Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/687D8A965EEF11EF92A62285762E951A.roa
File: 687D8A965EEF11EF92A62285762E951A.roa (raw, json)
Hash identifier: IEkBeT8kD6+EqExKohsIb4FnvIE5PTuHwJLkrS90U0k=
Subject key identifier: 1E:08:28:8C:75:1C:AD:D0:20:D3:F3:4F:F7:B2:E4:0D:41:0C:CF:82
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: A9C8
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/687D8A965EEF11EF92A62285762E951A.roa
Signing time: Tue 20 Aug 2024 12:26:23 +0000
ROA not before: Tue 20 Aug 2024 12:26:16 +0000
ROA not after: Tue 27 May 2025 12:26:16 +0000
asID: 399077
IP address blocks: 156.251.43.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43464 (0xa9c8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Aug 20 12:26:16 2024 GMT
Not After : May 27 12:26:16 2025 GMT
Subject: CN=66c48b6f-b602
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:3c:be:09:59:25:fa:f1:dd:bc:99:40:ba:c7:
34:c2:92:0e:7d:9b:84:45:42:07:fa:05:3a:5e:50:
94:12:a0:13:ad:ca:7e:36:43:bc:d2:a4:e3:5e:af:
e0:9a:8b:1d:9c:be:02:4d:81:8b:1d:bb:ba:e1:5c:
51:5e:aa:1e:4c:55:b1:32:f2:44:2e:8a:1e:6c:ec:
16:3e:b7:ad:f6:99:c7:2b:94:f9:0d:99:e9:6b:25:
b9:d8:3d:3a:ca:5a:ce:51:8e:c0:08:eb:5b:f5:fb:
7b:58:01:e8:34:3b:95:70:74:42:c9:5c:28:ee:50:
50:53:ab:4b:76:22:ed:68:2d:89:e2:50:55:6f:7b:
88:af:67:ac:72:1a:bb:e3:e0:43:83:3b:80:6a:e3:
81:c3:d0:b8:70:b3:7b:b9:1a:f9:07:ab:68:18:3a:
60:e8:62:ae:86:c0:1f:b0:de:c8:6e:a0:32:c5:f1:
39:4e:36:b0:7a:06:f6:e1:15:02:b1:8a:32:5b:8c:
af:49:76:9f:0a:7e:9d:37:58:c6:68:42:dc:8b:7a:
38:0c:bb:ba:ec:12:28:cc:f1:26:1c:51:e3:1d:bb:
3b:f4:04:46:91:1e:11:2f:6b:78:2f:22:66:40:17:
42:4d:ea:9d:e6:fa:70:09:68:7b:17:b2:bd:c9:98:
d1:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:08:28:8C:75:1C:AD:D0:20:D3:F3:4F:F7:B2:E4:0D:41:0C:CF:82
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/687D8A965EEF11EF92A62285762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.251.43.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:8b:84:e2:ff:bc:58:b0:cf:d5:31:21:6c:ac:54:80:0f:e0:
ac:9c:39:f8:cf:c6:3d:e4:da:89:ae:34:de:13:72:0e:00:46:
36:c4:d6:b4:d2:a3:90:bd:56:4b:79:b7:34:4f:cf:ed:0d:24:
03:3b:cd:d8:56:72:a5:87:de:a2:f7:36:ef:74:ae:7a:43:8a:
a2:47:f2:da:96:f0:b9:f0:65:27:1a:35:52:47:67:41:04:fd:
61:a2:16:3b:fd:ab:71:0a:cd:39:bb:2f:6d:8a:60:8c:52:e8:
d7:2f:39:95:70:ba:12:e7:7d:56:86:af:48:1b:a7:e2:ab:ff:
ae:00:da:5b:8f:7e:2f:ca:e3:a3:52:5d:b7:ec:2d:60:a6:1a:
8f:4e:ed:7b:bb:fc:18:18:53:20:29:30:fe:ad:b9:e1:d9:a4:
b3:98:fc:c5:90:09:d6:42:78:e0:55:b7:b3:99:7d:74:df:a5:
62:77:d3:6d:9a:49:c6:97:ad:a1:7f:31:ed:b6:48:c7:d0:cf:
2a:8f:89:31:71:3b:e7:1e:f8:1b:19:ad:da:71:78:e5:ce:4b:
0a:06:5f:aa:ab:3d:14:c1:90:4d:d3:71:a2:e8:20:7c:b0:4c:
4c:d3:83:8e:75:6b:e7:bc:dc:ed:7d:e5:f8:db:fd:2d:1c:83:
aa:53:90:a3
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAKnIMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwODIwMTIyNjE2WhcNMjUwNTI3MTIyNjE2WjAYMRYw
FAYDVQQDEw02NmM0OGI2Zi1iNjAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAujy+CVkl+vHdvJlAusc0wpIOfZuERUIH+gU6XlCUEqATrcp+NkO80qTj
Xq/gmosdnL4CTYGLHbu64VxRXqoeTFWxMvJELooebOwWPret9pnHK5T5DZnpayW5
2D06ylrOUY7ACOtb9ft7WAHoNDuVcHRCyVwo7lBQU6tLdiLtaC2J4lBVb3uIr2es
chq74+BDgzuAauOBw9C4cLN7uRr5B6toGDpg6GKuhsAfsN7IbqAyxfE5Tjawegb2
4RUCsYoyW4yvSXafCn6dN1jGaELci3o4DLu67BIozPEmHFHjHbs79ARGkR4RL2t4
LyJmQBdCTeqd5vpwCWh7F7K9yZjRvwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFB4I
KIx1HK3QINPzT/ey5A1BDM+CMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82ODdEOEE5NjVFRUYxMUVGOTJBNjIyODU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPsrMA0GCSqGSIb3DQEBCwUA
A4IBAQCci4Ti/7xYsM/VMSFsrFSAD+CsnDn4z8Y95NqJrjTeE3IOAEY2xNa00qOQ
vVZLebc0T8/tDSQDO83YVnKlh96i9zbvdK56Q4qiR/LalvC58GUnGjVSR2dBBP1h
ohY7/atxCs05uy9timCMUujXLzmVcLoS531Whq9IG6fiq/+uANpbj34vyuOjUl23
7C1gphqPTu17u/wYGFMgKTD+rbnh2aSzmPzFkAnWQnjgVbezmX1036Vid9NtmknG
l62hfzHttkjH0M8qj4kxcTvnHvgbGa3acXjlzksKBl+qqz0UwZBN03Gi6CB8sExM
04OOdWvnvNztfeX42/0tHIOqU5Cj
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:32 2024 by rpki-client on console-fra.rpki-client.org