Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A945C682A74311EFA2630353762E951A.roa
File: A945C682A74311EFA2630353762E951A.roa (raw, json)
Hash identifier: gMlVv3t0pjWbzqnwCr/hUwVtduZQhRRZUg9WP+9Fucw=
Subject key identifier: E7:3C:C4:68:FA:5E:57:38:5F:45:DE:6F:AC:D9:19:D8:AF:B7:48:70
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D657
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A945C682A74311EFA2630353762E951A.roa
Signing time: Wed 20 Nov 2024 13:30:52 +0000
ROA not before: Wed 20 Nov 2024 13:30:48 +0000
ROA not after: Sat 30 Nov 2024 13:30:48 +0000
asID: 48031
IP address blocks: 156.246.144.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 54871 (0xd657)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 20 13:30:48 2024 GMT
Not After : Nov 30 13:30:48 2024 GMT
Subject: CN=673de48b-d458
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:9d:fb:d9:9b:39:17:ef:2a:39:58:75:82:b4:
d5:c0:6f:80:e6:65:90:f9:47:a6:64:0f:40:3d:89:
9f:9e:4a:3c:2d:f8:ab:78:99:da:f3:f9:00:42:59:
14:af:64:82:15:96:5b:96:40:90:c2:5d:cf:8b:6b:
8e:31:94:63:15:6e:9b:de:ca:30:38:44:7c:56:fa:
24:cc:f0:cd:13:f5:4f:90:26:4b:67:70:09:a5:77:
d5:63:ae:3e:fc:67:b5:a1:ad:35:ba:b5:0d:12:d7:
8a:83:3c:96:25:61:c4:1f:08:8e:66:df:89:90:4f:
6a:a1:82:5e:3c:b9:d6:5f:45:c5:d7:a2:db:64:c7:
5d:6f:08:80:9c:de:45:01:73:79:4c:4c:3f:5c:3e:
59:f0:7b:b2:0e:ce:8b:41:fe:04:c7:09:9c:61:64:
0f:79:7d:72:13:b7:92:30:20:4e:4b:9b:d7:ef:a5:
34:e6:b1:e5:28:a1:59:d9:2f:68:80:28:79:85:c5:
00:18:71:c3:c7:6e:98:ba:73:fc:6d:bc:d1:4d:ea:
3a:36:f8:35:36:8c:19:2c:76:88:2c:1e:eb:ed:45:
63:d8:53:46:10:6f:d3:8c:7d:b8:18:40:7b:3a:9d:
27:9b:8b:79:34:ff:a4:77:1f:f1:3a:84:c9:6d:90:
23:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:3C:C4:68:FA:5E:57:38:5F:45:DE:6F:AC:D9:19:D8:AF:B7:48:70
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A945C682A74311EFA2630353762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.246.144.0/23
Signature Algorithm: sha256WithRSAEncryption
53:b9:54:45:4d:c7:ff:48:d1:a3:1a:c1:a6:87:08:0e:45:53:
cf:af:57:32:f3:be:c7:66:cb:54:42:9c:85:13:8e:9e:ab:ca:
05:ff:69:d0:a3:a3:f7:c4:bf:a5:2f:1a:8a:3e:cd:e8:c4:f3:
7e:83:cd:f9:5e:75:83:e8:5f:8d:79:6f:cd:6f:6f:eb:47:2b:
c3:66:c5:14:d5:4b:c3:1b:b2:0a:0b:aa:ad:55:3e:d5:ce:f4:
ae:9f:77:6f:67:ea:68:ff:57:71:a5:16:d8:2b:49:b2:d9:17:
dc:c4:06:06:4a:d3:7b:4b:f5:1c:c3:6c:8c:1f:32:62:b8:02:
7d:cd:f7:ab:92:5d:6b:a9:9b:d5:f0:b6:cd:aa:06:34:06:5e:
74:81:a4:90:48:9c:0b:62:8b:d6:7b:fe:5c:4e:74:82:10:53:
d9:fa:9b:b4:d5:27:da:7f:8b:29:b5:20:fb:84:1e:aa:13:a5:
08:5c:03:22:03:10:33:1a:78:55:b0:53:1b:ab:83:6b:7d:81:
69:9d:42:6b:99:24:ce:20:a9:43:5a:6a:89:e0:15:ab:55:69:
77:47:01:f7:08:9a:17:35:d5:35:d4:7a:a5:77:9d:1b:80:3f:
ef:02:94:05:da:3e:1b:6a:d7:97:1c:5c:da:c5:ab:8e:d8:20:
25:da:4f:fe
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANZXMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTIwMTMzMDQ4WhcNMjQxMTMwMTMzMDQ4WjAYMRYw
FAYDVQQDEw02NzNkZTQ4Yi1kNDU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6Z372Zs5F+8qOVh1grTVwG+A5mWQ+UemZA9APYmfnko8LfireJna8/kA
QlkUr2SCFZZblkCQwl3Pi2uOMZRjFW6b3sowOER8VvokzPDNE/VPkCZLZ3AJpXfV
Y64+/Ge1oa01urUNEteKgzyWJWHEHwiOZt+JkE9qoYJePLnWX0XF16LbZMddbwiA
nN5FAXN5TEw/XD5Z8HuyDs6LQf4ExwmcYWQPeX1yE7eSMCBOS5vX76U05rHlKKFZ
2S9ogCh5hcUAGHHDx26YunP8bbzRTeo6Nvg1NowZLHaILB7r7UVj2FNGEG/TjH24
GEB7Op0nm4t5NP+kdx/xOoTJbZAjywIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOc8
xGj6Xlc4X0Xeb6zZGdivt0hwMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BOTQ1QzY4MkE3NDMxMUVGQTI2MzAzNTM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnPaQMA0GCSqGSIb3DQEBCwUA
A4IBAQBTuVRFTcf/SNGjGsGmhwgORVPPr1cy877HZstUQpyFE46eq8oF/2nQo6P3
xL+lLxqKPs3oxPN+g835XnWD6F+NeW/Nb2/rRyvDZsUU1UvDG7IKC6qtVT7VzvSu
n3dvZ+po/1dxpRbYK0my2RfcxAYGStN7S/Ucw2yMHzJiuAJ9zferkl1rqZvV8LbN
qgY0Bl50gaSQSJwLYovWe/5cTnSCEFPZ+pu01Sfaf4sptSD7hB6qE6UIXAMiAxAz
GnhVsFMbq4NrfYFpnUJrmSTOIKlDWmqJ4BWrVWl3RwH3CJoXNdU11Hqld50bgD/v
ApQF2j4bateXHFzaxauO2CAl2k/+
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:42 2024 by rpki-client on console-fra.rpki-client.org