Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6AFEDBE619D311EFB14DED5B017001B1.roa
File: 6AFEDBE619D311EFB14DED5B017001B1.roa (raw, json)
Hash identifier: Zao8iqq0QP9+n1m68uwq/TeQpb6BsUiEJwujJ5Fn/NM=
Subject key identifier: 5F:BA:01:11:A9:23:52:3E:BC:03:44:19:6E:F0:07:7D:2D:B8:EE:D6
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 8BAA
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6AFEDBE619D311EFB14DED5B017001B1.roa
Signing time: Fri 24 May 2024 13:42:10 +0000
ROA not before: Fri 24 May 2024 13:42:06 +0000
ROA not after: Thu 28 Nov 2024 13:42:06 +0000
asID: 55720
IP address blocks: 156.241.2.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35754 (0x8baa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 24 13:42:06 2024 GMT
Not After : Nov 28 13:42:06 2024 GMT
Subject: CN=66509931-d487
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:45:49:57:8f:33:6f:93:61:83:60:7f:86:0f:
95:80:a0:0e:50:64:64:53:b3:ac:af:e5:4e:97:de:
b0:13:da:70:e1:c6:0a:a1:1e:6d:64:54:40:94:e0:
fd:82:58:a7:1e:7e:19:7f:8b:91:a0:73:f2:d9:28:
c0:71:fb:0e:a9:f0:4a:2e:3e:41:dd:2e:ee:fc:f4:
32:cf:4b:2f:4e:77:c6:2e:48:23:eb:b2:99:d9:d0:
dd:2b:66:ad:dd:7d:cf:21:ed:a2:2b:8f:e7:3d:01:
65:46:83:73:b8:f4:cc:cd:33:e8:da:af:6c:be:26:
15:d2:b7:a4:bb:36:da:0f:68:af:4b:1f:f9:2f:6e:
94:96:ca:5c:37:e7:6b:cb:e1:f9:32:57:26:5b:8f:
62:e0:8c:b1:6c:ed:c8:fd:2b:5f:25:28:17:58:39:
c7:72:f7:29:d8:1f:b8:2d:ed:9b:8f:77:40:e6:7e:
3b:d6:80:91:4d:e6:2d:10:46:46:4a:2f:4c:2f:6e:
b5:f4:0f:48:e6:7d:94:e9:db:3a:0c:58:97:c4:ee:
6a:b9:9c:37:9f:b1:7e:17:e6:09:cd:dc:33:94:fe:
44:0d:e4:c4:7f:3d:d3:7f:0a:fa:ae:1b:18:de:2e:
a0:2a:41:55:fa:05:39:b1:a6:20:b7:ae:11:08:ad:
94:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:BA:01:11:A9:23:52:3E:BC:03:44:19:6E:F0:07:7D:2D:B8:EE:D6
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6AFEDBE619D311EFB14DED5B017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.241.2.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:d5:89:4e:2b:03:65:55:38:72:58:be:59:25:20:6e:29:2f:
36:95:be:5b:90:b5:ec:de:20:e4:2a:84:f2:de:44:27:2a:13:
e4:2c:c4:5d:03:95:51:46:0d:5d:5a:20:a7:cb:fc:d6:c9:b9:
97:3d:4e:2b:96:9e:9f:cc:4a:b6:8b:8d:ae:93:45:a1:9f:19:
2f:60:31:19:af:0e:1c:c8:ab:f1:15:e0:8f:f1:d9:e9:6e:f9:
50:21:1d:c0:66:7e:32:04:ab:0a:e0:c0:33:7c:59:5e:71:28:
4e:74:d1:64:31:24:a6:64:bc:20:58:02:86:dc:23:0b:35:90:
f4:11:ab:ae:61:8c:94:bb:5c:78:79:92:15:e7:9d:6a:84:09:
e4:4d:09:50:38:d7:6d:35:b7:a7:ff:16:e0:fc:ab:43:a0:79:
5b:9f:34:64:03:68:07:44:60:a7:91:81:78:12:26:7a:2f:52:
41:23:88:75:dc:27:37:e0:7c:8c:cc:ab:e5:bb:12:94:44:60:
43:5b:a0:0a:e2:de:cc:0b:18:c3:8e:bd:45:69:58:ca:47:a7:
f8:b3:0c:74:78:e5:c2:6a:7a:bc:26:3a:ef:cd:17:ff:a7:08:
e8:bb:1f:98:ce:85:e8:a0:a2:30:1c:ee:3e:e3:56:fd:ed:fe:
b2:e6:ca:b0
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAIuqMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNTI0MTM0MjA2WhcNMjQxMTI4MTM0MjA2WjAYMRYw
FAYDVQQDEw02NjUwOTkzMS1kNDg3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxkVJV48zb5Nhg2B/hg+VgKAOUGRkU7Osr+VOl96wE9pw4cYKoR5tZFRA
lOD9glinHn4Zf4uRoHPy2SjAcfsOqfBKLj5B3S7u/PQyz0svTnfGLkgj67KZ2dDd
K2at3X3PIe2iK4/nPQFlRoNzuPTMzTPo2q9sviYV0rekuzbaD2ivSx/5L26Ulspc
N+dry+H5MlcmW49i4IyxbO3I/StfJSgXWDnHcvcp2B+4Le2bj3dA5n471oCRTeYt
EEZGSi9ML2619A9I5n2U6ds6DFiXxO5quZw3n7F+F+YJzdwzlP5EDeTEfz3Tfwr6
rhsY3i6gKkFV+gU5saYgt64RCK2UkQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFF+6
ARGpI1I+vANEGW7wB30tuO7WMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82QUZFREJFNjE5RDMxMUVGQjE0REVENUIwMTcwMDFCMS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPECMA0GCSqGSIb3DQEBCwUA
A4IBAQCK1YlOKwNlVThyWL5ZJSBuKS82lb5bkLXs3iDkKoTy3kQnKhPkLMRdA5VR
Rg1dWiCny/zWybmXPU4rlp6fzEq2i42uk0WhnxkvYDEZrw4cyKvxFeCP8dnpbvlQ
IR3AZn4yBKsK4MAzfFlecShOdNFkMSSmZLwgWAKG3CMLNZD0EauuYYyUu1x4eZIV
551qhAnkTQlQONdtNben/xbg/KtDoHlbnzRkA2gHRGCnkYF4EiZ6L1JBI4h13Cc3
4HyMzKvluxKURGBDW6AK4t7MCxjDjr1FaVjKR6f4swx0eOXCanq8JjrvzRf/pwjo
ux+YzoXooKIwHO4+41b97f6y5sqw
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:35 2024 by rpki-client on console-ams.rpki-client.org