Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8DF4FE80A33711EFB36B3F6E762E951A.roa
File: 8DF4FE80A33711EFB36B3F6E762E951A.roa (raw, json)
Hash identifier: vko05cffrphP1xeUD4qVScOsngR3rKVikcbGAI8WPI8=
Subject key identifier: 2A:0C:AE:6A:F5:24:6C:8E:26:1A:C2:82:B8:60:AE:F4:20:8F:BA:4D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D315
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8DF4FE80A33711EFB36B3F6E762E951A.roa
Signing time: Fri 15 Nov 2024 09:54:07 +0000
ROA not before: Fri 15 Nov 2024 09:54:03 +0000
ROA not after: Sat 23 Nov 2024 09:54:03 +0000
asID: 54467
IP address blocks: 156.247.56.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 54037 (0xd315)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 15 09:54:03 2024 GMT
Not After : Nov 23 09:54:03 2024 GMT
Subject: CN=67371a3f-362f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:3c:c2:8e:31:3f:56:d5:7c:94:90:fe:cb:a4:
de:45:08:00:1d:56:78:b1:5c:0c:bc:4c:82:68:75:
b9:60:1e:0f:68:71:a1:7a:cb:86:5b:c8:eb:5e:d1:
77:2d:4f:cb:ff:ef:e8:e1:03:d1:43:19:88:be:f3:
bf:bb:b3:fc:a0:bd:47:ce:a5:8a:57:a5:f0:d9:00:
37:06:05:92:be:a3:49:68:3b:a9:d3:bd:42:76:d4:
37:04:2e:5c:fa:52:92:d9:7c:d8:bf:39:e4:ba:c5:
5b:7f:82:65:fa:a7:a4:a6:8e:07:0a:50:41:29:61:
50:57:bb:c1:54:dc:1e:5e:9b:98:c0:b6:60:e4:fe:
0e:19:f5:41:83:e7:f4:bc:f3:73:cd:09:7e:8a:7b:
5b:f0:f7:8c:a4:63:fc:1a:5a:93:79:5f:ee:45:05:
61:3c:66:19:33:4a:1c:26:b0:b3:c5:da:ac:cb:65:
2b:4a:d7:31:35:d7:ad:31:81:f2:a8:04:8a:c2:1c:
01:d8:b4:9c:d2:04:64:36:95:3e:23:90:89:e9:42:
a9:85:99:07:41:cd:c4:81:c5:bc:5d:f4:f5:77:00:
1e:62:7f:25:b6:4e:78:40:dc:73:7c:03:51:74:d0:
32:c0:fe:97:d5:e7:3d:bb:ad:07:d2:5f:37:cd:ae:
86:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:0C:AE:6A:F5:24:6C:8E:26:1A:C2:82:B8:60:AE:F4:20:8F:BA:4D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8DF4FE80A33711EFB36B3F6E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.247.56.0/23
Signature Algorithm: sha256WithRSAEncryption
9c:b5:cc:59:fa:0a:53:66:0b:32:df:db:63:93:f3:eb:2b:92:
1f:9a:2e:cc:77:81:8f:5a:a8:9d:90:95:81:d5:fd:29:b9:90:
76:5f:c3:7c:f2:75:1b:b6:36:91:47:df:4b:10:7b:ea:df:43:
bc:0c:fb:f0:01:70:8c:bb:6b:fa:a2:03:91:f2:0f:2f:22:3a:
57:56:51:c6:c6:22:8e:c5:f7:d1:d2:4a:ee:0c:07:56:db:2e:
e5:0a:cf:5a:f3:f8:58:2f:50:99:65:5d:90:11:e5:8b:79:a6:
d9:7c:20:22:51:e1:72:79:9b:d1:b6:b2:c8:b3:3b:32:ed:0c:
62:0a:46:59:04:eb:00:a4:e0:0c:be:7a:a3:fe:f8:10:35:d8:
49:0c:c6:c6:3f:22:8a:e1:2c:fe:e7:15:cc:2c:1e:b6:d0:d1:
60:36:ce:f8:e4:73:bd:9f:5c:85:ee:ab:ab:7e:2e:a9:fa:73:
b9:65:52:85:4b:35:7d:28:48:b0:4d:6a:00:be:be:d8:13:2c:
d7:da:e0:0b:84:9d:c0:48:38:0d:79:ed:b0:2c:09:db:a7:80:
9f:c5:8e:6c:69:d2:31:27:46:3d:c8:cb:bd:b8:31:29:90:95:
0e:cb:8f:bc:51:16:48:89:d2:54:49:1d:96:7d:08:cf:37:5c:
ab:2f:e0:65
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANMVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTE1MDk1NDAzWhcNMjQxMTIzMDk1NDAzWjAYMRYw
FAYDVQQDEw02NzM3MWEzZi0zNjJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwDzCjjE/VtV8lJD+y6TeRQgAHVZ4sVwMvEyCaHW5YB4PaHGhesuGW8jr
XtF3LU/L/+/o4QPRQxmIvvO/u7P8oL1HzqWKV6Xw2QA3BgWSvqNJaDup071CdtQ3
BC5c+lKS2XzYvznkusVbf4Jl+qekpo4HClBBKWFQV7vBVNweXpuYwLZg5P4OGfVB
g+f0vPNzzQl+intb8PeMpGP8GlqTeV/uRQVhPGYZM0ocJrCzxdqsy2UrStcxNdet
MYHyqASKwhwB2LSc0gRkNpU+I5CJ6UKphZkHQc3EgcW8XfT1dwAeYn8ltk54QNxz
fANRdNAywP6X1ec9u60H0l83za6GrQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCoM
rmr1JGyOJhrCgrhgrvQgj7pNMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84REY0RkU4MEEzMzcxMUVGQjM2QjNGNkU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnPc4MA0GCSqGSIb3DQEBCwUA
A4IBAQCctcxZ+gpTZgsy39tjk/PrK5Ifmi7Md4GPWqidkJWB1f0puZB2X8N88nUb
tjaRR99LEHvq30O8DPvwAXCMu2v6ogOR8g8vIjpXVlHGxiKOxffR0kruDAdW2y7l
Cs9a8/hYL1CZZV2QEeWLeabZfCAiUeFyeZvRtrLIszsy7QxiCkZZBOsApOAMvnqj
/vgQNdhJDMbGPyKK4Sz+5xXMLB620NFgNs745HO9n1yF7qurfi6p+nO5ZVKFSzV9
KEiwTWoAvr7YEyzX2uALhJ3ASDgNee2wLAnbp4CfxY5sadIxJ0Y9yMu9uDEpkJUO
y4+8URZIidJUSR2WfQjPN1yrL+Bl
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:38 2024 by rpki-client on console-fra.rpki-client.org