Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A1C5C7B4983311EF8EBB4B53762E951A.roa
File: A1C5C7B4983311EF8EBB4B53762E951A.roa (raw, json)
Hash identifier: l+54AmgNjyr5EYhvKMATb5FFvB7aDZJfjlOFn53WBlg=
Subject key identifier: DD:D2:1B:2D:85:F2:0A:50:2A:D6:F1:B4:59:B6:06:D7:0D:20:20:B3
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: CB75
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A1C5C7B4983311EF8EBB4B53762E951A.roa
Signing time: Fri 01 Nov 2024 09:28:20 +0000
ROA not before: Fri 01 Nov 2024 09:28:16 +0000
ROA not after: Sun 24 Nov 2024 09:28:16 +0000
asID: 133522
IP address blocks: 156.227.32.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 52085 (0xcb75)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 1 09:28:16 2024 GMT
Not After : Nov 24 09:28:16 2024 GMT
Subject: CN=67249f34-6664
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:01:c0:54:93:27:03:60:14:f9:de:f4:8c:98:
45:ca:9f:4a:44:b7:a1:c5:41:e7:08:75:42:05:04:
d1:95:55:9f:7b:1f:97:e5:d3:f1:1b:77:d9:2d:90:
fc:4e:c3:ce:37:ab:24:2c:74:01:7c:8c:36:5f:c3:
5f:2e:42:77:1f:c0:b5:76:91:87:23:2b:20:74:42:
f7:97:76:44:f4:73:08:ad:9c:79:f8:a4:6c:2d:39:
ed:2a:4b:7b:2a:cf:a7:bc:1c:36:2a:59:58:36:11:
2e:0b:57:53:b4:08:94:be:78:b0:5f:fe:d5:80:9d:
98:7f:e8:72:83:36:70:03:2c:13:74:59:3e:3f:d4:
42:c5:51:4b:ee:9a:9d:5d:7d:28:43:ca:6b:0b:52:
e7:c4:3f:bc:d0:90:cc:c8:36:1f:02:4c:63:37:52:
21:ae:91:03:3b:f7:73:f5:6e:05:22:af:a6:7a:99:
7f:db:ad:d8:dd:21:80:6e:9b:39:06:a9:a2:1a:1d:
f3:7f:58:53:41:81:5a:b3:50:ea:e4:3f:ac:dc:6b:
f4:7b:64:2f:38:8f:a5:eb:5f:a2:5e:1b:a1:60:94:
5c:a2:ca:7f:b3:9f:ac:c5:95:da:ad:67:ff:d8:ff:
33:7f:a7:d7:7a:bc:d6:35:60:6c:5b:da:59:e0:ee:
04:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:D2:1B:2D:85:F2:0A:50:2A:D6:F1:B4:59:B6:06:D7:0D:20:20:B3
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A1C5C7B4983311EF8EBB4B53762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.32.0/19
Signature Algorithm: sha256WithRSAEncryption
46:1a:df:0b:ab:e6:c4:96:5f:fd:b6:52:a4:b3:bb:3a:06:0d:
d4:8a:50:92:bb:09:3e:7c:87:de:90:ec:4a:ee:33:54:e1:1d:
55:d7:d1:4d:a0:41:8e:77:39:1b:b2:99:86:96:3a:94:90:7b:
c5:b7:a0:d3:57:42:17:bc:b3:2f:09:d5:92:76:ed:7e:2e:1d:
9b:a5:9b:ba:11:82:02:32:5b:b8:d8:9b:a3:bd:c0:9f:4a:be:
0e:0c:7b:5a:ba:b5:4f:29:60:6f:f2:43:ec:88:61:9f:79:e5:
f7:14:e5:2e:59:70:90:ea:8e:2b:2e:21:f9:f9:32:84:c7:a5:
6e:88:0d:d2:a9:e0:82:71:91:5b:ee:f8:a6:51:f6:1d:8c:5a:
ce:7f:8d:1d:5a:0a:9f:d3:5b:4e:d8:93:5f:28:dd:dd:bd:35:
36:e2:be:5c:29:54:1d:db:c4:c9:1e:ab:f3:17:ff:2e:c2:2a:
90:82:ea:9f:bf:09:b1:08:65:de:f2:b9:3a:71:f6:11:fb:42:
4a:f2:3e:44:4e:30:33:78:32:b0:f0:67:7e:96:9c:77:c9:b6:
a3:c3:bc:2e:12:a5:40:bf:69:4e:d7:a1:c0:33:95:ed:5c:b4:
ad:10:fd:ee:15:66:0d:62:4f:68:be:5d:20:d9:ab:08:66:08:
b6:35:cf:1c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAMt1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTAxMDkyODE2WhcNMjQxMTI0MDkyODE2WjAYMRYw
FAYDVQQDEw02NzI0OWYzNC02NjY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzAHAVJMnA2AU+d70jJhFyp9KRLehxUHnCHVCBQTRlVWfex+X5dPxG3fZ
LZD8TsPON6skLHQBfIw2X8NfLkJ3H8C1dpGHIysgdEL3l3ZE9HMIrZx5+KRsLTnt
Kkt7Ks+nvBw2KllYNhEuC1dTtAiUvniwX/7VgJ2Yf+hygzZwAywTdFk+P9RCxVFL
7pqdXX0oQ8prC1LnxD+80JDMyDYfAkxjN1IhrpEDO/dz9W4FIq+mepl/263Y3SGA
bps5BqmiGh3zf1hTQYFas1Dq5D+s3Gv0e2QvOI+l61+iXhuhYJRcosp/s5+sxZXa
rWf/2P8zf6fXerzWNWBsW9pZ4O4EJwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFN3S
Gy2F8gpQKtbxtFm2BtcNICCzMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BMUM1QzdCNDk4MzMxMUVGOEVCQjRCNTM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFnOMgMA0GCSqGSIb3DQEBCwUA
A4IBAQBGGt8Lq+bEll/9tlKks7s6Bg3UilCSuwk+fIfekOxK7jNU4R1V19FNoEGO
dzkbspmGljqUkHvFt6DTV0IXvLMvCdWSdu1+Lh2bpZu6EYICMlu42JujvcCfSr4O
DHtaurVPKWBv8kPsiGGfeeX3FOUuWXCQ6o4rLiH5+TKEx6VuiA3SqeCCcZFb7vim
UfYdjFrOf40dWgqf01tO2JNfKN3dvTU24r5cKVQd28TJHqvzF/8uwiqQguqfvwmx
CGXe8rk6cfYR+0JK8j5ETjAzeDKw8Gd+lpx3ybajw7wuEqVAv2lO16HAM5XtXLSt
EP3uFWYNYk9ovl0g2asIZgi2Nc8c
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:41 2024 by rpki-client on console-fra.rpki-client.org