Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/ABC0AF9AA43611EFBEA3A3A4762E951A.roa
File: ABC0AF9AA43611EFBEA3A3A4762E951A.roa (raw, json)
Hash identifier: tje1oHFxj/f4MlgdmgwAMluLJ6cWMa+u1nTHnA8hvZ4=
Subject key identifier: FA:3B:BD:CE:B2:EB:CE:3A:10:D7:72:D2:8D:C8:F9:8C:E3:13:3F:EE
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D33C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/ABC0AF9AA43611EFBEA3A3A4762E951A.roa
Signing time: Sat 16 Nov 2024 16:20:19 +0000
ROA not before: Sat 16 Nov 2024 16:20:15 +0000
ROA not after: Wed 18 Dec 2024 16:20:15 +0000
asID: 213993
IP address blocks: 156.253.234.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 54076 (0xd33c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 16 16:20:15 2024 GMT
Not After : Dec 18 16:20:15 2024 GMT
Subject: CN=6738c643-d027
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:82:b8:c2:57:41:ed:91:a8:67:67:85:bb:ce:
09:72:e8:66:6b:14:56:76:d5:f9:d7:0d:88:36:e3:
7b:cb:d9:8a:31:e3:c0:d6:3a:80:1d:78:c3:c8:11:
76:d8:93:a5:fb:f0:65:0c:15:1a:e1:7b:07:4c:41:
cc:79:7d:b5:4e:37:d9:3c:8a:9c:eb:ce:0e:e7:df:
41:15:75:61:ed:2c:3d:1a:4b:0e:8b:ec:7d:65:62:
92:38:64:4f:af:67:a1:c5:84:99:cb:42:cc:dc:e0:
17:0e:1b:14:32:a5:e3:21:80:8d:4a:21:2a:77:28:
61:56:ef:5d:bd:43:72:1a:c9:a2:82:50:03:ed:ac:
2f:30:38:2c:51:cd:6c:e8:70:d2:cd:0d:a6:82:39:
dc:6e:ad:9c:e8:8f:fb:bb:74:19:52:f2:0c:68:46:
c9:27:3e:d1:ad:21:b2:b3:11:00:15:46:df:55:73:
b6:a0:44:7c:b1:08:30:06:c9:fe:7f:1c:5f:ef:84:
8a:ac:14:7f:79:f1:df:7a:72:e9:5f:a9:d0:b6:fb:
64:37:30:ac:82:c3:cf:6f:02:24:16:27:f1:67:ac:
ed:ae:3a:37:30:92:fc:31:de:2d:57:09:32:7a:66:
1c:1a:71:e4:7e:b2:3a:9f:1c:ed:4d:43:a2:fc:41:
29:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:3B:BD:CE:B2:EB:CE:3A:10:D7:72:D2:8D:C8:F9:8C:E3:13:3F:EE
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/ABC0AF9AA43611EFBEA3A3A4762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.253.234.0/23
Signature Algorithm: sha256WithRSAEncryption
46:36:fc:82:0b:6a:cd:6b:95:ce:d3:3d:ef:21:78:4c:55:96:
e0:7e:62:24:a8:60:05:65:5c:af:c2:be:f7:18:e9:1e:bc:1c:
54:b2:a3:12:f8:4a:b4:2a:f6:46:21:f2:6b:6f:b1:6b:4d:db:
a3:59:1d:a9:e4:34:7d:bf:f4:7e:97:77:d7:5e:9b:11:bc:f1:
7d:93:3e:cb:8b:68:a2:4a:55:b8:5b:04:21:13:3d:22:cf:fa:
80:fe:25:86:c7:5e:58:24:2e:7d:c8:89:e2:e6:6c:4b:68:cc:
a5:96:1f:7c:7e:ca:90:21:5a:72:96:14:2c:3b:e3:39:0a:01:
ac:32:48:2c:78:c2:e0:aa:01:e0:37:e2:2d:47:db:d8:4e:23:
61:af:8b:3e:22:e6:fc:63:2d:ac:93:cd:d7:bb:9f:fb:34:fe:
bb:b9:f0:53:3e:08:23:1e:56:28:fe:84:dc:a4:bf:75:9e:bc:
3d:f0:79:99:78:c6:13:5e:55:f5:21:53:4b:fe:4f:c8:90:6e:
ca:0e:89:e2:5c:b2:ae:c4:89:40:87:80:1c:f7:f7:73:0b:5b:
51:c1:d1:aa:21:2b:db:5b:2c:49:8b:d1:3e:10:84:bb:a6:ce:
30:d3:59:41:2f:2b:01:47:63:4c:43:e4:1b:70:49:00:f1:8a:
79:90:ef:7e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANM8MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTE2MTYyMDE1WhcNMjQxMjE4MTYyMDE1WjAYMRYw
FAYDVQQDEw02NzM4YzY0My1kMDI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAm4K4wldB7ZGoZ2eFu84JcuhmaxRWdtX51w2INuN7y9mKMePA1jqAHXjD
yBF22JOl+/BlDBUa4XsHTEHMeX21TjfZPIqc684O599BFXVh7Sw9GksOi+x9ZWKS
OGRPr2ehxYSZy0LM3OAXDhsUMqXjIYCNSiEqdyhhVu9dvUNyGsmiglAD7awvMDgs
Uc1s6HDSzQ2mgjncbq2c6I/7u3QZUvIMaEbJJz7RrSGysxEAFUbfVXO2oER8sQgw
Bsn+fxxf74SKrBR/efHfenLpX6nQtvtkNzCsgsPPbwIkFifxZ6ztrjo3MJL8Md4t
VwkyemYcGnHkfrI6nxztTUOi/EEpVwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPo7
vc6y6846ENdy0o3I+YzjEz/uMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BQkMwQUY5QUE0MzYxMUVGQkVBM0EzQTQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnP3qMA0GCSqGSIb3DQEBCwUA
A4IBAQBGNvyCC2rNa5XO0z3vIXhMVZbgfmIkqGAFZVyvwr73GOkevBxUsqMS+Eq0
KvZGIfJrb7FrTdujWR2p5DR9v/R+l3fXXpsRvPF9kz7Li2iiSlW4WwQhEz0iz/qA
/iWGx15YJC59yIni5mxLaMyllh98fsqQIVpylhQsO+M5CgGsMkgseMLgqgHgN+It
R9vYTiNhr4s+Iub8Yy2sk83Xu5/7NP67ufBTPggjHlYo/oTcpL91nrw98HmZeMYT
XlX1IVNL/k/IkG7KDoniXLKuxIlAh4Ac9/dzC1tRwdGqISvbWyxJi9E+EIS7ps4w
01lBLysBR2NMQ+QbcEkA8Yp5kO9+
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:43 2024 by rpki-client on console-fra.rpki-client.org