Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A785B7D487C811EF80DEC444762E951A.roa
File: A785B7D487C811EF80DEC444762E951A.roa (raw, json)
Hash identifier: ycdVXVhtG+MrMFnOO0Fv+3nKnxUD7B+XrPioe9dD7D8=
Subject key identifier: C9:82:FA:A2:67:D3:17:D1:D9:BC:5F:6B:14:95:75:00:F6:5F:40:4B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: C3D7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A785B7D487C811EF80DEC444762E951A.roa
Signing time: Fri 11 Oct 2024 12:02:15 +0000
ROA not before: Fri 11 Oct 2024 12:02:11 +0000
ROA not after: Mon 13 Oct 2025 12:02:11 +0000
asID: 136907
IP address blocks: 156.230.64.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 50135 (0xc3d7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Oct 11 12:02:11 2024 GMT
Not After : Oct 13 12:02:11 2025 GMT
Subject: CN=670913c6-d3b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:bc:1d:21:b3:f4:9f:b4:04:3c:3e:ff:c3:78:
72:81:5a:4e:33:7b:71:10:8e:05:8b:4e:6c:b6:60:
6e:37:a3:fb:53:e1:3a:64:6f:0b:fb:46:85:25:e6:
e4:05:ab:8b:32:87:12:3d:76:7a:a9:ae:e6:e6:ef:
1a:cc:83:ea:73:7d:d3:57:96:27:84:22:75:30:e9:
10:43:4f:46:d0:c1:0c:77:73:23:d3:8a:53:80:76:
00:76:68:6b:08:3b:c5:1e:ea:b5:a4:49:83:56:0b:
95:9b:f9:be:9a:57:ce:92:f7:1b:17:90:55:92:c4:
13:84:a5:dd:d5:1d:01:3b:39:3e:b7:43:83:09:4c:
d4:16:71:f4:79:71:e9:51:e1:00:c7:62:7a:6e:9c:
89:9e:b1:92:f9:e5:6e:14:20:23:9b:ad:48:d6:6a:
11:c4:0c:49:f0:ba:20:b7:c8:d9:9b:97:9c:49:dc:
b0:30:aa:25:e6:c7:ef:7c:e3:3b:72:6b:ae:55:32:
e8:3c:0d:2e:f3:3c:33:3c:6b:75:3d:84:15:3b:9b:
9b:a1:27:df:ff:e9:88:dc:ac:f8:9e:ae:99:18:b2:
50:b6:5c:1a:f5:e2:d1:a5:5d:20:f2:3b:19:b5:a9:
e7:a7:97:d4:7c:2d:ca:fb:bf:59:25:70:b4:d7:59:
79:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:82:FA:A2:67:D3:17:D1:D9:BC:5F:6B:14:95:75:00:F6:5F:40:4B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A785B7D487C811EF80DEC444762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.230.64.0/18
Signature Algorithm: sha256WithRSAEncryption
01:3d:f0:39:1f:87:c9:47:9a:6b:36:dd:30:8a:ee:91:37:37:
7f:8d:61:52:51:03:4d:b3:32:ed:c0:9e:4b:cd:ba:a6:f0:83:
38:27:8e:a7:9e:a5:ae:04:9c:6a:89:f8:c3:1d:ea:bb:af:ee:
12:e4:e7:c3:c9:e9:3a:76:a0:25:7f:cf:21:68:d7:52:eb:be:
d2:7e:37:8b:4d:34:5c:d4:cb:3d:71:c1:36:23:98:bb:c9:bd:
d6:16:97:8a:97:41:ba:ac:e4:fc:95:1a:97:73:24:7f:57:d0:
e4:4f:53:62:11:21:4d:6e:89:d2:52:a5:3b:dd:47:9c:0a:5a:
95:99:53:4e:a3:94:7e:73:08:02:46:31:89:ed:86:81:d4:56:
4a:3e:ec:53:a7:3d:e4:6b:97:65:ae:e5:67:09:2b:ea:51:32:
e4:49:35:1e:55:e1:bb:f1:73:f3:8b:2c:5c:c2:a3:6f:ef:66:
d1:63:12:92:67:e8:dc:20:de:60:f8:21:53:79:2e:16:56:d4:
91:d7:a8:18:f6:04:12:38:7b:7c:e6:c8:6b:a1:b4:d1:e8:62:
29:14:01:0d:55:f1:e9:ea:d5:ef:bd:54:c3:aa:2e:5c:b0:73:
7c:fa:1a:0f:a5:ac:d5:6d:91:a1:f6:36:93:cc:86:91:45:63:
23:17:64:38
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAMPXMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMDExMTIwMjExWhcNMjUxMDEzMTIwMjExWjAYMRYw
FAYDVQQDEw02NzA5MTNjNi1kM2I1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAz7wdIbP0n7QEPD7/w3hygVpOM3txEI4Fi05stmBuN6P7U+E6ZG8L+0aF
JebkBauLMocSPXZ6qa7m5u8azIPqc33TV5YnhCJ1MOkQQ09G0MEMd3Mj04pTgHYA
dmhrCDvFHuq1pEmDVguVm/m+mlfOkvcbF5BVksQThKXd1R0BOzk+t0ODCUzUFnH0
eXHpUeEAx2J6bpyJnrGS+eVuFCAjm61I1moRxAxJ8Logt8jZm5ecSdywMKol5sfv
fOM7cmuuVTLoPA0u8zwzPGt1PYQVO5uboSff/+mI3Kz4nq6ZGLJQtlwa9eLRpV0g
8jsZtannp5fUfC3K+79ZJXC011l5wwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMmC
+qJn0xfR2bxfaxSVdQD2X0BLMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BNzg1QjdENDg3QzgxMUVGODBERUM0NDQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGnOZAMA0GCSqGSIb3DQEBCwUA
A4IBAQABPfA5H4fJR5prNt0wiu6RNzd/jWFSUQNNszLtwJ5Lzbqm8IM4J46nnqWu
BJxqifjDHeq7r+4S5OfDyek6dqAlf88haNdS677SfjeLTTRc1Ms9ccE2I5i7yb3W
FpeKl0G6rOT8lRqXcyR/V9DkT1NiESFNbonSUqU73UecClqVmVNOo5R+cwgCRjGJ
7YaB1FZKPuxTpz3ka5dlruVnCSvqUTLkSTUeVeG78XPziyxcwqNv72bRYxKSZ+jc
IN5g+CFTeS4WVtSR16gY9gQSOHt85shrobTR6GIpFAENVfHp6tXvvVTDqi5csHN8
+hoPpazVbZGh9jaTzIaRRWMjF2Q4
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:44 2024 by rpki-client on console-ams.rpki-client.org