Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/67C108726A6511EFBE1B1D77762E951A.roa
File: 67C108726A6511EFBE1B1D77762E951A.roa (raw, json)
Hash identifier: m/f/oOu78HbfzganB8/DCl2M1FP2T0Y0J9fXv1FlDT0=
Subject key identifier: 63:0E:95:DB:26:B9:C8:AB:C6:FB:C9:99:48:FF:29:D3:07:50:2F:30
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: B189
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/67C108726A6511EFBE1B1D77762E951A.roa
Signing time: Wed 04 Sep 2024 02:28:44 +0000
ROA not before: Wed 04 Sep 2024 02:28:40 +0000
ROA not after: Mon 30 Dec 2024 02:28:40 +0000
asID: 17561
IP address blocks: 156.255.88.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 45449 (0xb189)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 4 02:28:40 2024 GMT
Not After : Dec 30 02:28:40 2024 GMT
Subject: CN=66d7c5dc-8143
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:2d:eb:a2:1d:94:3c:24:f6:0d:00:bb:c9:76:
eb:61:d1:66:06:bd:3f:c6:51:19:59:30:c3:98:f6:
6f:f5:80:92:1c:3d:23:6f:68:c4:d1:98:27:4f:91:
76:61:5c:12:37:a0:44:9b:66:94:e7:95:c7:93:9d:
a7:93:db:95:80:75:0f:12:d5:29:0f:56:33:70:42:
8e:83:60:7a:0b:5e:c9:87:5c:bc:87:21:56:3d:9f:
77:55:1e:8f:09:54:da:98:ed:c0:45:6b:f6:1a:87:
9c:e1:56:56:0d:46:94:08:45:20:28:c6:2a:ea:7a:
f5:5c:eb:ed:45:37:ed:3c:1a:0d:56:42:89:71:43:
ea:4b:94:27:5e:b9:8c:48:07:38:33:76:11:60:84:
13:4d:5e:6f:9c:0e:7c:8d:2f:55:12:43:50:7f:e8:
3c:f9:ee:16:f2:6e:37:da:24:e9:ac:fa:0b:09:5e:
99:e9:4b:84:71:87:0b:a8:ef:17:7e:c2:27:cf:8a:
c8:d7:49:27:71:c6:1f:75:a2:dd:55:f4:84:5d:5b:
7f:de:47:72:0c:ae:05:b8:72:b2:88:4f:fa:47:cf:
9f:21:8c:bd:d9:a0:24:5b:79:c8:05:67:74:0f:d7:
12:10:41:43:12:ce:1e:27:39:42:b1:54:42:eb:32:
d1:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:0E:95:DB:26:B9:C8:AB:C6:FB:C9:99:48:FF:29:D3:07:50:2F:30
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/67C108726A6511EFBE1B1D77762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.255.88.0/21
Signature Algorithm: sha256WithRSAEncryption
2f:16:20:b3:48:50:42:37:b1:81:4a:f5:6f:f1:25:0c:29:0b:
d0:1d:bb:c6:c7:a9:f8:9a:1e:64:66:b3:b0:e1:63:fd:89:19:
2f:5a:5b:f1:1a:f0:02:c8:18:0d:1c:76:54:95:ac:d5:0e:54:
e4:4f:ba:a8:53:49:68:8f:1b:3b:ea:70:8c:37:01:80:14:80:
a6:16:a1:a2:16:72:60:8b:fb:e2:08:0c:82:b7:98:de:cf:89:
74:8a:5b:69:d6:7e:03:dd:cb:5f:a2:56:88:58:b9:d2:64:fe:
4f:44:00:52:83:9f:93:ba:e5:39:5e:d8:d4:67:6e:0a:f2:6c:
f8:e3:00:eb:fa:90:ba:e8:26:e1:76:8d:21:ef:77:4a:8a:85:
8d:24:03:5e:ec:84:de:2c:8b:ec:76:28:d0:cb:1f:18:f8:66:
20:16:a6:8b:17:99:6a:8f:83:9c:1f:72:d4:cc:87:af:2b:5a:
a4:9f:f7:16:40:7c:f0:09:5f:f1:4b:ac:04:72:a9:6f:6b:fa:
7e:1a:3d:10:e2:61:92:9c:cc:c5:72:37:bd:3b:ee:39:67:7f:
bc:cf:9c:90:f0:e6:0e:52:17:92:9b:54:bb:ae:22:89:3b:96:
da:72:d2:b8:d5:37:32:64:cf:15:83:e6:f1:80:61:3f:49:0e:
4e:0b:9d:18
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDALGJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwOTA0MDIyODQwWhcNMjQxMjMwMDIyODQwWjAYMRYw
FAYDVQQDEw02NmQ3YzVkYy04MTQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqy3roh2UPCT2DQC7yXbrYdFmBr0/xlEZWTDDmPZv9YCSHD0jb2jE0Zgn
T5F2YVwSN6BEm2aU55XHk52nk9uVgHUPEtUpD1YzcEKOg2B6C17Jh1y8hyFWPZ93
VR6PCVTamO3ARWv2Goec4VZWDUaUCEUgKMYq6nr1XOvtRTftPBoNVkKJcUPqS5Qn
XrmMSAc4M3YRYIQTTV5vnA58jS9VEkNQf+g8+e4W8m432iTprPoLCV6Z6UuEcYcL
qO8XfsInz4rI10knccYfdaLdVfSEXVt/3kdyDK4FuHKyiE/6R8+fIYy92aAkW3nI
BWd0D9cSEEFDEs4eJzlCsVRC6zLRfwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGMO
ldsmucirxvvJmUj/KdMHUC8wMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82N0MxMDg3MjZBNjUxMUVGQkUxQjFENzc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnP9YMA0GCSqGSIb3DQEBCwUA
A4IBAQAvFiCzSFBCN7GBSvVv8SUMKQvQHbvGx6n4mh5kZrOw4WP9iRkvWlvxGvAC
yBgNHHZUlazVDlTkT7qoU0lojxs76nCMNwGAFICmFqGiFnJgi/viCAyCt5jez4l0
iltp1n4D3ctfolaIWLnSZP5PRABSg5+TuuU5XtjUZ24K8mz44wDr+pC66Cbhdo0h
73dKioWNJANe7ITeLIvsdijQyx8Y+GYgFqaLF5lqj4OcH3LUzIevK1qkn/cWQHzw
CV/xS6wEcqlva/p+Gj0Q4mGSnMzFcje9O+45Z3+8z5yQ8OYOUheSm1S7riKJO5ba
ctK41TcyZM8Vg+bxgGE/SQ5OC50Y
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:34 2024 by rpki-client on console-ams.rpki-client.org