Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/663F4A145EED11EF96578F78762E951A.roa
File: 663F4A145EED11EF96578F78762E951A.roa (raw, json)
Hash identifier: PuN/zpwFDMtGXyrRJREmYi/PJyJzuhD2WQ/k9fcmziY=
Subject key identifier: 98:87:C8:DD:99:BC:CC:6F:D6:32:CE:4F:9F:4E:60:60:35:D5:74:34
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: A9B0
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/663F4A145EED11EF96578F78762E951A.roa
Signing time: Tue 20 Aug 2024 12:11:59 +0000
ROA not before: Tue 20 Aug 2024 12:11:55 +0000
ROA not after: Tue 27 May 2025 12:11:55 +0000
asID: 399077
IP address blocks: 156.251.57.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43440 (0xa9b0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Aug 20 12:11:55 2024 GMT
Not After : May 27 12:11:55 2025 GMT
Subject: CN=66c4880f-d86c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:3c:7a:83:cf:be:7a:4f:2a:77:d9:dc:db:f7:
e8:25:26:ef:6a:f8:80:77:a2:4d:9f:01:83:ff:2b:
5d:c1:3e:82:3c:50:24:b4:f0:82:86:71:e4:55:00:
29:e2:d7:03:be:bd:4a:9f:fb:79:fb:7e:9c:ab:c0:
3a:d9:e4:5d:7a:12:30:ee:7d:ce:8c:af:cb:9c:15:
a9:2c:ba:43:1c:91:f9:66:06:cb:22:60:63:7e:4c:
17:41:ab:6a:d4:90:1f:40:13:c7:46:be:cc:1d:75:
52:a7:f3:c0:f3:90:65:fe:a6:82:f9:79:b3:d1:9a:
3b:e4:7b:c0:95:c1:e8:10:79:b7:77:40:4e:ca:e5:
fe:49:80:fd:7b:05:49:b1:b0:55:19:d8:94:ce:b7:
1b:2d:df:90:bc:19:54:68:11:8f:cd:81:14:e5:8c:
b4:4f:a4:48:3e:f5:08:d3:22:00:bc:4b:38:d1:ae:
c9:49:f2:e2:49:57:78:ac:a5:ff:30:72:2f:b5:e8:
cc:d8:f8:7b:8e:4f:38:df:45:91:09:c2:b5:da:9d:
1e:fe:44:96:83:c7:26:69:0d:de:48:07:b4:37:4f:
6c:25:32:cd:36:e9:a7:b4:df:91:41:bb:7d:85:d3:
98:b6:6e:c0:53:8a:b0:1e:ef:81:ac:a1:0c:d4:56:
a3:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:87:C8:DD:99:BC:CC:6F:D6:32:CE:4F:9F:4E:60:60:35:D5:74:34
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/663F4A145EED11EF96578F78762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.251.57.0/24
Signature Algorithm: sha256WithRSAEncryption
48:1a:04:18:31:7a:82:c7:86:52:f6:b6:d3:b8:dd:2f:51:bc:
bb:6a:08:a1:6c:57:1d:7c:24:a1:99:b1:88:6a:f0:fd:f1:0c:
46:7f:c8:51:77:12:a4:36:8b:20:51:aa:c4:7a:cc:b4:f8:ce:
4e:7a:88:28:ff:0d:d0:75:59:df:69:dc:15:bf:f1:e9:29:68:
cd:c0:c6:e7:a5:c0:08:70:27:97:6e:2c:8b:6c:07:ef:0a:f0:
69:66:82:5e:7f:8e:4d:0d:0d:51:b8:2e:af:24:a7:6b:33:a1:
24:69:99:3a:9b:78:48:31:12:b0:45:4d:79:1f:1f:85:cc:11:
38:88:57:43:ef:1f:d9:66:cc:57:77:48:08:a2:9f:70:4f:38:
d9:59:10:02:24:ae:ac:87:04:19:17:a7:1f:f4:03:6a:f0:a7:
ed:d6:7b:9b:a1:9f:73:bf:a1:e4:1c:0a:60:dc:ae:98:1b:cc:
63:3b:eb:3b:f0:9b:f9:28:d2:b0:22:da:b1:34:35:03:a3:15:
a2:d8:90:26:ca:88:67:4a:8c:15:17:8e:f8:27:b5:c8:db:1f:
3f:8c:29:b2:db:4e:85:6f:2e:23:0d:a7:eb:9b:50:20:ae:79:
b9:cd:aa:f5:31:05:07:68:bd:24:6b:9f:19:dc:ff:13:78:76:
b1:fa:74:14
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAKmwMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwODIwMTIxMTU1WhcNMjUwNTI3MTIxMTU1WjAYMRYw
FAYDVQQDEw02NmM0ODgwZi1kODZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1Dx6g8++ek8qd9nc2/foJSbvaviAd6JNnwGD/ytdwT6CPFAktPCChnHk
VQAp4tcDvr1Kn/t5+36cq8A62eRdehIw7n3OjK/LnBWpLLpDHJH5ZgbLImBjfkwX
Qatq1JAfQBPHRr7MHXVSp/PA85Bl/qaC+Xmz0Zo75HvAlcHoEHm3d0BOyuX+SYD9
ewVJsbBVGdiUzrcbLd+QvBlUaBGPzYEU5Yy0T6RIPvUI0yIAvEs40a7JSfLiSVd4
rKX/MHIvtejM2Ph7jk8430WRCcK12p0e/kSWg8cmaQ3eSAe0N09sJTLNNumntN+R
Qbt9hdOYtm7AU4qwHu+BrKEM1FajowIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJiH
yN2ZvMxv1jLOT59OYGA11XQ0MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82NjNGNEExNDVFRUQxMUVGOTY1NzhGNzg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPs5MA0GCSqGSIb3DQEBCwUA
A4IBAQBIGgQYMXqCx4ZS9rbTuN0vUby7agihbFcdfCShmbGIavD98QxGf8hRdxKk
NosgUarEesy0+M5Oeogo/w3QdVnfadwVv/HpKWjNwMbnpcAIcCeXbiyLbAfvCvBp
ZoJef45NDQ1RuC6vJKdrM6EkaZk6m3hIMRKwRU15Hx+FzBE4iFdD7x/ZZsxXd0gI
op9wTzjZWRACJK6shwQZF6cf9ANq8Kft1nuboZ9zv6HkHApg3K6YG8xjO+s78Jv5
KNKwItqxNDUDoxWi2JAmyohnSowVF474J7XI2x8/jCmy206Fby4jDafrm1Agrnm5
zar1MQUHaL0ka58Z3P8TeHax+nQU
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:33 2024 by rpki-client on console-ams.rpki-client.org