Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/862C3A545DF711EF845CEAAA762E951A.roa
File: 862C3A545DF711EF845CEAAA762E951A.roa (raw, json)
Hash identifier: eEM3gr44iTFAT+ZMBecwhvHMReSzGU9s7YJhSynY4PQ=
Subject key identifier: 79:08:4F:09:9D:42:5A:E0:03:4C:4C:21:8E:76:63:1A:FF:7A:E9:D3
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: A87B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/862C3A545DF711EF845CEAAA762E951A.roa
Signing time: Mon 19 Aug 2024 06:51:56 +0000
ROA not before: Mon 19 Aug 2024 06:51:53 +0000
ROA not after: Fri 08 Aug 2025 06:51:53 +0000
asID: 9318
IP address blocks: 156.235.112.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43131 (0xa87b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Aug 19 06:51:53 2024 GMT
Not After : Aug 8 06:51:53 2025 GMT
Subject: CN=66c2eb8c-bd2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:8f:12:aa:46:25:d3:ba:2c:7b:96:71:30:19:
8a:89:b3:f2:8d:d6:6b:36:70:2d:23:f9:65:91:06:
1e:16:b9:20:d1:aa:18:7b:9f:17:c6:c1:38:2c:34:
d8:21:da:36:1b:45:2b:31:bd:95:b9:db:f9:3b:6c:
08:74:03:ff:a7:d5:d3:5f:aa:c9:1a:88:6a:89:cf:
b1:c7:fb:21:07:6e:be:96:09:59:0a:02:5c:89:55:
f8:9f:d3:63:05:73:ae:cf:94:fb:d5:d0:cf:0b:2b:
07:f0:08:e4:93:d6:b0:d9:60:09:54:90:49:c8:d4:
fa:f1:3b:99:40:43:12:dc:a4:c7:60:3a:2b:0c:01:
9e:e6:53:c3:f0:8c:78:f1:fe:29:83:ea:3f:af:1f:
09:b7:ea:3f:3f:7b:f9:5c:bd:c3:d1:5a:c8:80:6f:
d4:b7:75:97:13:e4:16:1b:72:e7:2a:37:1f:dc:63:
34:c1:c6:91:92:d3:af:63:5c:68:69:4f:ce:a8:3b:
04:b7:92:c3:2a:67:e7:79:9b:37:c2:c9:9d:26:96:
40:86:af:e7:82:54:15:8c:b0:3f:f4:bd:ab:0e:c4:
e6:7e:53:2b:ed:39:ff:bc:a2:de:fe:cd:83:2e:c8:
64:d7:ec:b7:c6:14:cb:17:72:19:b6:84:8d:12:f3:
03:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:08:4F:09:9D:42:5A:E0:03:4C:4C:21:8E:76:63:1A:FF:7A:E9:D3
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/862C3A545DF711EF845CEAAA762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.235.112.0/21
Signature Algorithm: sha256WithRSAEncryption
87:c4:7e:d5:58:1f:c9:15:d6:0b:60:48:43:ac:2d:ac:3a:95:
8f:ab:56:8f:57:64:dc:73:d0:3d:75:3e:d5:c9:4b:7c:45:f8:
b4:25:85:d1:09:c8:86:28:07:56:4c:02:94:b7:c7:a6:f8:9b:
58:7b:b7:a7:cb:af:74:18:06:65:94:28:f7:f9:c0:cf:fb:a7:
be:de:7f:2a:8b:02:72:44:bc:72:31:9c:c5:c3:41:68:6f:63:
91:6c:78:05:e7:4d:49:36:d6:e6:ac:a2:1a:ab:0c:e8:5b:9f:
16:7f:8f:49:fc:57:2f:0c:ae:58:39:34:b1:a5:0f:b3:de:7d:
b2:9f:52:0f:95:59:1c:c0:76:df:67:13:dc:10:3e:36:08:a0:
ee:a4:8e:cb:cd:cb:b5:a5:91:05:08:1b:4b:88:7c:ac:68:70:
8d:16:61:28:34:0b:90:ce:4f:ab:cf:8f:e2:d3:75:38:34:a3:
e2:c5:9f:c4:04:69:bc:95:a2:36:3e:69:bc:f0:88:b4:0b:72:
03:41:d1:2d:ed:56:d7:b0:0e:a9:65:b9:4b:29:27:f8:20:56:
99:b3:7b:6c:9e:3b:e2:fb:7f:45:89:e4:4f:3c:76:2a:18:7f:
71:99:f2:8c:07:24:1b:0f:82:f0:e8:43:a5:19:82:65:da:2d:
a1:d3:f1:90
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAKh7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwODE5MDY1MTUzWhcNMjUwODA4MDY1MTUzWjAYMRYw
FAYDVQQDEw02NmMyZWI4Yy1iZDJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA348SqkYl07ose5ZxMBmKibPyjdZrNnAtI/llkQYeFrkg0aoYe58XxsE4
LDTYIdo2G0UrMb2Vudv5O2wIdAP/p9XTX6rJGohqic+xx/shB26+lglZCgJciVX4
n9NjBXOuz5T71dDPCysH8Ajkk9aw2WAJVJBJyNT68TuZQEMS3KTHYDorDAGe5lPD
8Ix48f4pg+o/rx8Jt+o/P3v5XL3D0VrIgG/Ut3WXE+QWG3LnKjcf3GM0wcaRktOv
Y1xoaU/OqDsEt5LDKmfneZs3wsmdJpZAhq/nglQVjLA/9L2rDsTmflMr7Tn/vKLe
/s2DLshk1+y3xhTLF3IZtoSNEvMD3wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHkI
TwmdQlrgA0xMIY52Yxr/eunTMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84NjJDM0E1NDVERjcxMUVGODQ1Q0VBQUE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnOtwMA0GCSqGSIb3DQEBCwUA
A4IBAQCHxH7VWB/JFdYLYEhDrC2sOpWPq1aPV2Tcc9A9dT7VyUt8Rfi0JYXRCciG
KAdWTAKUt8em+JtYe7eny690GAZllCj3+cDP+6e+3n8qiwJyRLxyMZzFw0Fob2OR
bHgF501JNtbmrKIaqwzoW58Wf49J/FcvDK5YOTSxpQ+z3n2yn1IPlVkcwHbfZxPc
ED42CKDupI7Lzcu1pZEFCBtLiHysaHCNFmEoNAuQzk+rz4/i03U4NKPixZ/EBGm8
laI2Pmm88Ii0C3IDQdEt7VbXsA6pZblLKSf4IFaZs3tsnjvi+39FieRPPHYqGH9x
mfKMByQbD4Lw6EOlGYJl2i2h0/GQ
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:38 2024 by rpki-client on console-fra.rpki-client.org