Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8FE92DF09B8B11EF8164C169762E951A.roa
File: 8FE92DF09B8B11EF8164C169762E951A.roa (raw, json)
Hash identifier: 7+p+byPKFJYSXZNBsZOf8sBSHee/BFWpp0nx5qWY0tQ=
Subject key identifier: C0:9A:03:64:88:C8:A5:A4:21:B5:D5:CB:AD:6C:6A:21:1F:77:76:B0
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: CEED
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8FE92DF09B8B11EF8164C169762E951A.roa
Signing time: Tue 05 Nov 2024 15:35:19 +0000
ROA not before: Tue 05 Nov 2024 15:35:15 +0000
ROA not after: Wed 04 Dec 2024 15:35:15 +0000
asID: 200373
IP address blocks: 156.228.76.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 52973 (0xceed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 5 15:35:15 2024 GMT
Not After : Dec 4 15:35:15 2024 GMT
Subject: CN=672a3b37-3748
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:c1:c3:9c:9d:80:f5:39:0d:0f:94:d5:97:a9:
a4:41:6b:54:73:4f:c3:55:93:63:71:22:50:46:e1:
80:fd:ec:2b:1e:b4:88:a0:16:0d:af:ff:1a:c2:54:
5b:99:aa:15:1a:2d:1d:6a:25:f5:16:5b:6e:36:39:
c8:ca:53:5c:48:b8:a1:f8:0b:0a:2e:ef:0f:ad:9c:
a2:bc:db:df:bb:f4:de:f5:d1:3b:9d:8c:54:a3:b3:
bb:56:56:9b:29:16:1d:c9:25:02:a2:01:17:9a:b1:
9f:82:12:9f:2d:a3:d0:96:0d:f6:f0:0f:50:cc:bb:
11:1f:46:90:47:67:74:5e:85:1b:fd:f7:b1:92:b6:
ad:c2:a8:d7:eb:6f:00:e0:4a:81:03:25:23:04:6d:
a6:cc:40:32:53:5e:69:64:b3:77:c9:41:81:5f:fa:
d7:64:38:b1:dd:5b:dd:9c:45:02:47:47:cc:7a:47:
41:6a:3f:24:99:dc:58:f8:8d:6f:5a:bb:74:6d:58:
dd:bc:7c:a2:11:82:6f:92:e2:8f:14:ab:b7:fb:ca:
45:5c:aa:01:0d:29:ce:07:de:f8:21:48:f5:69:56:
9c:49:4b:72:27:36:3d:5a:f4:62:cb:98:46:2b:05:
c3:53:dd:64:68:af:00:9b:f6:1a:84:09:35:0b:57:
2a:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:9A:03:64:88:C8:A5:A4:21:B5:D5:CB:AD:6C:6A:21:1F:77:76:B0
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8FE92DF09B8B11EF8164C169762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.76.0/22
Signature Algorithm: sha256WithRSAEncryption
b4:81:95:4b:b8:26:7d:e6:68:3b:73:5b:25:9a:c4:a6:a7:9b:
d4:9e:c7:be:92:e2:6d:73:46:35:a3:7f:16:49:48:bd:c9:95:
18:2a:ca:6c:44:ba:48:fc:87:9f:3e:7d:c0:16:12:6e:ab:30:
e6:48:7f:10:26:da:a2:bd:43:53:cd:dc:25:4f:ae:a2:1f:70:
08:80:f4:97:78:ca:f5:7e:06:7d:1e:ae:b7:ce:3b:f2:ff:cd:
b9:cf:04:06:76:2f:04:d5:8e:a8:12:5d:71:60:4c:0b:ff:14:
e5:7d:97:27:9e:a8:0f:28:26:b5:bb:39:c2:c7:ab:f1:50:58:
2a:26:b9:a1:b9:e2:17:48:73:74:3f:a5:45:e8:7c:2c:2a:ab:
bd:f3:f8:f0:36:32:5c:e5:f6:2b:cd:13:57:45:b9:6d:e3:b6:
1c:67:d7:35:97:23:d5:66:20:9a:f9:03:11:25:3e:9f:56:68:
02:1d:70:88:10:90:04:34:2e:ed:b1:61:a7:43:bd:40:72:99:
d1:95:bb:da:a7:4f:fc:1e:bd:a4:00:d8:a0:3f:97:c2:ea:fa:
7d:f5:3d:9d:39:5c:e9:5d:73:81:7c:c1:01:35:db:1c:3a:7f:
7f:c0:8d:19:30:92:69:4e:66:b5:91:9e:58:9e:09:b6:db:cb:
6a:ed:7d:17
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAM7tMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTA1MTUzNTE1WhcNMjQxMjA0MTUzNTE1WjAYMRYw
FAYDVQQDEw02NzJhM2IzNy0zNzQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAucHDnJ2A9TkND5TVl6mkQWtUc0/DVZNjcSJQRuGA/ewrHrSIoBYNr/8a
wlRbmaoVGi0daiX1FltuNjnIylNcSLih+AsKLu8PrZyivNvfu/Te9dE7nYxUo7O7
VlabKRYdySUCogEXmrGfghKfLaPQlg328A9QzLsRH0aQR2d0XoUb/fexkratwqjX
628A4EqBAyUjBG2mzEAyU15pZLN3yUGBX/rXZDix3VvdnEUCR0fMekdBaj8kmdxY
+I1vWrt0bVjdvHyiEYJvkuKPFKu3+8pFXKoBDSnOB974IUj1aVacSUtyJzY9WvRi
y5hGKwXDU91kaK8Am/YahAk1C1cqRwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMCa
A2SIyKWkIbXVy61saiEfd3awMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84RkU5MkRGMDlCOEIxMUVGODE2NEMxNjk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnORMMA0GCSqGSIb3DQEBCwUA
A4IBAQC0gZVLuCZ95mg7c1slmsSmp5vUnse+kuJtc0Y1o38WSUi9yZUYKspsRLpI
/IefPn3AFhJuqzDmSH8QJtqivUNTzdwlT66iH3AIgPSXeMr1fgZ9Hq63zjvy/825
zwQGdi8E1Y6oEl1xYEwL/xTlfZcnnqgPKCa1uznCx6vxUFgqJrmhueIXSHN0P6VF
6HwsKqu98/jwNjJc5fYrzRNXRblt47YcZ9c1lyPVZiCa+QMRJT6fVmgCHXCIEJAE
NC7tsWGnQ71AcpnRlbvap0/8Hr2kANigP5fC6vp99T2dOVzpXXOBfMEBNdscOn9/
wI0ZMJJpTma1kZ5Yngm228tq7X0X
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:40 2024 by rpki-client on console-ams.rpki-client.org