Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5AEE1F1A7E4011EF8696D540762E951A.roa
File: 5AEE1F1A7E4011EF8696D540762E951A.roa (raw, json)
Hash identifier: 8/hG53kDUXQgm2SoEvvvhMtaNYY4NRXmB4zitbEf0xc=
Subject key identifier: C9:F6:98:30:25:F0:3A:07:56:7A:05:7E:30:F9:46:68:D1:B4:27:CF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: BCA3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5AEE1F1A7E4011EF8696D540762E951A.roa
Signing time: Sun 29 Sep 2024 08:53:54 +0000
ROA not before: Sun 29 Sep 2024 08:53:50 +0000
ROA not after: Mon 30 Dec 2024 08:53:50 +0000
asID: 17561
IP address blocks: 156.241.49.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 48291 (0xbca3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 29 08:53:50 2024 GMT
Not After : Dec 30 08:53:50 2024 GMT
Subject: CN=66f915a2-17dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:39:7b:6d:69:61:b7:6e:f8:47:28:73:08:d7:
b8:5a:ec:59:1e:f8:8b:9f:18:26:f4:e3:ae:32:30:
19:9f:b5:bf:fd:65:d6:ab:d3:35:a9:1f:88:6b:2e:
e9:38:a2:5c:a7:cf:ff:54:86:a0:16:09:87:6e:58:
65:ee:c7:02:fd:c0:59:07:ed:33:9c:dc:7d:01:99:
79:03:32:9f:b4:52:20:3e:54:be:01:c6:a5:1c:03:
d5:fc:ca:15:60:33:0d:2e:1a:0f:48:be:41:78:b8:
8e:e7:89:86:c0:c6:28:75:a5:e1:1b:a2:68:f2:0f:
03:43:2f:53:22:fd:40:0e:1d:81:bf:fe:8a:da:43:
79:8f:78:8a:dc:6e:27:c1:06:e2:ad:de:89:33:4b:
23:2d:84:bf:5c:80:94:38:ae:d3:96:74:04:f3:13:
49:e5:9a:ed:16:3e:a2:c1:1a:7e:de:7f:a9:1c:0b:
41:2b:06:2a:71:df:25:f2:66:fc:3b:2f:bf:ac:06:
70:9e:12:1b:83:66:1b:6e:70:b0:c9:f9:94:54:97:
cc:f2:8e:02:d5:ec:26:4f:a9:0f:96:08:14:de:77:
f7:f3:72:65:5f:2a:48:a5:80:7a:bf:ac:16:06:56:
69:57:fc:01:be:0d:f2:a1:ba:ee:27:35:56:d8:56:
50:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:F6:98:30:25:F0:3A:07:56:7A:05:7E:30:F9:46:68:D1:B4:27:CF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5AEE1F1A7E4011EF8696D540762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.241.49.0/24
Signature Algorithm: sha256WithRSAEncryption
49:c2:df:8a:5a:70:68:49:f9:d0:4a:42:0b:86:25:ad:ee:a1:
e7:90:39:3f:4d:e8:b9:27:30:04:05:11:c1:1b:3c:88:b8:ba:
3b:8b:24:42:59:2a:07:3c:73:dc:eb:b9:7c:74:6b:95:c1:9d:
35:7a:43:a7:2d:84:23:dd:a1:92:b2:90:fb:a0:6c:21:48:05:
ea:17:00:64:57:65:5d:06:55:2a:c7:86:cf:bc:7b:4f:9b:24:
39:9e:bb:db:95:35:98:cb:54:65:01:80:35:a3:c7:e7:83:85:
06:0c:44:7b:d0:a7:e8:48:96:4f:a6:00:4c:cd:a0:10:df:c0:
cd:13:a8:a5:09:e3:99:27:89:90:3c:68:21:4b:2a:49:43:23:
8c:69:99:44:73:4b:e8:c7:94:86:0f:ed:f8:cf:72:30:e4:ca:
0f:69:4a:78:c4:de:86:dd:8b:35:df:3f:6d:71:70:89:ab:89:
4e:5d:52:07:e1:50:9a:90:11:4c:f0:6f:88:cd:c8:61:f5:18:
45:7c:f7:5d:66:18:99:bc:d0:40:6a:82:14:e4:91:f2:9a:34:
ef:97:eb:47:ba:5e:cf:be:03:d7:4a:6c:1d:d1:64:e5:f3:9e:
42:e8:59:af:8d:b4:92:7a:2a:ad:c9:14:ae:4d:a3:89:6c:58:
ff:77:22:bc
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDALyjMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwOTI5MDg1MzUwWhcNMjQxMjMwMDg1MzUwWjAYMRYw
FAYDVQQDEw02NmY5MTVhMi0xN2RkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5Tl7bWlht274RyhzCNe4WuxZHviLnxgm9OOuMjAZn7W//WXWq9M1qR+I
ay7pOKJcp8//VIagFgmHblhl7scC/cBZB+0znNx9AZl5AzKftFIgPlS+AcalHAPV
/MoVYDMNLhoPSL5BeLiO54mGwMYodaXhG6Jo8g8DQy9TIv1ADh2Bv/6K2kN5j3iK
3G4nwQbird6JM0sjLYS/XICUOK7TlnQE8xNJ5ZrtFj6iwRp+3n+pHAtBKwYqcd8l
8mb8Oy+/rAZwnhIbg2YbbnCwyfmUVJfM8o4C1ewmT6kPlggU3nf383JlXypIpYB6
v6wWBlZpV/wBvg3yobruJzVW2FZQtQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMn2
mDAl8DoHVnoFfjD5RmjRtCfPMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81QUVFMUYxQTdFNDAxMUVGODY5NkQ1NDA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPExMA0GCSqGSIb3DQEBCwUA
A4IBAQBJwt+KWnBoSfnQSkILhiWt7qHnkDk/Tei5JzAEBRHBGzyIuLo7iyRCWSoH
PHPc67l8dGuVwZ01ekOnLYQj3aGSspD7oGwhSAXqFwBkV2VdBlUqx4bPvHtPmyQ5
nrvblTWYy1RlAYA1o8fng4UGDER70KfoSJZPpgBMzaAQ38DNE6ilCeOZJ4mQPGgh
SypJQyOMaZlEc0vox5SGD+34z3Iw5MoPaUp4xN6G3Ys13z9tcXCJq4lOXVIH4VCa
kBFM8G+Izchh9RhFfPddZhiZvNBAaoIU5JHymjTvl+tHul7PvgPXSmwd0WTl855C
6FmvjbSSeiqtyRSuTaOJbFj/dyK8
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:32 2024 by rpki-client on console-ams.rpki-client.org