Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/832825D687CB11EFAB742456762E951A.roa
File: 832825D687CB11EFAB742456762E951A.roa (raw, json)
Hash identifier: HYcGjiB5EL9YxjhN9bQjJH1UgXVKHZRXETDPM1xqP28=
Subject key identifier: AE:72:EF:B2:3F:64:E6:CA:B0:33:3F:5C:BF:FB:5E:B4:53:CB:00:3A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: C3E1
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/832825D687CB11EFAB742456762E951A.roa
Signing time: Fri 11 Oct 2024 12:22:42 +0000
ROA not before: Fri 11 Oct 2024 12:22:39 +0000
ROA not after: Fri 20 Dec 2024 12:22:39 +0000
asID: 142286
IP address blocks: 156.225.132.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 50145 (0xc3e1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Oct 11 12:22:39 2024 GMT
Not After : Dec 20 12:22:39 2024 GMT
Subject: CN=67091892-3b29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:88:31:83:41:6c:50:8b:9b:23:0d:b1:b8:3d:
71:8e:7c:fb:50:33:5a:59:86:4b:9d:f1:6f:0c:65:
d4:1a:90:13:28:7a:a1:0b:4a:80:f8:ea:ac:15:36:
47:bf:a6:1c:89:be:15:6b:29:73:b5:7c:12:db:4b:
59:3a:40:0f:9c:3e:fd:ac:d7:b5:05:69:7b:14:45:
10:ff:2b:fb:35:f2:e8:8e:85:43:3f:bd:14:69:f4:
81:7c:1d:ea:8e:c7:cf:1f:52:71:71:9d:52:c8:7c:
1b:c8:5c:14:05:e6:07:26:19:54:25:59:1c:d7:39:
ff:c3:37:07:2f:2a:b1:be:a7:c0:3c:5d:33:4f:9b:
1b:76:8e:01:18:95:52:8b:df:e6:1f:8d:42:81:10:
49:4a:72:20:00:3d:8e:ec:b1:47:9d:0b:b0:e5:8c:
f2:84:ba:4e:1f:ef:8d:23:de:e0:eb:0f:fd:9a:5a:
63:e9:49:64:c5:18:7d:be:fc:4a:71:84:52:cc:7b:
56:d4:57:28:56:ab:1d:bd:e2:d0:90:0d:8a:15:b8:
fc:35:b7:7e:91:08:8e:99:30:fb:82:ad:e2:33:ad:
d5:de:7b:3c:c1:10:29:13:e7:03:53:8d:7b:fb:13:
58:09:05:0f:f0:0e:d6:c2:a5:ad:47:59:d0:f4:a9:
f4:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:72:EF:B2:3F:64:E6:CA:B0:33:3F:5C:BF:FB:5E:B4:53:CB:00:3A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/832825D687CB11EFAB742456762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.132.0/22
Signature Algorithm: sha256WithRSAEncryption
3a:b7:71:c9:e5:47:6b:40:64:70:88:85:f4:d7:23:46:3e:0d:
4c:81:53:65:e9:67:bd:29:43:4b:b6:ad:88:09:41:08:eb:20:
4b:31:ef:1f:65:12:eb:71:b7:8e:db:17:53:58:af:fd:d4:4b:
fb:c1:56:ef:40:26:16:82:c3:bd:b0:c7:aa:3b:37:7e:e6:9d:
5d:02:aa:c3:f9:60:bb:46:b9:5d:b6:61:a7:f4:fd:3f:0f:c5:
37:67:2c:75:6c:4d:7f:ce:e1:25:bd:42:01:32:b6:8b:a4:62:
f6:5c:db:88:f0:84:6f:39:01:53:1b:9e:49:79:cd:bd:0a:71:
35:54:e5:5a:4c:09:fb:e2:81:89:d1:7e:d2:cb:ac:00:b3:9f:
a6:27:ef:ac:7c:7c:7f:02:fb:fb:38:03:5f:dc:90:01:db:bb:
fe:e0:d0:af:b3:59:7d:31:0a:25:da:2f:18:e1:43:6d:02:31:
1a:c6:5a:16:68:04:77:ad:1e:50:04:20:b0:85:8a:aa:a9:5c:
04:94:f9:e3:15:a5:cd:d9:d6:9a:4e:78:57:6b:86:72:1a:12:
c9:71:12:a9:ae:f4:9d:9c:99:43:90:78:c9:53:47:69:62:ee:
69:5d:8c:ce:47:85:ad:a0:e4:54:fd:80:4a:b6:e8:45:cf:72:
37:6f:b4:b1
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAMPhMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMDExMTIyMjM5WhcNMjQxMjIwMTIyMjM5WjAYMRYw
FAYDVQQDEw02NzA5MTg5Mi0zYjI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArYgxg0FsUIubIw2xuD1xjnz7UDNaWYZLnfFvDGXUGpATKHqhC0qA+Oqs
FTZHv6Ycib4VaylztXwS20tZOkAPnD79rNe1BWl7FEUQ/yv7NfLojoVDP70UafSB
fB3qjsfPH1JxcZ1SyHwbyFwUBeYHJhlUJVkc1zn/wzcHLyqxvqfAPF0zT5sbdo4B
GJVSi9/mH41CgRBJSnIgAD2O7LFHnQuw5YzyhLpOH++NI97g6w/9mlpj6UlkxRh9
vvxKcYRSzHtW1FcoVqsdveLQkA2KFbj8Nbd+kQiOmTD7gq3iM63V3ns8wRApE+cD
U417+xNYCQUP8A7WwqWtR1nQ9Kn0cQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFK5y
77I/ZObKsDM/XL/7XrRTywA6MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84MzI4MjVENjg3Q0IxMUVGQUI3NDI0NTY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnOGEMA0GCSqGSIb3DQEBCwUA
A4IBAQA6t3HJ5UdrQGRwiIX01yNGPg1MgVNl6We9KUNLtq2ICUEI6yBLMe8fZRLr
cbeO2xdTWK/91Ev7wVbvQCYWgsO9sMeqOzd+5p1dAqrD+WC7RrldtmGn9P0/D8U3
Zyx1bE1/zuElvUIBMraLpGL2XNuI8IRvOQFTG55Jec29CnE1VOVaTAn74oGJ0X7S
y6wAs5+mJ++sfHx/Avv7OANf3JAB27v+4NCvs1l9MQol2i8Y4UNtAjEaxloWaAR3
rR5QBCCwhYqqqVwElPnjFaXN2daaTnhXa4ZyGhLJcRKprvSdnJlDkHjJU0dpYu5p
XYzOR4WtoORU/YBKtuhFz3I3b7Sx
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:37 2024 by rpki-client on console-fra.rpki-client.org