Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A3A223DAA32C11EFB79D33A9762E951A.roa
File: A3A223DAA32C11EFB79D33A9762E951A.roa (raw, json)
Hash identifier: btDmjySq/hJ/mLPr9vVM4bynCm0xEPAgTnplorPvIOM=
Subject key identifier: EC:EE:20:1E:E6:99:E7:13:18:1B:5E:FF:1B:3C:AE:10:10:BB:B4:53
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D2DD
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A3A223DAA32C11EFB79D33A9762E951A.roa
Signing time: Fri 15 Nov 2024 08:35:59 +0000
ROA not before: Fri 15 Nov 2024 08:35:55 +0000
ROA not after: Tue 17 Dec 2024 08:35:55 +0000
asID: 14315
IP address blocks: 156.224.64.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 53981 (0xd2dd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 15 08:35:55 2024 GMT
Not After : Dec 17 08:35:55 2024 GMT
Subject: CN=673707ef-3c7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:28:21:67:b6:c1:c5:b7:1c:a7:be:30:1d:4a:
8c:c2:d8:7f:f6:d9:7b:99:b3:99:73:d0:4e:08:d4:
e5:ca:46:e5:97:fe:1f:f3:aa:dc:4d:80:36:39:78:
08:b5:0e:5e:58:d1:b6:e8:54:ea:97:79:34:a4:20:
4c:89:85:14:90:fd:01:96:6f:fa:d2:82:e3:39:6c:
2d:1d:d7:68:a6:ec:57:51:f8:0d:e1:fc:fa:12:d4:
32:8c:78:24:c2:83:d8:1f:c2:0d:8b:a8:e4:fc:aa:
6f:6e:87:b8:29:12:08:be:35:a1:e5:38:97:d5:b9:
f3:e5:3f:37:ed:09:6e:79:ba:78:ae:19:64:f9:80:
dd:3b:38:39:14:83:81:7a:b5:9b:55:7e:0b:9a:7f:
9b:24:a8:01:84:4e:52:53:d5:ea:d1:3f:31:3e:7f:
42:dd:ec:11:a2:25:c4:a8:7b:67:e1:1f:6d:9d:c0:
8e:f4:26:60:0f:18:87:88:fc:b5:55:58:a7:61:9f:
8d:0e:24:62:67:85:56:a9:68:c4:f6:24:e1:cf:d1:
03:5c:05:6b:85:cb:63:ed:e9:e7:15:3a:a3:49:2d:
02:3a:83:6c:7d:4f:90:15:ce:f3:bd:7e:56:2f:6f:
13:d0:07:b9:dd:f6:e4:c1:69:b5:0f:2d:ae:34:5a:
c0:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:EE:20:1E:E6:99:E7:13:18:1B:5E:FF:1B:3C:AE:10:10:BB:B4:53
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A3A223DAA32C11EFB79D33A9762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.224.64.0/22
Signature Algorithm: sha256WithRSAEncryption
2b:e2:11:83:3f:57:4e:42:72:39:23:42:1b:8d:64:a6:79:bd:
7b:d2:38:b6:96:c9:f7:0e:80:32:e5:33:df:90:7a:7e:9c:ac:
c7:c9:b2:4b:3f:09:a4:6a:39:3c:a7:73:21:66:d6:7b:9a:fe:
34:51:d3:6a:d3:89:8d:ff:cd:eb:2e:3b:c3:c3:e6:2d:66:90:
71:32:f4:8f:2c:19:d8:69:a0:37:ea:6d:8e:a1:bd:43:67:5e:
be:c7:dd:16:dd:2a:ff:ab:29:ec:1c:9e:d1:1f:ad:60:ce:fb:
3b:cf:59:3a:6c:d1:23:8f:8f:8b:26:55:ae:bc:5b:ed:b4:d3:
7a:5c:c1:76:4c:ee:ad:3e:b2:0a:15:14:c5:f2:52:f6:85:c9:
2a:3c:c7:96:f5:1d:9e:83:c2:15:07:00:a9:01:a2:38:08:83:
16:ec:2c:3c:a1:e8:5d:a2:b1:14:32:90:47:e7:fd:48:9d:8e:
7a:13:c5:f4:8a:5e:7a:ea:3b:e8:53:64:42:40:a2:5e:31:93:
51:d5:c3:1b:c8:1d:9e:fa:dc:01:ee:b8:09:72:3c:7e:f4:d9:
33:e6:3a:34:80:be:ba:5c:f2:b9:44:2c:bd:ed:18:0d:6d:1d:
5a:9a:f0:d6:13:a6:02:56:d8:d2:0a:46:b8:0a:f6:64:39:61:
89:7d:08:21
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANLdMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTE1MDgzNTU1WhcNMjQxMjE3MDgzNTU1WjAYMRYw
FAYDVQQDEw02NzM3MDdlZi0zYzdiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArighZ7bBxbccp74wHUqMwth/9tl7mbOZc9BOCNTlykbll/4f86rcTYA2
OXgItQ5eWNG26FTql3k0pCBMiYUUkP0Blm/60oLjOWwtHddopuxXUfgN4fz6EtQy
jHgkwoPYH8INi6jk/Kpvboe4KRIIvjWh5TiX1bnz5T837Qluebp4rhlk+YDdOzg5
FIOBerWbVX4Lmn+bJKgBhE5SU9Xq0T8xPn9C3ewRoiXEqHtn4R9tncCO9CZgDxiH
iPy1VVinYZ+NDiRiZ4VWqWjE9iThz9EDXAVrhctj7ennFTqjSS0COoNsfU+QFc7z
vX5WL28T0Ae53fbkwWm1Dy2uNFrAywIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOzu
IB7mmecTGBte/xs8rhAQu7RTMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BM0EyMjNEQUEzMkMxMUVGQjc5RDMzQTk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnOBAMA0GCSqGSIb3DQEBCwUA
A4IBAQAr4hGDP1dOQnI5I0IbjWSmeb170ji2lsn3DoAy5TPfkHp+nKzHybJLPwmk
ajk8p3MhZtZ7mv40UdNq04mN/83rLjvDw+YtZpBxMvSPLBnYaaA36m2Oob1DZ16+
x90W3Sr/qynsHJ7RH61gzvs7z1k6bNEjj4+LJlWuvFvttNN6XMF2TO6tPrIKFRTF
8lL2hckqPMeW9R2eg8IVBwCpAaI4CIMW7Cw8oehdorEUMpBH5/1InY56E8X0il56
6jvoU2RCQKJeMZNR1cMbyB2e+twB7rgJcjx+9Nkz5jo0gL66XPK5RCy97RgNbR1a
mvDWE6YCVtjSCka4CvZkOWGJfQgh
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:43 2024 by rpki-client on console-ams.rpki-client.org