Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/664DD74C9B7D11EFB893C08F762E951A.roa
File: 664DD74C9B7D11EFB893C08F762E951A.roa (raw, json)
Hash identifier: KCvELZaQwnKHmdWufX8FcoFzubM8FSCT4eHaUqfGQgA=
Subject key identifier: 34:32:FD:BB:03:B5:0D:91:99:95:B8:E8:23:6B:E3:C1:9D:D9:D5:0E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: CE81
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/664DD74C9B7D11EFB893C08F762E951A.roa
Signing time: Tue 05 Nov 2024 13:53:56 +0000
ROA not before: Tue 05 Nov 2024 13:53:52 +0000
ROA not after: Mon 13 Jan 2025 13:53:52 +0000
asID: 22773
IP address blocks: 156.239.16.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 52865 (0xce81)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 5 13:53:52 2024 GMT
Not After : Jan 13 13:53:52 2025 GMT
Subject: CN=672a2374-3510
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:08:10:c1:70:24:4f:f9:f4:c0:f6:8d:bd:c0:
de:d2:31:7e:7d:80:0d:1e:51:3b:4d:e9:30:2f:2f:
13:ba:db:8e:46:c2:d4:45:55:a0:b7:f5:c6:c8:c2:
cc:6b:a3:25:da:a7:57:82:32:a2:9e:42:f2:be:cb:
af:2f:02:65:e7:ff:40:4b:4d:7f:09:e1:48:ab:37:
1a:31:fd:79:79:09:42:5d:e3:a7:ba:35:77:83:0e:
c6:68:d8:27:75:89:7b:ac:6d:fc:d4:e9:89:e9:4c:
31:6e:9e:90:b1:d7:16:e9:9e:dd:97:45:2d:a9:6d:
84:84:83:94:b4:f1:97:c7:cd:6a:7d:2a:f0:dd:94:
4a:e3:d4:04:fc:49:ad:d0:8b:4a:16:5d:e9:7d:12:
d1:a9:0a:f6:76:50:34:95:68:da:d8:e4:c5:f6:78:
f1:1e:2f:2f:13:b7:7f:b4:67:a7:c4:de:8d:b9:5d:
22:7c:56:6a:49:33:6e:6e:90:f4:b8:87:a2:74:16:
38:31:82:22:48:14:5a:82:3d:6f:a5:31:dd:25:aa:
c4:bc:d2:2b:b2:15:a1:aa:15:b2:f5:97:ff:b6:a5:
38:95:07:c7:35:95:f8:b9:4f:ae:c8:13:ad:56:ba:
56:9a:25:8d:67:73:18:d2:75:25:ad:60:d9:e9:c0:
f4:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:32:FD:BB:03:B5:0D:91:99:95:B8:E8:23:6B:E3:C1:9D:D9:D5:0E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/664DD74C9B7D11EFB893C08F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.239.16.0/21
Signature Algorithm: sha256WithRSAEncryption
1c:79:01:dc:bc:db:a4:d2:36:c6:07:ea:d9:bc:6c:5e:e5:91:
c8:fb:47:5b:bb:d9:93:4d:9d:6c:22:ca:bb:e3:57:2c:a5:dc:
69:f2:97:23:10:62:32:61:91:c8:e7:7d:4b:a5:a8:83:e9:42:
29:15:e4:88:41:83:eb:ac:52:b2:62:2d:51:b5:a0:51:fb:df:
7c:67:7b:76:85:3e:20:7b:83:71:53:24:4c:5f:74:e0:24:f9:
05:7c:f5:5e:c6:0b:b3:09:1f:d1:48:8b:42:97:18:b2:d8:5f:
3e:23:96:34:e5:e0:b2:84:83:e9:23:3d:03:d6:2e:a4:f5:f0:
70:27:14:ae:10:c2:72:3d:18:5d:30:91:e5:3a:ca:fc:91:70:
0b:3a:0d:01:8b:d3:e7:13:50:ad:eb:9a:67:64:71:b5:6c:11:
08:56:03:c9:2a:c0:08:0b:a6:fb:2c:c0:6a:ec:a4:47:4e:b8:
cf:57:21:9e:aa:b2:9a:4d:ad:f0:31:d7:0b:b7:91:17:26:53:
e3:92:fb:60:9c:26:59:95:5c:41:f2:36:29:db:79:07:81:d6:
5a:23:3d:8e:88:5d:c2:1b:95:86:18:78:a1:cc:e9:94:eb:d5:
06:76:41:46:eb:73:0a:cc:1b:2e:06:41:2d:ed:ad:8d:7a:9d:
c2:e8:40:50
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAM6BMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTA1MTM1MzUyWhcNMjUwMTEzMTM1MzUyWjAYMRYw
FAYDVQQDEw02NzJhMjM3NC0zNTEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqAgQwXAkT/n0wPaNvcDe0jF+fYANHlE7TekwLy8TutuORsLURVWgt/XG
yMLMa6Ml2qdXgjKinkLyvsuvLwJl5/9AS01/CeFIqzcaMf15eQlCXeOnujV3gw7G
aNgndYl7rG381OmJ6Uwxbp6QsdcW6Z7dl0UtqW2EhIOUtPGXx81qfSrw3ZRK49QE
/Emt0ItKFl3pfRLRqQr2dlA0lWja2OTF9njxHi8vE7d/tGenxN6NuV0ifFZqSTNu
bpD0uIeidBY4MYIiSBRagj1vpTHdJarEvNIrshWhqhWy9Zf/tqU4lQfHNZX4uU+u
yBOtVrpWmiWNZ3MY0nUlrWDZ6cD0bwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDQy
/bsDtQ2RmZW46CNr48Gd2dUOMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82NjRERDc0QzlCN0QxMUVGQjg5M0MwOEY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnO8QMA0GCSqGSIb3DQEBCwUA
A4IBAQAceQHcvNuk0jbGB+rZvGxe5ZHI+0dbu9mTTZ1sIsq741cspdxp8pcjEGIy
YZHI531LpaiD6UIpFeSIQYPrrFKyYi1RtaBR+998Z3t2hT4ge4NxUyRMX3TgJPkF
fPVexguzCR/RSItClxiy2F8+I5Y05eCyhIPpIz0D1i6k9fBwJxSuEMJyPRhdMJHl
Osr8kXALOg0Bi9PnE1Ct65pnZHG1bBEIVgPJKsAIC6b7LMBq7KRHTrjPVyGeqrKa
Ta3wMdcLt5EXJlPjkvtgnCZZlVxB8jYp23kHgdZaIz2OiF3CG5WGGHihzOmU69UG
dkFG63MKzBsuBkEt7a2Nep3C6EBQ
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:32 2024 by rpki-client on console-fra.rpki-client.org