Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A24F4B205F1111EF8272FB6E762E951A.roa
File: A24F4B205F1111EF8272FB6E762E951A.roa (raw, json)
Hash identifier: iKWgfptrXpoMP2NmoWOsLUy+I/mOrqAErqnIRrxcjyE=
Subject key identifier: A5:E9:B3:3D:D8:85:AD:36:BC:2B:D9:50:5F:7E:76:99:9B:EC:7E:76
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: AA2E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A24F4B205F1111EF8272FB6E762E951A.roa
Signing time: Tue 20 Aug 2024 16:31:21 +0000
ROA not before: Tue 20 Aug 2024 16:31:18 +0000
ROA not after: Fri 11 Oct 2024 16:31:18 +0000
asID: 214590
IP address blocks: 156.225.73.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 20 Sep 2024 00:16:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43566 (0xaa2e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Aug 20 16:31:18 2024 GMT
Not After : Oct 11 16:31:18 2024 GMT
Subject: CN=66c4c4d9-84f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:f6:04:88:86:3e:23:b9:a8:b4:fd:a1:86:7d:
c3:5a:87:e2:1d:26:f7:5e:1d:a8:f4:f8:ea:db:64:
47:b2:da:fa:11:6c:93:f0:04:34:55:1e:ff:e9:f4:
26:e2:23:cb:e5:f3:8f:76:44:e0:9f:b9:c3:af:70:
95:82:44:6a:90:13:db:1f:8e:35:d8:18:ff:8c:fc:
b1:a5:87:85:33:6b:7c:83:bb:f9:63:31:3b:cb:b0:
de:44:5d:57:95:50:5d:3a:eb:ed:f7:05:34:3f:da:
ba:1d:c6:1c:6c:a3:c3:7c:5c:db:c0:26:ca:44:a5:
d6:55:2a:04:98:d5:82:0a:4f:36:62:31:80:b7:fd:
1e:fa:49:36:88:71:e1:7a:0a:10:1e:82:25:55:3f:
d5:ee:d8:26:8e:6f:c8:de:dc:11:60:d8:63:50:e6:
68:8b:4c:00:6f:19:c0:a2:20:7d:e0:44:6d:f3:23:
01:04:79:2d:5c:d0:93:35:b8:bc:a0:3d:c5:f2:f1:
43:3a:85:00:de:ee:15:07:6f:92:d8:9a:93:d5:0c:
f0:aa:75:87:a8:7a:0f:a6:20:5c:f2:1f:9a:07:0d:
23:f1:cf:cb:d0:c9:6a:43:60:3f:e0:e7:ce:f6:23:
e7:bb:69:25:d7:01:04:50:eb:e5:62:6b:d6:55:c5:
14:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:E9:B3:3D:D8:85:AD:36:BC:2B:D9:50:5F:7E:76:99:9B:EC:7E:76
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A24F4B205F1111EF8272FB6E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.73.0/24
Signature Algorithm: sha256WithRSAEncryption
60:c9:f3:9c:00:3f:7b:16:5b:39:e6:22:14:d9:e0:cc:be:9f:
74:ea:2c:ab:b0:43:f0:3e:9d:3f:07:54:2c:12:44:aa:58:ab:
04:28:44:81:bd:31:a4:f2:d6:5b:9b:40:c9:07:00:ce:ba:ec:
f8:f4:3d:16:b5:09:c9:0b:c4:62:6b:6a:f7:ec:6e:2c:b0:b8:
c2:fb:6b:a7:03:57:29:98:06:56:15:92:e5:d4:ec:53:ea:4a:
8a:d6:94:16:3f:ef:35:d4:3e:0c:01:c9:48:30:62:4e:ec:73:
f2:6e:b9:0a:a3:2b:3a:23:40:df:77:96:af:84:49:7e:88:a1:
98:df:da:7c:30:a8:31:06:8f:7d:80:2d:75:90:fc:9b:56:c2:
a7:39:72:7e:f1:7d:c5:d3:fa:b2:d7:62:5e:3c:88:d6:89:3c:
48:94:41:1b:82:2e:db:dd:ac:f1:2d:67:de:59:85:ac:30:3d:
7c:bd:41:cb:f5:39:30:af:cb:2a:6a:82:1a:da:53:b1:e7:30:
a7:34:06:f9:1a:ec:d4:13:c6:a0:73:f6:e3:89:7d:6a:09:75:
cd:dc:b1:b7:46:38:b6:7a:d6:df:d4:b7:29:95:91:3b:ba:70:
c4:25:31:1a:90:c3:3a:f3:80:8c:25:66:51:0a:29:aa:21:1f:
2e:5e:c6:d1
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAKouMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwODIwMTYzMTE4WhcNMjQxMDExMTYzMTE4WjAYMRYw
FAYDVQQDEw02NmM0YzRkOS04NGYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0PYEiIY+I7motP2hhn3DWofiHSb3Xh2o9Pjq22RHstr6EWyT8AQ0VR7/
6fQm4iPL5fOPdkTgn7nDr3CVgkRqkBPbH4412Bj/jPyxpYeFM2t8g7v5YzE7y7De
RF1XlVBdOuvt9wU0P9q6HcYcbKPDfFzbwCbKRKXWVSoEmNWCCk82YjGAt/0e+kk2
iHHhegoQHoIlVT/V7tgmjm/I3twRYNhjUOZoi0wAbxnAoiB94ERt8yMBBHktXNCT
Nbi8oD3F8vFDOoUA3u4VB2+S2JqT1QzwqnWHqHoPpiBc8h+aBw0j8c/L0MlqQ2A/
4OfO9iPnu2kl1wEEUOvlYmvWVcUUbwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKXp
sz3Yha02vCvZUF9+dpmb7H52MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BMjRGNEIyMDVGMTExMUVGODI3MkZCNkU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOFJMA0GCSqGSIb3DQEBCwUA
A4IBAQBgyfOcAD97Fls55iIU2eDMvp906iyrsEPwPp0/B1QsEkSqWKsEKESBvTGk
8tZbm0DJBwDOuuz49D0WtQnJC8Ria2r37G4ssLjC+2unA1cpmAZWFZLl1OxT6kqK
1pQWP+811D4MAclIMGJO7HPybrkKoys6I0Dfd5avhEl+iKGY39p8MKgxBo99gC11
kPybVsKnOXJ+8X3F0/qy12JePIjWiTxIlEEbgi7b3azxLWfeWYWsMD18vUHL9Tkw
r8sqaoIa2lOx5zCnNAb5GuzUE8agc/bjiX1qCXXN3LG3Rji2etbf1LcplZE7unDE
JTEakMM684CMJWZRCimqIR8uXsbR
-----END CERTIFICATE-----
Generated at Wed Sep 18 10:24:44 2024 by rpki-client on console-ams.rpki-client.org