b7:7f:3f:4a:fe:58:cd:ac:30:ed:e5:c5:24:0e:
a3:25:0d:a1:f5:c7:9d:a4:65:50:08:ae:60:cf:6e:
18:c9:45:b4:64:db:9a:e9:91:69:fe:fb:5b:d2:96:
07:c9:d3:ba:62:94:85:f0:de:b3:09:39:c9:5e:50:
9a:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:79:6D:C5:BE:8F:E6:DF:3E:84:57:D3:04:F9:17:13:3B:68:28:06
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5147DD1E9B7A11EF8E969F7B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.232.0.0/23
Signature Algorithm: sha256WithRSAEncryption
30:4b:99:05:a1:7e:0b:d8:9a:1e:83:4f:1d:7f:60:20:4a:8b:
13:94:36:12:da:a6:4a:c2:37:47:6d:0d:50:99:d8:4e:25:cd:
71:c3:ab:35:e9:85:d3:db:cf:7f:5c:81:7d:89:bc:62:a4:cb:
5c:2c:4b:22:b5:43:f2:02:ea:1a:5c:74:dd:5b:54:99:61:c0:
39:9a:6d:57:54:0b:6e:23:86:a4:05:66:a3:f0:f7:be:55:5a:
1f:b5:c2:8b:4b:42:97:50:9f:8d:ef:97:28:ae:68:88:27:f3:
42:aa:c5:e2:5a:22:ea:d4:40:0c:54:c1:bb:fe:47:a4:09:e7:
0d:d8:86:10:9c:6b:b4:57:bb:73:de:9b:1a:99:3a:9c:fc:e5:
16:f6:83:91:97:4d:85:ae:6e:a6:3f:4a:11:16:98:1f:7a:63:
3e:19:9c:1c:0a:4a:2a:92:f3:98:3c:f8:ff:3c:68:87:24:9d:
5b:ee:fe:01:9d:e7:1c:99:45:70:01:f1:f1:d8:a6:dd:f2:53:
2a:9d:76:45:14:97:ed:6b:bf:a2:de:ff:9c:d1:18:0f:ae:cf:
eb:3d:64:c5:51:90:6e:dd:3d:92:c5:4f:2a:d2:14:3f:33:9c:
cf:40:9d:26:ce:16:e2:91:30:00:32:57:0d:c8:5c:4b:19:08:
68:52:7f:e6
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAM5bMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTA1MTMzMTQ5WhcNMjUwMTEzMTMzMTQ5WjAYMRYw
FAYDVQQDEw02NzJhMWU0OC04NjVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6GqCGlDrgNrHShRzJV4PQTznwG4OMuhk3dkOWwNPVQfCrdhnkPOOFGtW
8NmJRoztNMHL33DmyiRnFticpK+g2CAIBUyjMj4nZ5W5+NZniuAZnQsPMI0DQBgN
X8gwYu3EMYg9TgGJePy/CziupjLhwCDmNOVdMqambN0/jgk0LGF3OAsSFax0/RIv
ILN8YarXI1Efnf7ghy80PqagfmBuU6SRax4ALeZ0bq1JJAXU4u2NrDFxljoSjLCQ
oGDY9wsErAe7t38/Sv5Yzaww7eXFJA6jJQ2h9cedpGVQCK5gz24YyUW0ZNua6ZFp
/vtb0pYHydO6YpSF8N6zCTnJXlCa2wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBN5
bcW+j+bfPoRX0wT5FxM7aCgGMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81MTQ3REQxRTlCN0ExMUVGOEU5NjlGN0I3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnOgAMA0GCSqGSIb3DQEBCwUA
A4IBAQAwS5kFoX4L2Joeg08df2AgSosTlDYS2qZKwjdHbQ1QmdhOJc1xw6s16YXT
289/XIF9ibxipMtcLEsitUPyAuoaXHTdW1SZYcA5mm1XVAtuI4akBWaj8Pe+VVof
tcKLS0KXUJ+N75cormiIJ/NCqsXiWiLq1EAMVMG7/kekCecN2IYQnGu0V7tz3psa
mTqc/OUW9oORl02Frm6mP0oRFpgfemM+GZwcCkoqkvOYPPj/PGiHJJ1b7v4Bnecc
mUVwAfHx2Kbd8lMqnXZFFJfta7+i3v+c0RgPrs/rPWTFUZBu3T2SxU8q0hQ/M5zP
QJ0mzhbikTAAMlcNyFxLGQhoUn/m
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:30 2024 by rpki-client on console-ams.rpki-client.org