Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AACCE61CA73811EFA4DDC08C762E951A.roa
File: AACCE61CA73811EFA4DDC08C762E951A.roa (raw, json)
Hash identifier: Y/KTmJ+x1Dih/Gx0/2nMomRZShbRBnNV3lq8JsCUTt4=
Subject key identifier: 65:82:42:27:F4:95:29:68:84:2E:89:B9:B3:E3:BC:C1:C8:AC:B3:8B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D607
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AACCE61CA73811EFA4DDC08C762E951A.roa
Signing time: Wed 20 Nov 2024 12:12:10 +0000
ROA not before: Wed 20 Nov 2024 12:12:06 +0000
ROA not after: Tue 13 May 2025 12:12:06 +0000
asID: 40065
IP address blocks: 156.224.16.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 54791 (0xd607)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 20 12:12:06 2024 GMT
Not After : May 13 12:12:06 2025 GMT
Subject: CN=673dd21a-34da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:97:0b:5b:36:9d:85:b6:96:01:b4:f6:4e:1b:
da:7b:0a:09:0e:3e:55:97:23:18:04:fc:0d:56:99:
d9:bc:91:f0:d8:3e:ee:11:1f:0e:05:84:a5:01:c6:
86:7c:29:0f:f0:1d:15:13:7f:71:b0:82:71:b3:c8:
e6:9a:d9:fd:fd:6e:63:43:fe:15:04:91:50:86:d4:
9b:cc:74:d3:3f:bd:56:88:02:0a:75:37:3f:b1:15:
08:3b:5e:c0:c1:28:2b:dc:4e:52:1a:d4:51:80:84:
84:39:b5:fb:a3:ff:27:ba:ca:84:f5:19:6d:da:7d:
bd:da:52:46:47:b7:1b:51:44:2c:59:3a:14:f1:d3:
75:14:ff:e5:77:33:03:29:87:d3:bb:4a:78:2b:29:
9b:84:0f:51:89:67:8b:a2:b7:ee:65:12:7c:01:cf:
ae:c5:52:bd:88:f3:29:21:2b:75:cd:36:7e:10:32:
b7:a1:5d:64:d5:bf:08:fa:af:a2:bc:3b:21:99:22:
64:f3:42:0a:b4:85:52:fc:46:9a:8f:87:2d:66:c1:
11:23:9f:4b:88:c5:70:62:8f:a6:8c:87:fc:1c:15:
d3:c6:81:67:51:37:4e:90:b5:1d:ec:71:e4:d0:d9:
36:c1:f3:00:cb:ed:c5:84:2d:0a:d4:9a:e3:d1:28:
0a:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:82:42:27:F4:95:29:68:84:2E:89:B9:B3:E3:BC:C1:C8:AC:B3:8B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AACCE61CA73811EFA4DDC08C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.224.16.0/23
Signature Algorithm: sha256WithRSAEncryption
a7:13:7e:47:32:99:4a:dd:92:ec:ac:9f:fe:21:16:a5:9b:75:
20:8e:a4:b4:a6:f4:d2:55:d2:cf:ba:40:05:1a:5e:09:9c:fa:
6a:d7:ee:fc:0b:60:32:93:d0:59:97:76:f5:9c:c4:b7:fc:bc:
58:84:3e:a4:5a:60:3a:ae:10:5f:23:1a:ba:58:6e:3b:f9:7b:
2a:c4:c7:94:ba:d7:5b:6c:db:28:f7:ad:37:1f:24:05:5d:72:
31:d8:99:a2:9a:66:3f:da:d5:0f:95:3d:aa:79:d1:24:28:fa:
f3:53:2d:47:fd:0a:3d:03:e7:fc:c5:e6:5f:62:e6:35:54:41:
45:a1:a2:09:73:1b:2b:12:7f:ee:3f:ea:e8:65:18:71:7b:5a:
a0:0c:fb:18:c9:98:5b:08:40:4b:4c:a4:17:8b:7b:17:19:c9:
b8:5f:ba:70:57:65:2e:58:45:c9:23:8c:10:ce:05:fa:13:2e:
a3:1e:f9:64:34:48:85:b5:7e:ae:2b:ce:d9:60:c7:bc:ee:ef:
a6:b8:e5:67:ed:95:f2:25:fa:73:76:ae:9d:4f:2a:f4:e2:5d:
5f:e9:eb:51:06:c2:55:cc:19:8e:ec:60:87:3a:b6:2c:b4:39:
09:d9:52:8e:8b:5f:f1:e7:1b:1d:b4:63:68:89:4a:b6:00:d9:
bf:20:6a:63
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANYHMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTIwMTIxMjA2WhcNMjUwNTEzMTIxMjA2WjAYMRYw
FAYDVQQDEw02NzNkZDIxYS0zNGRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxJcLWzadhbaWAbT2ThvaewoJDj5VlyMYBPwNVpnZvJHw2D7uER8OBYSl
AcaGfCkP8B0VE39xsIJxs8jmmtn9/W5jQ/4VBJFQhtSbzHTTP71WiAIKdTc/sRUI
O17AwSgr3E5SGtRRgISEObX7o/8nusqE9Rlt2n292lJGR7cbUUQsWToU8dN1FP/l
dzMDKYfTu0p4KymbhA9RiWeLorfuZRJ8Ac+uxVK9iPMpISt1zTZ+EDK3oV1k1b8I
+q+ivDshmSJk80IKtIVS/Eaaj4ctZsERI59LiMVwYo+mjIf8HBXTxoFnUTdOkLUd
7HHk0Nk2wfMAy+3FhC0K1Jrj0SgKxQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGWC
Qif0lSlohC6JubPjvMHIrLOLMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BQUNDRTYxQ0E3MzgxMUVGQTREREMwOEM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnOAQMA0GCSqGSIb3DQEBCwUA
A4IBAQCnE35HMplK3ZLsrJ/+IRalm3UgjqS0pvTSVdLPukAFGl4JnPpq1+78C2Ay
k9BZl3b1nMS3/LxYhD6kWmA6rhBfIxq6WG47+XsqxMeUutdbbNso9603HyQFXXIx
2JmimmY/2tUPlT2qedEkKPrzUy1H/Qo9A+f8xeZfYuY1VEFFoaIJcxsrEn/uP+ro
ZRhxe1qgDPsYyZhbCEBLTKQXi3sXGcm4X7pwV2UuWEXJI4wQzgX6Ey6jHvlkNEiF
tX6uK87ZYMe87u+muOVn7ZXyJfpzdq6dTyr04l1f6etRBsJVzBmO7GCHOrYstDkJ
2VKOi1/x5xsdtGNoiUq2ANm/IGpj
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:44 2024 by rpki-client on console-ams.rpki-client.org