Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/986B76B4A64811EFA5C712AD762E951A.roa
File: 986B76B4A64811EFA5C712AD762E951A.roa (raw, json)
Hash identifier: oSE4Bl1SninVlgOiMUEgKJe9zF/ZDmtTeUHthdES+MI=
Subject key identifier: 0E:B1:93:0F:C5:4A:B8:DC:61:9D:4E:DB:02:F2:F9:4B:93:B4:AF:A4
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D552
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/986B76B4A64811EFA5C712AD762E951A.roa
Signing time: Tue 19 Nov 2024 07:33:40 +0000
ROA not before: Tue 19 Nov 2024 07:33:36 +0000
ROA not after: Sat 30 Nov 2024 07:33:36 +0000
asID: 398781
IP address blocks: 156.229.128.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 54610 (0xd552)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 19 07:33:36 2024 GMT
Not After : Nov 30 07:33:36 2024 GMT
Subject: CN=673c3f54-d2ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:a3:87:47:31:39:b4:71:3b:05:1d:04:dc:d4:
13:22:7b:8b:6a:68:e3:68:ac:7c:57:09:d8:d5:20:
15:a4:7d:4c:0a:47:7b:04:0c:e0:5f:4b:cf:2c:9e:
c9:88:f7:db:30:08:a3:6b:47:42:86:a3:89:07:7b:
fe:4c:48:f7:e4:9c:7a:48:c1:4d:c1:5a:a2:5d:6f:
ce:1a:1d:37:6b:c5:99:13:98:54:36:44:71:de:1f:
6b:a8:63:3c:76:c2:95:fc:3c:bb:e1:ef:a4:c7:60:
5f:5d:a2:ba:73:54:de:ff:a0:dd:56:ac:d7:57:ed:
00:f4:d9:b8:a0:1f:62:fc:cd:d4:92:be:bc:d0:ed:
14:f3:25:ad:1b:59:24:b9:58:34:7b:34:c2:76:1e:
b1:5a:5b:2e:69:4b:a2:0e:f0:45:38:ab:fd:bb:69:
fc:f5:50:8e:b4:47:34:f1:2f:df:a1:04:4b:0f:51:
6e:74:ac:6c:35:5a:6b:33:4d:c3:9a:25:18:13:8b:
de:2a:5f:cc:a1:1e:e3:08:22:55:62:4f:da:0a:ba:
09:bd:47:ee:ea:50:8d:fd:60:d6:b1:4d:68:52:5a:
8c:53:cf:97:4d:c3:0a:7e:2f:d4:1c:9e:70:b2:83:
93:b0:cd:19:f2:75:f3:8c:7e:21:64:ae:41:70:79:
f5:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:B1:93:0F:C5:4A:B8:DC:61:9D:4E:DB:02:F2:F9:4B:93:B4:AF:A4
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/986B76B4A64811EFA5C712AD762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.128.0/20
Signature Algorithm: sha256WithRSAEncryption
5d:a2:9f:2a:eb:33:4d:35:8c:fb:79:66:83:ec:f9:92:62:63:
20:9b:f4:88:a6:4e:61:49:28:5d:30:e5:e0:bf:eb:65:5f:ab:
88:63:6c:f2:04:2a:59:1e:d3:18:e4:71:bd:58:e2:e4:33:ae:
4b:0c:ec:fb:7c:1e:38:c3:83:b3:64:58:4b:7d:71:d7:71:31:
95:8c:58:be:21:8e:d6:7b:28:fe:5e:a0:b2:4d:bf:13:3d:56:
a2:94:69:b9:e7:b9:6b:a7:06:ce:0a:3f:ca:60:82:12:c0:75:
78:05:39:f2:28:ec:92:70:17:bc:50:93:96:df:f9:48:9d:25:
2c:13:2a:9a:db:e3:c4:d4:ac:05:22:d3:a6:cc:6a:13:d5:83:
84:a4:c3:86:bd:6c:5b:e3:46:ef:5a:f2:ab:42:d0:45:7b:61:
ae:51:18:5f:7c:e5:05:c6:51:93:f1:f2:29:1a:5b:57:20:23:
ed:bc:1e:04:a5:3d:d8:75:10:a0:2d:89:33:24:96:e5:ae:f1:
66:f6:6c:0b:06:76:ad:c0:55:56:58:a7:fa:2d:09:8a:a9:ad:
d4:95:2c:1c:33:ac:51:cb:3c:3c:ce:30:fc:52:ee:36:45:bb:
61:12:ba:fe:aa:33:1c:c8:a8:83:80:60:58:3a:cc:94:f3:53:
24:ae:a6:7b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANVSMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTE5MDczMzM2WhcNMjQxMTMwMDczMzM2WjAYMRYw
FAYDVQQDEw02NzNjM2Y1NC1kMmZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1aOHRzE5tHE7BR0E3NQTInuLamjjaKx8VwnY1SAVpH1MCkd7BAzgX0vP
LJ7JiPfbMAija0dChqOJB3v+TEj35Jx6SMFNwVqiXW/OGh03a8WZE5hUNkRx3h9r
qGM8dsKV/Dy74e+kx2BfXaK6c1Te/6DdVqzXV+0A9Nm4oB9i/M3Ukr680O0U8yWt
G1kkuVg0ezTCdh6xWlsuaUuiDvBFOKv9u2n89VCOtEc08S/foQRLD1FudKxsNVpr
M03DmiUYE4veKl/MoR7jCCJVYk/aCroJvUfu6lCN/WDWsU1oUlqMU8+XTcMKfi/U
HJ5wsoOTsM0Z8nXzjH4hZK5BcHn1SQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFA6x
kw/FSrjcYZ1O2wLy+UuTtK+kMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85ODZCNzZCNEE2NDgxMUVGQTVDNzEyQUQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnOWAMA0GCSqGSIb3DQEBCwUA
A4IBAQBdop8q6zNNNYz7eWaD7PmSYmMgm/SIpk5hSShdMOXgv+tlX6uIY2zyBCpZ
HtMY5HG9WOLkM65LDOz7fB44w4OzZFhLfXHXcTGVjFi+IY7Weyj+XqCyTb8TPVai
lGm557lrpwbOCj/KYIISwHV4BTnyKOyScBe8UJOW3/lInSUsEyqa2+PE1KwFItOm
zGoT1YOEpMOGvWxb40bvWvKrQtBFe2GuURhffOUFxlGT8fIpGltXICPtvB4EpT3Y
dRCgLYkzJJblrvFm9mwLBnatwFVWWKf6LQmKqa3UlSwcM6xRyzw8zjD8Uu42Rbth
Err+qjMcyKiDgGBYOsyU81MkrqZ7
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:40 2024 by rpki-client on console-fra.rpki-client.org