Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7376F1EE9AA911EFB4549B56762E951A.roa
File: 7376F1EE9AA911EFB4549B56762E951A.roa (raw, json)
Hash identifier: 87Awc71W0W0sla1U1qSbl5O/8nt8AePXkh6MK6PgE1Y=
Subject key identifier: AD:36:FC:7A:5C:85:23:A8:EF:4A:D3:A2:1F:E4:44:A8:17:F3:45:23
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: CD7A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7376F1EE9AA911EFB4549B56762E951A.roa
Signing time: Mon 04 Nov 2024 12:36:45 +0000
ROA not before: Mon 04 Nov 2024 12:36:41 +0000
ROA not after: Tue 03 Dec 2024 12:36:41 +0000
asID: 54801
IP address blocks: 156.242.12.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 52602 (0xcd7a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 4 12:36:41 2024 GMT
Not After : Dec 3 12:36:41 2024 GMT
Subject: CN=6728bfdd-1391
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:f4:a3:d8:c4:61:95:32:a5:47:eb:68:c1:8c:
37:f7:f6:c5:61:7b:75:4e:b4:16:82:cf:bb:7a:2a:
2c:0d:14:2d:02:b2:62:b1:db:bf:7e:c5:ed:25:4d:
0c:72:a9:ea:22:3c:68:8e:0d:6c:0b:cc:b6:89:40:
b2:ca:ad:4e:dd:d1:f2:8a:25:2f:19:b1:bb:9a:bb:
79:f2:fe:9c:7e:84:07:69:b8:0b:de:21:6b:cc:8c:
3b:3a:fd:89:c4:73:3c:7c:fe:80:7d:b7:8a:ac:1a:
66:6c:ae:5a:9b:d3:15:72:8e:ab:12:b0:70:08:8f:
ae:18:84:bc:c3:26:e0:9a:73:fe:97:fa:45:7e:d0:
76:b0:16:15:12:68:89:12:32:1d:77:b7:97:5f:2e:
bd:ea:be:94:71:8c:bb:c5:01:5a:01:cd:fc:54:8a:
0f:cb:2a:55:b2:3e:23:43:44:ff:e0:9d:ca:b9:78:
16:f8:b9:9b:32:a9:da:38:bc:45:cc:0d:ea:be:71:
30:71:11:c6:87:56:22:b9:d0:99:d6:fd:6b:97:ba:
86:3f:37:78:05:b8:ef:64:6d:74:65:eb:23:67:61:
91:c7:d3:ea:e5:0a:c6:06:c5:22:f0:e3:0c:7c:cf:
3e:99:66:7b:8d:2b:33:27:80:54:e5:d3:e4:61:45:
9f:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:36:FC:7A:5C:85:23:A8:EF:4A:D3:A2:1F:E4:44:A8:17:F3:45:23
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7376F1EE9AA911EFB4549B56762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.242.12.0/22
Signature Algorithm: sha256WithRSAEncryption
97:70:0c:23:c9:8b:1c:f9:15:0a:96:7d:4e:ee:b8:72:7b:88:
d4:d6:52:01:84:53:a4:fa:63:36:97:3f:50:45:dd:29:12:e0:
04:b8:66:87:fc:0b:0f:74:a4:cb:d8:18:19:2c:48:2b:ad:8a:
1c:5a:25:51:69:ac:68:a2:ce:4d:db:74:c3:aa:6c:f0:0e:de:
26:8d:2b:64:05:63:f2:cb:1e:0a:6b:71:2f:10:43:6c:e0:c1:
ea:0a:cb:cc:73:d5:ce:9f:0a:27:47:17:33:e7:37:09:5d:79:
9a:4a:80:5f:62:dd:25:cb:e9:94:f5:5d:e1:a5:5e:3e:23:39:
d1:22:11:75:37:0e:dd:85:f4:56:5a:2e:d6:0b:77:03:1e:07:
40:84:40:b6:2a:4d:19:95:4c:9f:7e:d3:17:e9:e6:4a:70:a5:
f9:f4:0b:de:de:2c:c1:5e:db:75:a5:1f:a7:97:40:e9:fb:6e:
5e:1a:2e:2b:6a:5e:62:20:27:4a:01:b3:da:c8:fd:ca:54:b1:
b3:bf:b8:7e:7c:bb:77:e2:98:15:2a:ef:7a:7b:96:1c:59:04:
24:29:8a:35:a2:39:ee:dd:5a:6c:e4:b9:fb:9d:c1:9f:dd:b8:
01:69:30:8f:08:63:c7:63:7c:97:59:26:bb:1c:4e:45:7d:15:
60:fa:c7:5a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAM16MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTA0MTIzNjQxWhcNMjQxMjAzMTIzNjQxWjAYMRYw
FAYDVQQDEw02NzI4YmZkZC0xMzkxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtPSj2MRhlTKlR+towYw39/bFYXt1TrQWgs+7eiosDRQtArJisdu/fsXt
JU0McqnqIjxojg1sC8y2iUCyyq1O3dHyiiUvGbG7mrt58v6cfoQHabgL3iFrzIw7
Ov2JxHM8fP6AfbeKrBpmbK5am9MVco6rErBwCI+uGIS8wybgmnP+l/pFftB2sBYV
EmiJEjIdd7eXXy696r6UcYy7xQFaAc38VIoPyypVsj4jQ0T/4J3KuXgW+LmbMqna
OLxFzA3qvnEwcRHGh1YiudCZ1v1rl7qGPzd4BbjvZG10ZesjZ2GRx9Pq5QrGBsUi
8OMMfM8+mWZ7jSszJ4BU5dPkYUWfUwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFK02
/HpchSOo70rToh/kRKgX80UjMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83Mzc2RjFFRTlBQTkxMUVGQjQ1NDlCNTY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnPIMMA0GCSqGSIb3DQEBCwUA
A4IBAQCXcAwjyYsc+RUKln1O7rhye4jU1lIBhFOk+mM2lz9QRd0pEuAEuGaH/AsP
dKTL2BgZLEgrrYocWiVRaaxoos5N23TDqmzwDt4mjStkBWPyyx4Ka3EvEENs4MHq
CsvMc9XOnwonRxcz5zcJXXmaSoBfYt0ly+mU9V3hpV4+IznRIhF1Nw7dhfRWWi7W
C3cDHgdAhEC2Kk0ZlUyfftMX6eZKcKX59Ave3izBXtt1pR+nl0Dp+25eGi4ral5i
ICdKAbPayP3KVLGzv7h+fLt34pgVKu96e5YcWQQkKYo1ojnu3Vps5Ln7ncGf3bgB
aTCPCGPHY3yXWSa7HE5FfRVg+sda
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:35 2024 by rpki-client on console-fra.rpki-client.org