Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8C0449FAFF9A11EE8377522B017001B1.roa
File: 8C0449FAFF9A11EE8377522B017001B1.roa (raw, json)
Hash identifier: b5se/QI2636LXq9IaJIp3noDFf5UNxKQ7wgEx+8a618=
Subject key identifier: 6F:41:38:F3:30:A3:4A:48:6F:78:E5:42:59:55:FA:77:24:A4:91:F9
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 839C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8C0449FAFF9A11EE8377522B017001B1.roa
Signing time: Sun 21 Apr 2024 04:49:33 +0000
ROA not before: Sun 21 Apr 2024 04:49:30 +0000
ROA not after: Tue 21 May 2024 04:49:30 +0000
asID: 149440
IP address blocks: 156.235.89.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 08 May 2024 00:16:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 33692 (0x839c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 21 04:49:30 2024 GMT
Not After : May 21 04:49:30 2024 GMT
Subject: CN=66249add-686d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:93:67:7b:bc:f0:80:f3:f8:e4:0b:eb:49:f8:
49:29:68:ba:25:29:a1:dd:87:0a:f7:67:49:2d:62:
a4:e4:70:dc:e3:31:32:45:75:99:e4:9e:13:2e:70:
24:ac:f0:fa:56:b6:8c:e9:52:b2:80:20:d6:b9:89:
74:95:e4:a7:65:f9:e6:3e:33:06:b0:f6:67:7d:04:
13:73:59:c4:01:ad:51:83:ed:9e:d2:0b:1a:b6:3f:
e1:a1:7a:7e:60:fc:db:e6:6a:41:14:92:4c:2f:c6:
b2:37:88:73:77:a0:61:51:30:ab:ca:99:6a:dd:ce:
90:07:c0:b4:63:e8:2e:de:cc:48:89:3a:f7:cc:ca:
55:02:43:8d:c1:d1:16:91:de:5b:ba:4d:65:ac:83:
6d:b2:07:bb:2c:72:a9:6f:cb:d0:28:6b:7b:5e:a7:
f1:2b:10:23:07:93:e7:e9:3a:45:86:7a:56:e0:dc:
31:20:c0:71:c0:49:4f:a9:34:b8:d4:b2:9e:df:f4:
0c:bd:3c:68:8c:4d:f6:7f:40:1a:f0:a0:88:a6:81:
fe:65:62:36:e8:f6:5d:a5:ff:70:a6:e3:66:e2:d6:
f6:18:b2:e0:bd:5b:79:2f:8a:0b:46:93:2a:72:81:
83:b2:f5:30:e2:f5:74:4b:b9:dc:33:1e:20:3e:d5:
39:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:41:38:F3:30:A3:4A:48:6F:78:E5:42:59:55:FA:77:24:A4:91:F9
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8C0449FAFF9A11EE8377522B017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.235.89.0/24
Signature Algorithm: sha256WithRSAEncryption
31:74:87:af:89:98:53:37:6d:21:ef:e9:20:4a:c0:be:7b:21:
52:cd:1d:d4:97:f0:01:cc:95:78:72:60:59:6d:34:eb:52:1a:
c6:71:24:4a:7a:66:dc:11:db:54:c4:74:d2:dd:a9:49:e5:50:
fb:ed:a8:9c:d0:14:5b:a9:86:38:01:b2:b9:fc:69:a1:32:e4:
ab:9a:07:94:31:f7:7a:f7:0c:db:ea:1f:28:20:59:62:a9:b8:
2e:0e:56:10:13:8e:23:87:a5:cb:1f:14:95:34:d5:44:39:d2:
b4:bc:9a:bb:1c:67:c1:d9:33:5c:b0:20:2e:15:fd:53:ed:cd:
d6:64:fe:ac:0f:af:07:34:99:c2:83:a8:35:73:69:42:37:91:
9c:a9:bc:c5:5b:bb:d9:a0:36:14:b2:68:0f:43:5e:be:02:90:
b9:2b:98:0b:13:27:c1:0c:90:9f:aa:d8:56:0b:0d:06:76:39:
75:3f:47:ac:e1:7a:53:5c:41:39:c6:60:f6:78:3c:75:98:b4:
5d:b9:0a:3e:47:66:f0:86:a6:46:77:43:59:7f:1f:20:ff:43:
2e:cf:06:d5:c7:87:aa:d3:bb:a9:be:6b:6e:44:64:85:9f:0d:
8f:4c:03:ec:a3:a4:3f:f1:8f:86:c7:74:7d:b3:72:5a:e5:71:
a5:39:86:3a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAIOcMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNDIxMDQ0OTMwWhcNMjQwNTIxMDQ0OTMwWjAYMRYw
FAYDVQQDEw02NjI0OWFkZC02ODZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAw5Nne7zwgPP45AvrSfhJKWi6JSmh3YcK92dJLWKk5HDc4zEyRXWZ5J4T
LnAkrPD6VraM6VKygCDWuYl0leSnZfnmPjMGsPZnfQQTc1nEAa1Rg+2e0gsatj/h
oXp+YPzb5mpBFJJML8ayN4hzd6BhUTCryplq3c6QB8C0Y+gu3sxIiTr3zMpVAkON
wdEWkd5buk1lrINtsge7LHKpb8vQKGt7XqfxKxAjB5Pn6TpFhnpW4NwxIMBxwElP
qTS41LKe3/QMvTxojE32f0Aa8KCIpoH+ZWI26PZdpf9wpuNm4tb2GLLgvVt5L4oL
RpMqcoGDsvUw4vV0S7ncMx4gPtU5rwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFG9B
OPMwo0pIb3jlQllV+nckpJH5MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84QzA0NDlGQUZGOUExMUVFODM3NzUyMkIwMTcwMDFCMS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOtZMA0GCSqGSIb3DQEBCwUA
A4IBAQAxdIeviZhTN20h7+kgSsC+eyFSzR3Ul/ABzJV4cmBZbTTrUhrGcSRKembc
EdtUxHTS3alJ5VD77aic0BRbqYY4AbK5/GmhMuSrmgeUMfd69wzb6h8oIFliqbgu
DlYQE44jh6XLHxSVNNVEOdK0vJq7HGfB2TNcsCAuFf1T7c3WZP6sD68HNJnCg6g1
c2lCN5GcqbzFW7vZoDYUsmgPQ16+ApC5K5gLEyfBDJCfqthWCw0Gdjl1P0es4XpT
XEE5xmD2eDx1mLRduQo+R2bwhqZGd0NZfx8g/0MuzwbVx4eq07upvmtuRGSFnw2P
TAPso6Q/8Y+Gx3R9s3Ja5XGlOYY6
-----END CERTIFICATE-----
Generated at Mon May 6 08:04:55 2024 by rpki-client on console-ams.rpki-client.org