Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/55FFD388614C11EFB4CE494C762E951A.roa
File: 55FFD388614C11EFB4CE494C762E951A.roa (raw, json)
Hash identifier: /LXH0M+v3SHZtSoC5/biE67Vru4k5sKS7DapU/iXPPc=
Subject key identifier: 04:74:59:9D:5E:B8:AC:17:C4:89:6A:A2:B1:E1:07:CD:ED:A1:01:D9
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: AD1C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/55FFD388614C11EFB4CE494C762E951A.roa
Signing time: Fri 23 Aug 2024 12:36:36 +0000
ROA not before: Fri 23 Aug 2024 12:36:33 +0000
ROA not after: Fri 19 Dec 2025 12:36:33 +0000
asID: 141190
IP address blocks: 156.240.80.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44316 (0xad1c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Aug 23 12:36:33 2024 GMT
Not After : Dec 19 12:36:33 2025 GMT
Subject: CN=66c88254-6ae1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:b7:3c:08:35:8a:5d:5a:f1:3c:59:8b:9d:d1:
45:61:10:77:51:e3:74:9c:50:73:4c:e3:9e:ad:ee:
4d:45:ee:bd:a4:ae:1a:b8:a0:13:62:19:53:3f:b9:
92:a3:70:50:80:85:9e:57:89:37:9d:88:cb:13:81:
b5:3f:ee:a4:19:fd:56:87:ff:74:69:21:98:1b:18:
c8:7a:d3:d3:a2:3d:0c:08:8c:28:05:c1:e0:6a:7d:
1c:0b:fe:8b:6f:9c:13:f1:79:9c:e2:4b:28:42:93:
22:ca:a0:1f:ad:bb:aa:de:68:7c:f4:64:dc:f4:c6:
e0:e6:95:87:05:61:99:1b:39:9b:8c:81:a0:fa:d5:
ab:be:d0:f9:aa:b7:a0:cd:b1:73:c4:f0:55:ab:40:
7d:88:4d:dc:2c:6e:24:ca:bd:9b:1d:a6:9a:9b:7f:
d7:e4:4a:ea:2f:4b:57:6b:c5:5b:01:af:b7:69:1e:
64:05:98:82:a8:c0:74:c8:4e:6b:b1:7e:a2:46:04:
f1:30:e9:d5:e6:0c:47:da:1f:7a:8a:9a:1d:f0:33:
32:97:aa:c5:29:99:56:4f:27:52:c6:55:1e:da:8a:
c0:c8:de:af:e7:a7:b6:a2:7a:b5:15:fe:a7:9e:ab:
5c:7a:16:c2:e4:55:af:fe:22:49:90:02:1b:fb:2b:
51:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:74:59:9D:5E:B8:AC:17:C4:89:6A:A2:B1:E1:07:CD:ED:A1:01:D9
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/55FFD388614C11EFB4CE494C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.240.80.0/21
Signature Algorithm: sha256WithRSAEncryption
35:cd:f4:ab:1b:c5:49:7e:32:5c:a6:66:67:bc:14:85:e9:c3:
25:c2:23:67:24:b9:1b:2d:4e:ad:9d:07:b8:38:80:b5:9f:f9:
b4:96:a2:54:c3:9c:43:e8:2f:c1:6c:75:f7:ea:88:98:8a:d7:
5a:7b:41:42:9d:66:f3:ba:85:0e:51:35:1b:d6:e5:92:07:0c:
14:5c:2d:45:ff:26:ca:33:d8:e4:7f:67:29:ae:a9:05:2d:81:
e5:5c:8a:8e:8e:34:7e:e0:88:aa:c4:c4:bb:61:81:18:5f:ff:
63:63:62:17:2a:36:5a:60:be:bb:b6:e1:8d:59:9e:9c:05:1e:
86:8c:0c:17:7e:86:fe:72:35:b2:fe:b8:2e:f2:6b:94:8a:82:
ea:e4:75:3f:4a:b7:28:a4:83:50:fa:d7:ec:e6:7d:c3:d5:4a:
9f:c4:72:6a:5b:46:14:83:84:16:74:a1:1d:9d:76:52:4d:f2:
cf:d9:cd:a6:b8:e5:7e:48:0e:39:1e:04:4a:ac:34:83:fc:6f:
67:18:03:4e:e2:da:c2:0f:98:68:92:b0:5d:6c:0b:e7:3b:6d:
b8:2f:2b:54:99:47:dc:04:e8:75:2b:06:0d:93:b0:ab:8b:52:
4f:ae:11:a7:fe:b6:e5:91:01:2c:b8:2a:81:e1:9f:6e:9c:f2:
b4:3e:7c:57
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAK0cMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwODIzMTIzNjMzWhcNMjUxMjE5MTIzNjMzWjAYMRYw
FAYDVQQDEw02NmM4ODI1NC02YWUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAy7c8CDWKXVrxPFmLndFFYRB3UeN0nFBzTOOere5NRe69pK4auKATYhlT
P7mSo3BQgIWeV4k3nYjLE4G1P+6kGf1Wh/90aSGYGxjIetPToj0MCIwoBcHgan0c
C/6Lb5wT8Xmc4ksoQpMiyqAfrbuq3mh89GTc9Mbg5pWHBWGZGzmbjIGg+tWrvtD5
qregzbFzxPBVq0B9iE3cLG4kyr2bHaaam3/X5ErqL0tXa8VbAa+3aR5kBZiCqMB0
yE5rsX6iRgTxMOnV5gxH2h96ipod8DMyl6rFKZlWTydSxlUe2orAyN6v56e2onq1
Ff6nnqtcehbC5FWv/iJJkAIb+ytR5QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAR0
WZ1euKwXxIlqorHhB83toQHZMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81NUZGRDM4ODYxNEMxMUVGQjRDRTQ5NEM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnPBQMA0GCSqGSIb3DQEBCwUA
A4IBAQA1zfSrG8VJfjJcpmZnvBSF6cMlwiNnJLkbLU6tnQe4OIC1n/m0lqJUw5xD
6C/BbHX36oiYitdae0FCnWbzuoUOUTUb1uWSBwwUXC1F/ybKM9jkf2cprqkFLYHl
XIqOjjR+4IiqxMS7YYEYX/9jY2IXKjZaYL67tuGNWZ6cBR6GjAwXfob+cjWy/rgu
8muUioLq5HU/SrcopINQ+tfs5n3D1UqfxHJqW0YUg4QWdKEdnXZSTfLP2c2muOV+
SA45HgRKrDSD/G9nGANO4trCD5hokrBdbAvnO224LytUmUfcBOh1KwYNk7Cri1JP
rhGn/rblkQEsuCqB4Z9unPK0PnxX
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:31 2024 by rpki-client on console-ams.rpki-client.org