Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9095A53AA4C311EF9A4FC4A2762E951A.roa
File: 9095A53AA4C311EF9A4FC4A2762E951A.roa (raw, json)
Hash identifier: e98FD6hJ+Jk6l7DibVEjjzj0GN90oRgBsZtpwcibEtc=
Subject key identifier: BE:9F:B4:CF:D5:BD:5C:C1:D7:81:D2:E2:43:B5:EE:4D:A6:1A:35:C3
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D47B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9095A53AA4C311EF9A4FC4A2762E951A.roa
Signing time: Sun 17 Nov 2024 09:08:52 +0000
ROA not before: Sun 17 Nov 2024 09:08:49 +0000
ROA not after: Sat 23 Nov 2024 09:08:49 +0000
asID: 142062
IP address blocks: 156.238.32.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 54395 (0xd47b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 17 09:08:49 2024 GMT
Not After : Nov 23 09:08:49 2024 GMT
Subject: CN=6739b2a4-2b0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:0a:02:70:c2:87:75:59:4c:db:44:3a:f0:85:
c8:fe:7a:37:b0:7a:64:ff:f5:99:38:ad:12:04:69:
8f:d2:52:ed:89:ff:aa:eb:f7:cb:9f:bf:2a:76:25:
aa:9b:5a:2c:6f:5d:86:5e:5e:33:23:8f:5d:67:25:
48:ee:4c:33:ed:47:1e:40:46:6b:a5:e2:65:2d:43:
e8:f7:60:ff:db:9e:b1:17:14:c6:00:28:3b:40:e6:
9d:9d:f3:ba:6a:71:3d:c3:13:f6:97:71:3f:85:c9:
64:e7:98:6a:ce:69:64:3f:20:95:6c:39:57:d7:6b:
5d:6d:29:a4:49:92:74:38:a9:88:9b:20:61:86:69:
47:c3:fb:e6:6f:9d:7b:33:d0:bd:b3:02:fb:2f:b8:
d8:7a:7d:31:c6:a5:86:24:37:72:23:c7:44:e9:32:
04:6e:18:f1:05:c5:e9:91:a7:29:dd:27:b4:5b:1a:
d2:2e:57:02:4e:cd:39:79:5b:f7:1e:d2:31:22:f6:
1c:66:70:63:87:b2:cd:43:a4:08:b5:6a:0c:95:d4:
e2:7b:4f:21:88:e0:de:80:cd:71:ca:bd:24:b0:9b:
31:8a:98:63:6f:d9:f3:62:d9:16:65:1c:96:18:36:
23:84:d5:ca:95:3f:f5:07:71:75:66:21:ad:f4:e7:
f4:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:9F:B4:CF:D5:BD:5C:C1:D7:81:D2:E2:43:B5:EE:4D:A6:1A:35:C3
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9095A53AA4C311EF9A4FC4A2762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.32.0/19
Signature Algorithm: sha256WithRSAEncryption
24:22:33:f6:02:2c:92:be:84:b1:c0:a0:ee:91:af:46:15:49:
ed:4a:d5:d4:21:cb:eb:79:51:90:17:a6:c1:6f:0c:c3:66:7a:
6b:eb:f9:d3:fa:ad:90:78:85:ab:21:91:b9:d3:9d:8b:76:80:
0e:51:87:0e:ea:bc:63:f2:78:92:5b:0e:79:e2:5e:2e:86:e2:
0e:42:4d:87:d2:d0:1e:a8:73:15:56:4f:bd:ee:74:d4:ba:fa:
55:c8:21:31:83:93:52:32:7e:1d:df:e6:16:1a:31:5d:65:f2:
9d:69:c0:52:c2:1b:69:2f:b8:2c:9b:1e:3e:16:93:42:e0:d0:
81:56:3e:e3:32:1a:4a:53:91:a9:5e:23:0d:04:f1:33:f3:97:
5c:31:02:70:9f:1f:fd:17:c8:d3:6a:86:8c:20:29:17:7c:d3:
99:83:fc:f2:22:3b:ee:ec:40:96:dc:0a:5b:68:e9:03:b0:19:
77:1d:c7:7d:e0:5a:60:ee:07:b8:fc:06:0b:24:0a:3b:56:3f:
0c:12:48:ea:64:ba:08:48:60:aa:2b:14:b1:bc:51:d1:04:20:
8d:ee:fb:ae:25:01:b1:ce:bc:a1:d3:b2:7c:e4:01:62:70:9b:
d6:5b:65:94:eb:ab:ab:e9:b3:80:ce:7e:16:5b:65:33:96:ac:
ee:f5:85:8a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANR7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTE3MDkwODQ5WhcNMjQxMTIzMDkwODQ5WjAYMRYw
FAYDVQQDEw02NzM5YjJhNC0yYjBiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApAoCcMKHdVlM20Q68IXI/no3sHpk//WZOK0SBGmP0lLtif+q6/fLn78q
diWqm1osb12GXl4zI49dZyVI7kwz7UceQEZrpeJlLUPo92D/256xFxTGACg7QOad
nfO6anE9wxP2l3E/hclk55hqzmlkPyCVbDlX12tdbSmkSZJ0OKmImyBhhmlHw/vm
b517M9C9swL7L7jYen0xxqWGJDdyI8dE6TIEbhjxBcXpkacp3Se0WxrSLlcCTs05
eVv3HtIxIvYcZnBjh7LNQ6QItWoMldTie08hiODegM1xyr0ksJsxiphjb9nzYtkW
ZRyWGDYjhNXKlT/1B3F1ZiGt9Of08wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFL6f
tM/VvVzB14HS4kO17k2mGjXDMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85MDk1QTUzQUE0QzMxMUVGOUE0RkM0QTI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFnO4gMA0GCSqGSIb3DQEBCwUA
A4IBAQAkIjP2AiySvoSxwKDuka9GFUntStXUIcvreVGQF6bBbwzDZnpr6/nT+q2Q
eIWrIZG5052LdoAOUYcO6rxj8niSWw554l4uhuIOQk2H0tAeqHMVVk+97nTUuvpV
yCExg5NSMn4d3+YWGjFdZfKdacBSwhtpL7gsmx4+FpNC4NCBVj7jMhpKU5GpXiMN
BPEz85dcMQJwnx/9F8jTaoaMICkXfNOZg/zyIjvu7ECW3ApbaOkDsBl3Hcd94Fpg
7ge4/AYLJAo7Vj8MEkjqZLoISGCqKxSxvFHRBCCN7vuuJQGxzryh07J85AFicJvW
W2WU66ur6bOAzn4WW2Uzlqzu9YWK
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:40 2024 by rpki-client on console-ams.rpki-client.org