Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8BE91276A0E311EF9267B38C762E951A.roa
File: 8BE91276A0E311EF9267B38C762E951A.roa (raw, json)
Hash identifier: G110VVXZNiEbYyurxSZfv6qFTmW6YFi6Qjf9kyySFMc=
Subject key identifier: AD:23:BC:1D:B9:82:43:F0:AC:48:39:32:17:7E:64:0F:09:C3:11:FC
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D1A5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8BE91276A0E311EF9267B38C762E951A.roa
Signing time: Tue 12 Nov 2024 10:47:44 +0000
ROA not before: Tue 12 Nov 2024 10:47:40 +0000
ROA not after: Fri 22 Nov 2024 10:47:40 +0000
asID: 7018
IP address blocks: 156.238.188.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 22 Nov 2024 10:47:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 53669 (0xd1a5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 12 10:47:40 2024 GMT
Not After : Nov 22 10:47:40 2024 GMT
Subject: CN=67333250-200a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:bc:ba:8c:10:47:13:ad:bb:6b:38:16:a3:f8:
5b:48:f0:cc:c5:94:92:df:5d:30:cb:3a:14:bd:0b:
6c:fd:91:7f:f4:22:47:f9:ab:d4:83:ff:80:8e:1d:
14:57:08:d9:99:7b:2d:4d:13:ac:84:a7:4a:4a:75:
49:6c:49:7d:4c:1e:c3:70:33:19:ba:9a:2d:cc:76:
03:67:c6:9d:df:e0:ab:3a:cc:74:d6:34:b1:e8:cb:
92:0b:93:36:b9:5b:a0:fc:82:98:95:03:92:7e:a4:
1b:a4:a1:7c:d0:29:f3:b4:f5:e4:74:5b:d5:f6:9b:
7f:d1:f7:01:85:15:25:39:df:58:57:b6:e9:0a:02:
e9:16:a0:79:5e:d7:1e:16:ad:12:ea:ed:4d:b6:05:
13:25:64:f5:b9:98:cb:90:0b:17:c0:33:fd:be:1c:
ee:b1:2a:d3:65:59:72:be:95:94:5f:49:02:21:14:
5b:c5:88:69:5c:a4:fa:f2:b9:32:ad:a7:44:1d:86:
8b:3d:04:f4:48:7e:4e:cb:6e:89:b6:2e:1b:b6:51:
20:3f:d7:f5:d8:f0:3b:9e:3d:26:90:a1:46:69:f7:
94:16:1f:33:a2:aa:77:6d:58:e0:59:04:33:8a:7a:
f2:b1:8d:76:e7:ad:08:f1:12:a0:cc:24:80:11:d7:
0b:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:23:BC:1D:B9:82:43:F0:AC:48:39:32:17:7E:64:0F:09:C3:11:FC
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8BE91276A0E311EF9267B38C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.188.0/22
Signature Algorithm: sha256WithRSAEncryption
04:c7:45:9f:a3:de:4a:be:1e:22:3c:d3:e7:95:04:65:94:08:
ee:1a:9c:26:21:73:7f:a4:96:e7:02:bd:6e:c4:c7:62:ed:25:
4d:24:01:4e:26:37:74:15:78:45:31:cf:c0:8b:b4:b5:9f:0d:
14:61:14:8c:27:df:3b:19:f9:cd:8a:fe:1d:29:15:2b:bf:81:
34:9b:15:1a:be:38:ae:2d:7b:83:1e:2e:c5:19:15:e9:f7:72:
e9:b2:cc:89:4d:d1:7c:59:28:60:77:e9:9e:14:04:47:3b:87:
18:cd:e1:b6:94:a5:01:7e:2f:a2:eb:b4:9a:19:0a:41:0c:77:
0b:02:5f:a9:ba:e2:4d:87:0f:fa:8f:eb:37:04:a1:40:00:25:
f4:45:68:36:10:c6:df:f2:55:5e:6f:ec:fa:b3:3e:46:42:43:
3b:ef:3f:ab:3a:6f:4d:38:f6:45:f6:cc:07:f0:ef:4c:97:19:
3f:96:5e:26:15:32:5c:21:7a:5c:47:a2:60:01:be:e8:9b:9c:
c4:b6:c6:f1:f1:3a:ca:57:98:fd:a0:e9:bf:9c:98:cb:02:f5:
e7:86:54:a1:cf:f6:0d:eb:8b:dd:c2:11:06:e2:ec:ab:26:5c:
55:d6:43:f9:37:51:a7:36:21:60:2c:98:26:ed:c5:f5:7a:0d:
7f:a2:0f:8b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANGlMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTEyMTA0NzQwWhcNMjQxMTIyMTA0NzQwWjAYMRYw
FAYDVQQDEw02NzMzMzI1MC0yMDBhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAw7y6jBBHE627azgWo/hbSPDMxZSS310wyzoUvQts/ZF/9CJH+avUg/+A
jh0UVwjZmXstTROshKdKSnVJbEl9TB7DcDMZupotzHYDZ8ad3+CrOsx01jSx6MuS
C5M2uVug/IKYlQOSfqQbpKF80CnztPXkdFvV9pt/0fcBhRUlOd9YV7bpCgLpFqB5
XtceFq0S6u1NtgUTJWT1uZjLkAsXwDP9vhzusSrTZVlyvpWUX0kCIRRbxYhpXKT6
8rkyradEHYaLPQT0SH5Oy26Jti4btlEgP9f12PA7nj0mkKFGafeUFh8zoqp3bVjg
WQQzinrysY12560I8RKgzCSAEdcLGQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFK0j
vB25gkPwrEg5Mhd+ZA8JwxH8MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84QkU5MTI3NkEwRTMxMUVGOTI2N0IzOEM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnO68MA0GCSqGSIb3DQEBCwUA
A4IBAQAEx0Wfo95Kvh4iPNPnlQRllAjuGpwmIXN/pJbnAr1uxMdi7SVNJAFOJjd0
FXhFMc/Ai7S1nw0UYRSMJ987GfnNiv4dKRUrv4E0mxUavjiuLXuDHi7FGRXp93Lp
ssyJTdF8WShgd+meFARHO4cYzeG2lKUBfi+i67SaGQpBDHcLAl+puuJNhw/6j+s3
BKFAACX0RWg2EMbf8lVeb+z6sz5GQkM77z+rOm9NOPZF9swH8O9Mlxk/ll4mFTJc
IXpcR6JgAb7om5zEtsbx8TrKV5j9oOm/nJjLAvXnhlShz/YN64vdwhEG4uyrJlxV
1kP5N1GnNiFgLJgm7cX1eg1/og+L
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:39 2024 by rpki-client on console-ams.rpki-client.org