Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7E20D79E5EF011EFBDF5E08D762E951A.roa
File: 7E20D79E5EF011EFBDF5E08D762E951A.roa (raw, json)
Hash identifier: UKnFglw/NxZ38X0pESKPMqsu/EDnLluvoUzvMENCNCE=
Subject key identifier: DE:38:C0:4A:BF:4A:55:3F:13:C8:15:2B:37:F3:9D:02:89:A2:7D:0A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: A9D6
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7E20D79E5EF011EFBDF5E08D762E951A.roa
Signing time: Tue 20 Aug 2024 12:34:07 +0000
ROA not before: Tue 20 Aug 2024 12:34:04 +0000
ROA not after: Tue 27 May 2025 12:34:04 +0000
asID: 399077
IP address blocks: 156.251.36.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43478 (0xa9d6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Aug 20 12:34:04 2024 GMT
Not After : May 27 12:34:04 2025 GMT
Subject: CN=66c48d3f-9b4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:d6:1c:e4:54:b3:bd:24:4a:23:76:1a:67:58:
7d:cb:fc:45:00:b3:6e:82:01:58:04:f8:bd:b1:98:
bf:57:53:67:19:d5:12:98:3a:b5:b9:38:19:fd:2f:
22:ba:93:58:7c:bc:44:6d:f4:00:3e:96:ff:d5:27:
b8:fa:33:21:81:71:93:7c:db:b9:88:28:4c:89:e3:
d7:c9:88:a6:1c:db:71:56:56:e1:0b:8c:02:33:34:
b0:03:90:6e:cb:bd:34:27:96:2a:c3:ba:79:28:4b:
3c:a5:2d:eb:95:30:65:b7:55:bf:c9:14:9a:cf:2b:
f5:2a:0f:3f:71:28:7e:26:c0:a3:05:40:ea:f0:b5:
91:28:90:a7:10:f3:2d:82:ec:3c:90:e8:95:46:41:
f1:0d:d9:f6:b5:2f:53:d2:b4:98:ec:38:42:2d:98:
c8:57:15:32:34:b9:50:fe:e9:27:fc:7b:f9:f3:a7:
32:15:11:4f:ac:6c:4b:6a:bc:9e:9c:26:96:35:99:
d1:fe:8f:39:a2:f9:fd:fb:a5:ae:43:26:c0:01:80:
85:5c:7e:f2:e3:ac:6c:67:c6:7d:5a:1e:1c:68:5e:
ee:11:37:76:3b:a5:d4:22:c1:34:63:3a:10:ef:e8:
6c:a9:57:20:26:5a:cb:6c:25:d8:e3:6b:55:49:c2:
60:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:38:C0:4A:BF:4A:55:3F:13:C8:15:2B:37:F3:9D:02:89:A2:7D:0A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7E20D79E5EF011EFBDF5E08D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.251.36.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:01:44:94:01:db:dd:74:aa:7d:e6:66:57:0c:b9:67:4b:e9:
3e:9f:de:76:a7:1e:8c:6e:dd:92:82:bf:97:91:d7:6f:f5:5e:
63:41:a7:d3:1c:26:83:96:e8:c3:f1:1b:5d:92:b1:aa:48:e6:
4f:19:06:b0:37:d4:af:4e:a7:2e:f9:68:6d:02:62:b1:c5:c9:
54:27:ab:ac:7c:6b:e5:89:3e:9c:23:7b:99:08:08:d4:eb:5d:
6b:0d:46:2d:cb:23:47:3d:ba:19:92:e8:c4:0a:16:9b:93:bc:
5c:c2:b0:ec:68:bf:d4:55:73:60:05:1d:ca:87:2b:56:2b:3e:
49:ca:d5:56:05:e7:ec:ad:eb:19:64:30:3e:aa:74:a0:e0:9d:
1b:56:cd:e5:b5:8e:a1:87:3f:e0:f2:1f:06:a9:87:e6:9a:de:
a2:09:df:6f:d3:91:3f:c7:da:f9:90:b4:d3:df:12:7f:99:e4:
17:08:e1:4c:73:c4:74:31:8e:30:6b:a0:00:13:93:04:07:6d:
46:4a:3c:32:d7:89:3f:c6:83:80:24:a5:90:96:d0:27:88:d6:
1e:a3:49:18:df:92:f8:c5:4c:b6:86:8f:ae:52:67:e2:18:7f:
ac:05:f0:f2:52:dd:e2:5c:09:bf:09:34:dd:27:15:0b:d6:94:
94:95:3b:81
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAKnWMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwODIwMTIzNDA0WhcNMjUwNTI3MTIzNDA0WjAYMRYw
FAYDVQQDEw02NmM0OGQzZi05YjRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAw9Yc5FSzvSRKI3YaZ1h9y/xFALNuggFYBPi9sZi/V1NnGdUSmDq1uTgZ
/S8iupNYfLxEbfQAPpb/1Se4+jMhgXGTfNu5iChMiePXyYimHNtxVlbhC4wCMzSw
A5Buy700J5Yqw7p5KEs8pS3rlTBlt1W/yRSazyv1Kg8/cSh+JsCjBUDq8LWRKJCn
EPMtguw8kOiVRkHxDdn2tS9T0rSY7DhCLZjIVxUyNLlQ/ukn/Hv586cyFRFPrGxL
aryenCaWNZnR/o85ovn9+6WuQybAAYCFXH7y46xsZ8Z9Wh4caF7uETd2O6XUIsE0
YzoQ7+hsqVcgJlrLbCXY42tVScJgJQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFN44
wEq/SlU/E8gVKzfznQKJon0KMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83RTIwRDc5RTVFRjAxMUVGQkRGNUUwOEQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPskMA0GCSqGSIb3DQEBCwUA
A4IBAQAbAUSUAdvddKp95mZXDLlnS+k+n952px6Mbt2Sgr+Xkddv9V5jQafTHCaD
lujD8RtdkrGqSOZPGQawN9SvTqcu+WhtAmKxxclUJ6usfGvliT6cI3uZCAjU611r
DUYtyyNHPboZkujEChabk7xcwrDsaL/UVXNgBR3KhytWKz5JytVWBefsresZZDA+
qnSg4J0bVs3ltY6hhz/g8h8GqYfmmt6iCd9v05E/x9r5kLTT3xJ/meQXCOFMc8R0
MY4wa6AAE5MEB21GSjwy14k/xoOAJKWQltAniNYeo0kY35L4xUy2ho+uUmfiGH+s
BfDyUt3iXAm/CTTdJxUL1pSUlTuB
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:37 2024 by rpki-client on console-ams.rpki-client.org