Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AB7DD27EA25B11EF811DC376762E951A.roa
File: AB7DD27EA25B11EF811DC376762E951A.roa (raw, json)
Hash identifier: jAMm8he+1bOi/JdlkFBESRbft+h9o9RIFhD5+Bux9Z0=
Subject key identifier: 6B:A3:28:F8:2A:CC:89:B1:F2:6F:2B:9C:1A:6B:FA:FD:1B:F6:E9:E7
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D273
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AB7DD27EA25B11EF811DC376762E951A.roa
Signing time: Thu 14 Nov 2024 07:40:07 +0000
ROA not before: Thu 14 Nov 2024 07:40:04 +0000
ROA not after: Tue 10 Dec 2024 07:40:04 +0000
asID: 64267
IP address blocks: 156.248.100.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 53875 (0xd273)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 14 07:40:04 2024 GMT
Not After : Dec 10 07:40:04 2024 GMT
Subject: CN=6735a957-2940
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:6c:a3:c3:c2:b3:2f:10:39:ad:c9:b6:45:6f:
11:65:22:31:03:72:a8:9f:09:d5:d3:7f:39:68:9c:
d1:80:c4:a8:55:d4:44:2b:62:bc:d9:04:d0:c1:a2:
6e:6a:8b:d3:e6:b0:fa:c5:d0:3f:16:39:91:74:d5:
ed:c3:7e:88:24:1b:f8:78:c4:3c:5e:3c:19:df:fb:
e7:af:e8:b2:3d:3d:65:db:2f:a6:86:c0:d6:88:9e:
c6:cc:08:2f:9a:26:38:35:dd:f1:31:57:97:55:33:
0a:c4:f3:1f:dd:08:40:a9:b8:70:20:08:de:e9:67:
b4:f2:36:3b:b9:65:38:29:3d:79:82:52:d7:51:9c:
7f:73:2b:55:db:bb:41:85:a7:bc:aa:e9:db:ce:ef:
f6:ad:74:6c:8d:e6:f7:69:72:eb:8a:55:e3:81:4e:
6c:bb:0a:28:d2:e8:45:55:48:03:9d:7e:68:0d:19:
e8:4f:ce:d8:df:08:93:24:80:c7:20:80:1e:c6:91:
c9:7d:26:89:51:7f:7f:e3:2a:6b:9e:76:a7:0a:37:
ef:35:0f:82:25:31:26:b7:ed:b4:88:64:ab:78:ef:
e8:0f:d0:b2:ea:ce:16:7e:54:3c:dc:ba:7a:54:f6:
42:92:a7:e2:d7:68:1d:8d:b2:fa:16:21:fe:4e:b1:
f3:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:A3:28:F8:2A:CC:89:B1:F2:6F:2B:9C:1A:6B:FA:FD:1B:F6:E9:E7
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AB7DD27EA25B11EF811DC376762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.248.100.0/23
Signature Algorithm: sha256WithRSAEncryption
9b:52:3e:32:4d:cd:c1:96:01:ab:4c:7f:60:10:df:8a:69:cb:
54:fb:8e:9c:6f:2a:fe:0b:1f:ec:23:6d:b5:3f:5e:51:b0:9e:
33:88:d4:f6:ac:f5:ed:14:e0:5d:f3:e1:e5:12:5e:95:62:df:
f9:8e:fc:c6:ec:2d:3d:9a:b8:60:12:36:1a:7d:a0:55:48:ce:
4d:7a:15:28:35:e9:d0:69:b8:8e:ef:50:ea:6c:d7:e2:0b:cf:
08:1d:26:1e:4d:a0:26:58:6d:15:6f:21:d1:29:86:54:d6:b9:
5f:a0:28:a4:a2:c2:79:be:76:bb:b3:b0:45:fe:8e:9b:1b:1e:
2f:f2:db:12:3e:d3:0c:a9:d4:31:70:7c:3f:b2:3f:44:b9:30:
8b:d4:cd:40:4b:1f:29:de:87:34:f5:d5:41:69:7e:cb:cb:07:
a2:9b:7d:14:56:b2:0c:15:86:f3:0f:4d:6c:54:1a:49:93:4f:
b6:31:31:17:f1:1a:ca:02:1b:7d:c7:d9:e1:01:0f:f2:c7:10:
f3:81:aa:e1:88:3c:05:73:8a:45:49:ed:ae:68:0e:ab:e9:73:
58:8d:ed:33:74:c2:dc:cc:27:cd:e9:41:f7:da:d0:3e:ed:c5:
aa:2e:d1:81:8c:25:4a:96:66:47:ca:48:a7:3a:a8:d3:53:7d:
05:8c:54:b3
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANJzMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTE0MDc0MDA0WhcNMjQxMjEwMDc0MDA0WjAYMRYw
FAYDVQQDEw02NzM1YTk1Ny0yOTQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA42yjw8KzLxA5rcm2RW8RZSIxA3KonwnV0385aJzRgMSoVdREK2K82QTQ
waJuaovT5rD6xdA/FjmRdNXtw36IJBv4eMQ8XjwZ3/vnr+iyPT1l2y+mhsDWiJ7G
zAgvmiY4Nd3xMVeXVTMKxPMf3QhAqbhwIAje6We08jY7uWU4KT15glLXUZx/cytV
27tBhae8qunbzu/2rXRsjeb3aXLrilXjgU5suwoo0uhFVUgDnX5oDRnoT87Y3wiT
JIDHIIAexpHJfSaJUX9/4yprnnanCjfvNQ+CJTEmt+20iGSreO/oD9Cy6s4WflQ8
3Lp6VPZCkqfi12gdjbL6FiH+TrHzgwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGuj
KPgqzImx8m8rnBpr+v0b9unnMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BQjdERDI3RUEyNUIxMUVGODExREMzNzY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnPhkMA0GCSqGSIb3DQEBCwUA
A4IBAQCbUj4yTc3BlgGrTH9gEN+KactU+46cbyr+Cx/sI221P15RsJ4ziNT2rPXt
FOBd8+HlEl6VYt/5jvzG7C09mrhgEjYafaBVSM5NehUoNenQabiO71DqbNfiC88I
HSYeTaAmWG0VbyHRKYZU1rlfoCikosJ5vna7s7BF/o6bGx4v8tsSPtMMqdQxcHw/
sj9EuTCL1M1ASx8p3oc09dVBaX7Lyweim30UVrIMFYbzD01sVBpJk0+2MTEX8RrK
Aht9x9nhAQ/yxxDzgarhiDwFc4pFSe2uaA6r6XNYje0zdMLczCfN6UH32tA+7cWq
LtGBjCVKlmZHykinOqjTU30FjFSz
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:44 2024 by rpki-client on console-ams.rpki-client.org