Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/92A7DB3E1C1C11EFAD96292E7DDC24C2.roa
File: 92A7DB3E1C1C11EFAD96292E7DDC24C2.roa (raw, json)
Hash identifier: pZZRzSdAa6Qh8oFZvUNgFf4+O6V3JjFk7zQa3EoV2e8=
Subject key identifier: C9:34:AE:7D:1A:66:FF:03:A4:F4:F0:27:68:52:D5:58:52:B5:BA:50
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 8C41
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/92A7DB3E1C1C11EFAD96292E7DDC24C2.roa
Signing time: Mon 27 May 2024 11:30:52 +0000
ROA not before: Mon 27 May 2024 11:30:48 +0000
ROA not after: Sat 11 Jan 2025 11:30:48 +0000
asID: 399077
IP address blocks: 156.248.72.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35905 (0x8c41)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 27 11:30:48 2024 GMT
Not After : Jan 11 11:30:48 2025 GMT
Subject: CN=66546eec-682d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:61:c5:50:1d:ea:cc:a5:36:21:89:4f:24:9a:
71:da:df:42:8a:28:69:f3:53:4a:50:78:05:b5:b1:
c3:fe:61:ba:3a:36:b1:30:de:79:95:ac:93:61:76:
9e:dc:8b:79:8a:c4:09:76:ba:a1:23:c7:e7:c9:cd:
fe:56:13:0b:7e:59:bc:ce:fe:f0:d0:90:3d:cb:ce:
de:c1:fc:82:e1:f7:c0:c5:25:92:c9:d8:e7:e2:d0:
0a:0f:68:5f:cb:7f:f7:54:fa:f2:1b:c1:73:a4:c1:
1c:72:0d:dd:5e:cb:bf:37:b2:d2:71:24:fa:01:a3:
e6:49:89:4c:ae:81:21:24:96:7a:f3:1b:d0:40:c5:
05:f2:47:5b:d5:aa:60:c4:ba:35:d2:bf:29:91:68:
69:39:6a:94:24:b8:51:ae:2f:e4:87:dd:28:40:b9:
fa:fb:e7:bd:a3:86:70:2e:44:d6:f2:87:4e:23:8c:
b0:ac:e2:17:5c:4d:1c:0a:a7:7d:6f:f3:ab:f7:2e:
bc:96:68:2d:2e:e6:89:f8:54:c0:7d:9c:be:e4:71:
4a:ed:80:e6:7d:8a:af:5b:db:98:5c:19:63:ba:54:
c0:ee:49:d3:8b:37:eb:c3:db:33:4f:b7:c6:00:6a:
a4:ee:12:62:14:5c:bd:7a:c7:a0:ae:db:c9:b4:b7:
82:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:34:AE:7D:1A:66:FF:03:A4:F4:F0:27:68:52:D5:58:52:B5:BA:50
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/92A7DB3E1C1C11EFAD96292E7DDC24C2.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.248.72.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:95:6d:7d:57:1a:3d:f9:e8:f1:f4:de:31:cb:34:27:71:10:
93:b2:b6:74:bf:a1:41:3c:13:bc:e3:a6:52:ba:ba:0d:5b:53:
07:f9:e0:94:45:c3:fa:7d:12:a3:bf:5c:49:a1:df:c2:ac:2c:
95:22:f1:4e:2d:9a:44:dd:7d:60:2b:f9:01:83:0a:cc:81:f9:
f9:3a:4e:47:14:91:17:6b:a3:d8:e0:95:68:7a:de:76:3c:46:
f1:49:87:ec:3a:80:6f:5f:4d:8d:9d:46:d2:dc:b9:13:f5:f4:
f5:ff:b1:5a:29:77:f6:6c:82:02:6d:d9:62:0a:e2:74:f2:81:
79:cd:2c:0b:fb:47:85:01:b4:ac:f3:85:19:62:52:69:93:37:
95:7a:7b:29:ac:87:7b:f8:b3:16:dc:24:7d:69:d4:3b:e4:b1:
19:75:20:ec:54:18:05:d7:c3:79:4e:31:b7:18:ae:70:23:58:
4b:40:ce:ef:78:23:82:ec:27:bb:3c:f3:36:36:ab:a7:a1:31:
0c:54:12:8d:27:68:4e:77:2b:d7:e2:6f:98:79:06:1e:6c:c2:
99:f2:4d:14:f3:de:5f:31:8a:58:25:91:f3:c4:1b:18:66:7a:
a3:b0:75:49:52:38:38:5d:4c:c0:6e:ea:f9:4a:79:d9:f4:95:
9a:1e:b8:fd
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAIxBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNTI3MTEzMDQ4WhcNMjUwMTExMTEzMDQ4WjAYMRYw
FAYDVQQDEw02NjU0NmVlYy02ODJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0WHFUB3qzKU2IYlPJJpx2t9Ciihp81NKUHgFtbHD/mG6OjaxMN55layT
YXae3It5isQJdrqhI8fnyc3+VhMLflm8zv7w0JA9y87ewfyC4ffAxSWSydjn4tAK
D2hfy3/3VPryG8FzpMEccg3dXsu/N7LScST6AaPmSYlMroEhJJZ68xvQQMUF8kdb
1apgxLo10r8pkWhpOWqUJLhRri/kh90oQLn6++e9o4ZwLkTW8odOI4ywrOIXXE0c
Cqd9b/Or9y68lmgtLuaJ+FTAfZy+5HFK7YDmfYqvW9uYXBljulTA7knTizfrw9sz
T7fGAGqk7hJiFFy9esegrtvJtLeCQQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMk0
rn0aZv8DpPTwJ2hS1VhStbpQMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85MkE3REIzRTFDMUMxMUVGQUQ5NjI5MkU3RERDMjRDMi5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPhIMA0GCSqGSIb3DQEBCwUA
A4IBAQCnlW19Vxo9+ejx9N4xyzQncRCTsrZ0v6FBPBO846ZSuroNW1MH+eCURcP6
fRKjv1xJod/CrCyVIvFOLZpE3X1gK/kBgwrMgfn5Ok5HFJEXa6PY4JVoet52PEbx
SYfsOoBvX02NnUbS3LkT9fT1/7FaKXf2bIICbdliCuJ08oF5zSwL+0eFAbSs84UZ
YlJpkzeVensprId7+LMW3CR9adQ75LEZdSDsVBgF18N5TjG3GK5wI1hLQM7veCOC
7Ce7PPM2NqunoTEMVBKNJ2hOdyvX4m+YeQYebMKZ8k0U895fMYpYJZHzxBsYZnqj
sHVJUjg4XUzAbur5SnnZ9JWaHrj9
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:39 2024 by rpki-client on console-fra.rpki-client.org