Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/733A05E03DC011EFBCE96B8E762E951A.roa
File: 733A05E03DC011EFBCE96B8E762E951A.roa (raw, json)
Hash identifier: iLjjcCgEyyABBCsDJVe0fEbrNCkSMnEUHPzFFmrGsZE=
Subject key identifier: A6:B4:C4:3F:F7:0B:0E:08:EF:21:33:29:A1:82:A8:FB:F5:FE:78:48
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 99ED
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/733A05E03DC011EFBCE96B8E762E951A.roa
Signing time: Tue 09 Jul 2024 06:57:05 +0000
ROA not before: Tue 09 Jul 2024 06:57:01 +0000
ROA not after: Fri 11 Jul 2025 06:57:01 +0000
asID: 58879
IP address blocks: 156.255.2.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 39405 (0x99ed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 9 06:57:01 2024 GMT
Not After : Jul 11 06:57:01 2025 GMT
Subject: CN=668cdf41-f86f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:e2:20:58:5c:1d:66:9b:72:cd:49:40:b5:0b:
04:0f:89:69:24:c9:e8:bb:d8:d8:32:6f:53:3e:02:
5a:9b:fa:74:f6:69:23:08:9b:fd:d5:dc:80:f1:12:
4c:2b:3e:bd:bb:c1:80:30:39:f5:94:c7:8a:f3:63:
37:6e:40:52:de:7a:ed:0c:92:79:9d:82:48:4c:f4:
e4:01:ae:11:c6:c4:7f:23:5c:20:d5:15:cf:46:d1:
d2:34:3e:a6:ee:12:db:79:61:1f:7c:75:49:d5:13:
85:1c:86:67:a6:8c:53:5c:12:31:05:4c:72:a5:59:
fb:05:24:72:6a:02:30:89:d0:63:88:b4:64:41:47:
13:3e:2e:9b:c6:7a:44:c2:e7:4f:aa:eb:2c:0f:74:
9e:ff:c4:78:09:70:ed:08:ba:09:00:2e:95:a6:16:
6d:96:e5:69:6d:02:94:4e:36:d1:68:9b:45:c4:7e:
51:36:09:a1:4f:94:5f:40:93:36:cf:ea:88:dc:3b:
47:69:db:91:c3:cf:d2:83:b8:2d:92:ac:dd:ce:e5:
2e:06:78:66:0c:81:fe:91:ca:c9:61:19:3f:44:59:
83:ca:ae:f0:ce:21:64:e4:bf:96:4d:60:4d:22:29:
4a:04:cd:4a:96:c7:6d:66:25:c5:d7:40:c0:8a:9b:
bc:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:B4:C4:3F:F7:0B:0E:08:EF:21:33:29:A1:82:A8:FB:F5:FE:78:48
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/733A05E03DC011EFBCE96B8E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.255.2.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:78:44:93:ec:aa:21:fc:20:ec:f1:d0:65:02:0b:b8:52:fc:
ca:10:40:f1:5b:8f:c7:7b:67:4d:fb:22:e2:5c:2c:c4:b5:54:
73:ce:e1:5e:0f:6d:c5:a6:9c:e0:af:38:e0:8f:75:0e:9b:27:
3a:7f:51:c4:10:e2:26:93:25:b4:37:9b:c3:73:73:32:88:4a:
c4:82:bc:9d:d6:29:40:8b:8a:bf:fa:c6:44:b3:27:e5:ff:be:
75:54:24:5a:1c:bc:dc:8b:bb:46:d0:39:81:f8:41:45:24:37:
b1:e6:4d:fd:3d:df:60:22:3c:99:60:6a:f0:3d:a2:d9:e3:1f:
d1:80:1b:9e:c6:51:9b:f7:7f:49:cf:57:73:f8:ad:26:ad:e6:
e9:cd:5f:7f:73:60:89:97:06:40:7c:bd:3f:81:a3:be:88:eb:
58:46:1d:29:a7:4a:81:03:78:0c:f1:70:1b:11:e0:7e:58:d0:
14:48:e7:6a:ff:2b:49:62:02:a7:2f:d7:fe:f8:3a:f6:c8:26:
f0:3d:7c:ea:72:77:4f:ab:46:c9:54:0d:98:1b:a3:53:b2:92:
97:bb:01:73:b2:89:37:85:93:7f:35:dd:b1:73:0f:24:a2:f9:
11:10:53:0a:0c:71:9b:bb:33:66:bf:e9:1e:17:7c:80:54:8d:
7b:3d:f9:ca
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAJntMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNzA5MDY1NzAxWhcNMjUwNzExMDY1NzAxWjAYMRYw
FAYDVQQDEw02NjhjZGY0MS1mODZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAweIgWFwdZptyzUlAtQsED4lpJMnou9jYMm9TPgJam/p09mkjCJv91dyA
8RJMKz69u8GAMDn1lMeK82M3bkBS3nrtDJJ5nYJITPTkAa4RxsR/I1wg1RXPRtHS
ND6m7hLbeWEffHVJ1ROFHIZnpoxTXBIxBUxypVn7BSRyagIwidBjiLRkQUcTPi6b
xnpEwudPqussD3Se/8R4CXDtCLoJAC6VphZtluVpbQKUTjbRaJtFxH5RNgmhT5Rf
QJM2z+qI3DtHaduRw8/Sg7gtkqzdzuUuBnhmDIH+kcrJYRk/RFmDyq7wziFk5L+W
TWBNIilKBM1KlsdtZiXF10DAipu8CQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKa0
xD/3Cw4I7yEzKaGCqPv1/nhIMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83MzNBMDVFMDNEQzAxMUVGQkNFOTZCOEU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP8CMA0GCSqGSIb3DQEBCwUA
A4IBAQBveEST7Koh/CDs8dBlAgu4UvzKEEDxW4/He2dN+yLiXCzEtVRzzuFeD23F
ppzgrzjgj3UOmyc6f1HEEOImkyW0N5vDc3MyiErEgryd1ilAi4q/+sZEsyfl/751
VCRaHLzci7tG0DmB+EFFJDex5k39Pd9gIjyZYGrwPaLZ4x/RgBuexlGb939Jz1dz
+K0mrebpzV9/c2CJlwZAfL0/gaO+iOtYRh0pp0qBA3gM8XAbEeB+WNAUSOdq/ytJ
YgKnL9f++Dr2yCbwPXzqcndPq0bJVA2YG6NTspKXuwFzsok3hZN/Nd2xcw8kovkR
EFMKDHGbuzNmv+keF3yAVI17PfnK
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:35 2024 by rpki-client on console-fra.rpki-client.org