Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A00A38A2A45D11EF963ED296762E951A.roa
File: A00A38A2A45D11EF963ED296762E951A.roa (raw, json)
Hash identifier: oGJDajJ8RRTEN1/EvbIdIJTHuMGvv+eCdjTA6c8QJko=
Subject key identifier: 73:8B:D6:12:4E:B2:EC:2C:41:82:E5:85:7D:37:FA:79:2F:8D:E2:2E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D43E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A00A38A2A45D11EF963ED296762E951A.roa
Signing time: Sat 16 Nov 2024 20:59:10 +0000
ROA not before: Sat 16 Nov 2024 20:59:06 +0000
ROA not after: Fri 29 Nov 2024 20:59:06 +0000
asID: 206283
IP address blocks: 156.238.85.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 54334 (0xd43e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 16 20:59:06 2024 GMT
Not After : Nov 29 20:59:06 2024 GMT
Subject: CN=6739079e-7450
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:6b:04:a9:da:ef:e9:89:c6:70:14:12:52:61:
8b:09:08:fa:df:bb:b9:f3:be:40:86:a5:5e:34:c8:
75:ce:19:f0:6e:c5:fc:c3:04:f1:83:b9:41:1b:13:
96:cb:2e:13:ce:9a:71:82:ae:e1:02:4f:ef:8b:2b:
54:d9:68:c7:d3:7f:3b:95:91:09:14:42:f6:41:86:
8c:e5:26:7d:92:6a:60:af:6c:15:04:57:b5:6d:dc:
6b:47:cf:05:15:df:6a:48:f2:46:b6:32:fb:ed:14:
90:ae:b5:a0:43:48:24:16:95:61:b5:ed:21:4a:e8:
01:37:ca:63:8b:e9:58:67:cd:c9:70:2b:49:f5:03:
98:8d:da:d0:89:4c:29:47:6b:89:37:dd:00:5a:01:
eb:f8:b8:ec:7c:09:09:4a:a7:9a:8c:84:64:80:c5:
8c:31:49:a1:92:d2:d1:8d:d5:45:ef:1f:e0:5b:2e:
e8:68:76:dd:b7:42:71:93:f6:c2:1b:a0:af:59:d6:
17:4f:59:d4:e1:85:68:23:b0:93:10:be:51:b6:94:
3a:fd:14:9f:a5:3a:f0:51:dc:1c:c9:f2:9f:58:7d:
7a:ec:6f:07:d4:43:05:f4:1f:f3:40:2b:0e:d6:e9:
c4:49:c5:ce:6a:8a:4c:23:bd:32:ec:f4:e9:c5:c0:
a6:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:8B:D6:12:4E:B2:EC:2C:41:82:E5:85:7D:37:FA:79:2F:8D:E2:2E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A00A38A2A45D11EF963ED296762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.85.0/24
Signature Algorithm: sha256WithRSAEncryption
31:8c:6c:2d:be:2a:2d:91:8f:67:22:c1:cb:92:26:16:8d:97:
5c:3a:58:db:7b:98:58:95:c3:b5:13:76:a2:1e:dc:cb:33:33:
fe:72:30:2e:9d:9a:e4:84:a7:74:49:73:52:08:f3:61:5c:ac:
33:fc:64:e3:79:58:57:08:1e:6e:47:a5:41:a3:b1:20:16:d3:
0f:39:e7:d3:4e:4d:88:37:89:83:8e:2c:d9:79:90:1f:76:9c:
b3:e6:97:6e:f5:4a:4d:0b:6c:5d:1e:e9:aa:22:79:53:cc:da:
ab:3e:86:36:98:00:15:f0:5c:79:2e:ce:48:cf:a6:44:c0:05:
bb:6a:94:73:19:ea:04:19:04:c6:3f:69:bd:b0:9e:db:6e:51:
3c:01:3c:4c:be:77:0b:46:35:2a:2d:cc:b0:92:65:99:aa:63:
3c:5c:58:c0:01:c3:bb:24:4f:ca:78:b9:06:46:7b:d3:1a:7a:
7c:29:a0:83:5b:0b:fc:3a:1c:55:c0:dc:1b:65:74:9d:6c:f1:
61:4c:4c:9d:48:5d:0c:2d:05:f4:32:2c:86:10:27:d4:96:d5:
27:d9:7a:dd:b2:c8:43:dd:b4:ac:1d:48:0b:91:83:a1:c7:16:
8f:13:93:74:64:fe:1b:e0:17:49:cb:72:18:a6:ab:0f:3d:44:
c2:4c:97:60
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANQ+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTE2MjA1OTA2WhcNMjQxMTI5MjA1OTA2WjAYMRYw
FAYDVQQDEw02NzM5MDc5ZS03NDUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuGsEqdrv6YnGcBQSUmGLCQj637u5875AhqVeNMh1zhnwbsX8wwTxg7lB
GxOWyy4Tzppxgq7hAk/viytU2WjH0387lZEJFEL2QYaM5SZ9kmpgr2wVBFe1bdxr
R88FFd9qSPJGtjL77RSQrrWgQ0gkFpVhte0hSugBN8pji+lYZ83JcCtJ9QOYjdrQ
iUwpR2uJN90AWgHr+LjsfAkJSqeajIRkgMWMMUmhktLRjdVF7x/gWy7oaHbdt0Jx
k/bCG6CvWdYXT1nU4YVoI7CTEL5RtpQ6/RSfpTrwUdwcyfKfWH167G8H1EMF9B/z
QCsO1unEScXOaopMI70y7PTpxcCmawIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHOL
1hJOsuwsQYLlhX03+nkvjeIuMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BMDBBMzhBMkE0NUQxMUVGOTYzRUQyOTY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO5VMA0GCSqGSIb3DQEBCwUA
A4IBAQAxjGwtviotkY9nIsHLkiYWjZdcOljbe5hYlcO1E3aiHtzLMzP+cjAunZrk
hKd0SXNSCPNhXKwz/GTjeVhXCB5uR6VBo7EgFtMPOefTTk2IN4mDjizZeZAfdpyz
5pdu9UpNC2xdHumqInlTzNqrPoY2mAAV8Fx5Ls5Iz6ZEwAW7apRzGeoEGQTGP2m9
sJ7bblE8ATxMvncLRjUqLcywkmWZqmM8XFjAAcO7JE/KeLkGRnvTGnp8KaCDWwv8
OhxVwNwbZXSdbPFhTEydSF0MLQX0MiyGECfUltUn2XrdsshD3bSsHUgLkYOhxxaP
E5N0ZP4b4BdJy3IYpqsPPUTCTJdg
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:42 2024 by rpki-client on console-ams.rpki-client.org