Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8FDF89325F1611EFBCEEAD8F762E951A.roa
File: 8FDF89325F1611EFBCEEAD8F762E951A.roa (raw, json)
Hash identifier: pJ+g5suQheiT7vyZVj6FWsSaOLjUQVfM0cecVuOM9i8=
Subject key identifier: 16:74:11:1F:9B:D3:DF:9F:F0:D1:2D:70:4F:C0:A7:12:A7:C9:72:14
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: AA64
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8FDF89325F1611EFBCEEAD8F762E951A.roa
Signing time: Tue 20 Aug 2024 17:06:38 +0000
ROA not before: Tue 20 Aug 2024 17:06:35 +0000
ROA not after: Tue 21 Jan 2025 17:06:35 +0000
asID: 63199
IP address blocks: 156.230.52.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43620 (0xaa64)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Aug 20 17:06:35 2024 GMT
Not After : Jan 21 17:06:35 2025 GMT
Subject: CN=66c4cd1e-0659
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:ea:ac:57:8a:4b:4e:b7:9c:4b:ca:1b:19:21:
b5:d0:25:b8:bb:27:90:d0:05:a1:f7:9a:b9:c2:09:
08:b9:62:dc:34:37:89:f8:bf:c6:71:b8:dc:6d:54:
d3:c1:9f:5f:fd:63:b4:e6:b7:3f:c1:de:87:41:18:
11:a5:82:9d:7e:1a:f2:00:eb:b4:7f:8c:be:69:e7:
60:7b:34:72:4c:83:71:9e:8e:9d:14:24:1a:80:18:
c7:5f:23:37:24:a3:a9:75:06:f1:27:e8:ca:ce:94:
05:94:a3:ce:5d:49:f5:81:fb:6b:40:19:15:af:83:
30:b5:8e:18:1d:73:cd:fc:42:24:a4:63:b3:6c:93:
f1:05:50:93:54:40:e1:f4:3c:fa:b8:7b:72:43:6e:
9c:74:19:a2:74:a4:f9:35:3e:02:5a:46:c7:5a:ad:
77:cc:90:05:e1:0c:61:0a:65:e3:4a:29:62:30:7d:
17:1d:25:31:94:ec:2c:1f:5e:de:52:f2:27:b8:18:
f6:6b:c7:52:dd:14:ee:6b:43:28:ab:37:49:1e:8d:
04:20:18:4c:ca:66:da:b1:5d:50:f7:d2:c2:af:07:
85:d2:8a:68:af:7d:79:af:9d:fe:d2:a1:4d:8d:37:
95:07:c9:07:c7:06:ed:a1:b2:49:0d:56:d7:fb:9b:
a8:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:74:11:1F:9B:D3:DF:9F:F0:D1:2D:70:4F:C0:A7:12:A7:C9:72:14
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8FDF89325F1611EFBCEEAD8F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.230.52.0/22
Signature Algorithm: sha256WithRSAEncryption
3e:5f:fc:60:35:e0:b2:f2:f3:03:66:db:fd:bb:d9:3a:29:aa:
67:3b:b2:fb:37:ba:b5:34:a3:50:21:5a:12:ad:2d:6f:df:91:
af:45:ec:09:54:d8:18:64:5f:9f:3d:29:70:52:97:a7:b2:7a:
09:70:05:af:10:41:67:0e:01:f8:4c:7c:15:cf:74:41:47:82:
02:8c:f6:5e:fa:85:3b:d4:f9:11:68:0d:cb:35:1d:d9:ea:32:
cd:2f:61:5c:5d:5f:b3:f1:74:e0:43:f3:b2:f2:41:c7:1e:1a:
d7:20:1d:62:da:fb:4d:21:9c:1b:11:c5:f4:cd:0c:66:da:cf:
2a:c1:11:90:d1:62:13:de:c0:c5:1e:3f:23:fb:64:a7:98:44:
bb:98:ad:08:fb:9e:17:8b:82:4c:8f:68:bd:c2:58:aa:cf:26:
f3:07:87:78:5f:e5:86:51:77:b2:61:ac:34:e8:3c:97:88:92:
51:a3:01:38:a8:93:59:5f:d1:d8:b5:97:a8:c4:7d:ef:67:13:
2a:80:cf:54:47:e5:bf:56:dd:b5:cb:fa:b1:92:15:8c:d4:6b:
11:0e:7b:2f:da:cf:7d:7e:0d:7a:25:be:9c:b4:01:e0:93:62:
eb:64:28:e1:6c:83:7a:12:02:c0:1f:52:b1:ca:aa:72:23:62:
62:aa:ca:86
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAKpkMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwODIwMTcwNjM1WhcNMjUwMTIxMTcwNjM1WjAYMRYw
FAYDVQQDEw02NmM0Y2QxZS0wNjU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2+qsV4pLTrecS8obGSG10CW4uyeQ0AWh95q5wgkIuWLcNDeJ+L/Gcbjc
bVTTwZ9f/WO05rc/wd6HQRgRpYKdfhryAOu0f4y+aedgezRyTINxno6dFCQagBjH
XyM3JKOpdQbxJ+jKzpQFlKPOXUn1gftrQBkVr4MwtY4YHXPN/EIkpGOzbJPxBVCT
VEDh9Dz6uHtyQ26cdBmidKT5NT4CWkbHWq13zJAF4QxhCmXjSiliMH0XHSUxlOws
H17eUvInuBj2a8dS3RTua0MoqzdJHo0EIBhMymbasV1Q99LCrweF0opor315r53+
0qFNjTeVB8kHxwbtobJJDVbX+5uozwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBZ0
ER+b09+f8NEtcE/ApxKnyXIUMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84RkRGODkzMjVGMTYxMUVGQkNFRUFEOEY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnOY0MA0GCSqGSIb3DQEBCwUA
A4IBAQA+X/xgNeCy8vMDZtv9u9k6KapnO7L7N7q1NKNQIVoSrS1v35GvRewJVNgY
ZF+fPSlwUpensnoJcAWvEEFnDgH4THwVz3RBR4ICjPZe+oU71PkRaA3LNR3Z6jLN
L2FcXV+z8XTgQ/Oy8kHHHhrXIB1i2vtNIZwbEcX0zQxm2s8qwRGQ0WIT3sDFHj8j
+2SnmES7mK0I+54Xi4JMj2i9wliqzybzB4d4X+WGUXeyYaw06DyXiJJRowE4qJNZ
X9HYtZeoxH3vZxMqgM9UR+W/Vt21y/qxkhWM1GsRDnsv2s99fg16Jb6ctAHgk2Lr
ZCjhbIN6EgLAH1KxyqpyI2JiqsqG
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:38 2024 by rpki-client on console-fra.rpki-client.org