Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/78C6FC1C5EF311EF8930CBA1762E951A.roa
File: 78C6FC1C5EF311EF8930CBA1762E951A.roa (raw, json)
Hash identifier: WiWws6gurFWEWV+/yZ/76Luq+An2qjAU9aNHy48mQwc=
Subject key identifier: 82:98:00:D3:C8:F0:EE:0A:D2:22:0E:D4:C5:71:82:32:94:76:AB:65
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: AA02
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/78C6FC1C5EF311EF8930CBA1762E951A.roa
Signing time: Tue 20 Aug 2024 12:55:27 +0000
ROA not before: Tue 20 Aug 2024 12:55:23 +0000
ROA not after: Tue 27 May 2025 12:55:23 +0000
asID: 399077
IP address blocks: 156.251.14.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43522 (0xaa02)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Aug 20 12:55:23 2024 GMT
Not After : May 27 12:55:23 2025 GMT
Subject: CN=66c4923f-7c78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:6d:1a:d8:af:f8:ee:1c:60:d7:b0:a2:d3:83:
56:c1:80:5d:5e:2a:57:c7:ff:09:66:fd:fa:f8:bf:
cf:d1:81:d4:83:6f:ff:f1:90:cf:58:76:ef:15:ef:
75:30:40:a4:87:99:17:dd:6c:39:1a:81:08:b4:8b:
a7:0a:3a:51:4e:a6:83:0b:76:63:b5:fa:0d:24:d8:
2f:68:41:da:38:25:d9:d5:db:2f:e1:77:9c:91:54:
cf:e5:42:9f:0e:13:0b:54:67:bd:6e:c0:39:85:bd:
22:f0:84:79:65:b9:48:f7:85:3e:bc:0d:5b:c9:c1:
8b:fb:68:5a:4f:93:2c:17:83:ad:0d:0c:d2:ff:c9:
1f:82:b7:c3:d1:32:65:b8:6c:b2:21:76:d5:43:d5:
ed:88:8f:95:05:31:03:1f:1c:5f:45:7c:b1:10:47:
53:a4:6c:53:b1:32:ce:1e:fd:76:c3:a9:c5:c1:b1:
83:c7:39:43:bb:4a:6d:b9:9f:f6:a0:7a:d3:19:4c:
b7:5a:7b:f1:a7:cd:db:63:99:f3:d5:4e:bd:4f:9d:
90:0f:29:3e:56:2d:0c:b4:52:fc:99:09:44:7e:88:
6f:79:d3:d9:dd:67:b1:85:25:a6:a0:bc:d3:bb:72:
6b:1b:c4:ff:bc:94:7e:a8:a5:be:82:ee:4a:8a:36:
e8:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:98:00:D3:C8:F0:EE:0A:D2:22:0E:D4:C5:71:82:32:94:76:AB:65
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/78C6FC1C5EF311EF8930CBA1762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.251.14.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:54:8f:cb:24:2b:4e:3b:9c:52:d5:3e:25:66:f2:dc:69:28:
39:e2:7f:11:54:2e:12:2b:6c:52:fa:0a:b3:82:96:8e:11:e3:
91:70:c1:9b:6b:01:6b:fa:b5:b2:18:78:0e:c5:b2:c5:a7:7c:
72:37:5b:f5:c8:30:ae:2c:06:d1:47:cf:b0:91:f8:2b:d1:68:
a6:3d:94:05:59:68:c1:66:13:05:9b:43:2f:27:e9:13:27:2e:
75:36:81:73:d8:8f:a9:21:d9:de:f0:59:dd:ed:ea:55:40:96:
d4:0a:d1:8d:35:bb:d4:2e:8a:f6:a3:49:d3:0a:55:33:1f:7b:
d5:9c:1e:c0:c3:19:14:b5:cf:1c:bb:d1:5a:15:ad:b9:65:4c:
35:ba:93:33:7c:0c:f3:ea:c3:f8:2b:e7:ee:4b:97:6d:00:0a:
1a:5b:69:49:c0:e2:f2:d0:f7:f9:60:0d:3c:02:eb:7b:4c:dd:
fe:10:99:88:5d:aa:f5:60:5d:f2:cc:d3:c8:4b:d9:5b:75:78:
a0:31:15:5a:b3:34:8b:1d:24:81:eb:67:17:38:ce:cb:56:24:
e8:ce:be:68:47:9d:a6:71:27:53:4e:5a:b9:ec:d5:79:77:c5:
08:df:ca:d2:49:fc:aa:a6:ab:cf:52:be:93:41:ff:0f:08:07:
73:71:a7:d4
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAKoCMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwODIwMTI1NTIzWhcNMjUwNTI3MTI1NTIzWjAYMRYw
FAYDVQQDEw02NmM0OTIzZi03Yzc4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0G0a2K/47hxg17Ci04NWwYBdXipXx/8JZv36+L/P0YHUg2//8ZDPWHbv
Fe91MECkh5kX3Ww5GoEItIunCjpRTqaDC3ZjtfoNJNgvaEHaOCXZ1dsv4XeckVTP
5UKfDhMLVGe9bsA5hb0i8IR5ZblI94U+vA1bycGL+2haT5MsF4OtDQzS/8kfgrfD
0TJluGyyIXbVQ9XtiI+VBTEDHxxfRXyxEEdTpGxTsTLOHv12w6nFwbGDxzlDu0pt
uZ/2oHrTGUy3Wnvxp83bY5nz1U69T52QDyk+Vi0MtFL8mQlEfohvedPZ3WexhSWm
oLzTu3JrG8T/vJR+qKW+gu5Kijbo1QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIKY
ANPI8O4K0iIO1MVxgjKUdqtlMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83OEM2RkMxQzVFRjMxMUVGODkzMENCQTE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPsOMA0GCSqGSIb3DQEBCwUA
A4IBAQArVI/LJCtOO5xS1T4lZvLcaSg54n8RVC4SK2xS+gqzgpaOEeORcMGbawFr
+rWyGHgOxbLFp3xyN1v1yDCuLAbRR8+wkfgr0WimPZQFWWjBZhMFm0MvJ+kTJy51
NoFz2I+pIdne8Fnd7epVQJbUCtGNNbvULor2o0nTClUzH3vVnB7AwxkUtc8cu9Fa
Fa25ZUw1upMzfAzz6sP4K+fuS5dtAAoaW2lJwOLy0Pf5YA08Aut7TN3+EJmIXar1
YF3yzNPIS9lbdXigMRVaszSLHSSB62cXOM7LViTozr5oR52mcSdTTlq57NV5d8UI
38rSSfyqpqvPUr6TQf8PCAdzcafU
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:36 2024 by rpki-client on console-ams.rpki-client.org