Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AF5E3CD296A611EFA6A8D189762E951A.roa
File: AF5E3CD296A611EFA6A8D189762E951A.roa (raw, json)
Hash identifier: fzl4ZU9nYCnKlhYBPVFLYYBGW346fRE3vfC3iNaji3g=
Subject key identifier: 30:0C:5A:0C:CF:AF:1B:F5:4E:EB:CD:17:22:D3:62:0B:8A:14:2C:A5
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: CA15
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AF5E3CD296A611EFA6A8D189762E951A.roa
Signing time: Wed 30 Oct 2024 10:06:52 +0000
ROA not before: Wed 30 Oct 2024 10:06:48 +0000
ROA not after: Mon 25 Nov 2024 10:06:48 +0000
asID: 5068
IP address blocks: 156.224.84.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 51733 (0xca15)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Oct 30 10:06:48 2024 GMT
Not After : Nov 25 10:06:48 2024 GMT
Subject: CN=6722053c-1161
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:3f:83:e6:26:e4:ad:47:c8:a8:8a:4e:ad:d7:
d6:6c:8d:d8:cb:92:02:0f:ed:f3:09:39:dd:ef:eb:
b6:16:3e:4b:f4:10:4c:4b:b2:4b:ca:38:86:17:65:
58:85:78:48:9d:4c:81:55:c8:67:af:e5:61:3b:3e:
1b:06:6e:d7:6a:0e:2c:61:cb:d1:22:f6:a9:68:c2:
e6:9d:21:7e:10:88:9f:5b:0a:90:da:f7:6b:5d:36:
e9:29:bd:18:32:77:30:47:dc:d8:21:2a:e3:d7:e3:
dc:49:51:52:52:c0:4d:9d:76:20:d9:5a:15:ee:c1:
e7:e5:16:0c:0d:ea:20:97:a3:58:6c:ef:49:23:4e:
37:f1:01:41:c6:db:80:65:cb:6a:87:b5:f2:0a:fb:
d3:ff:c8:4d:bb:dc:ce:af:e9:fe:11:96:ab:cc:ba:
98:ff:ab:06:15:65:fb:06:86:06:14:60:e4:26:41:
4b:72:56:f9:da:3f:bd:f2:96:a3:5b:f4:cb:8d:63:
e3:6f:a0:ee:6d:eb:7b:0f:fa:07:d9:c9:c1:bd:bb:
bf:1f:55:d8:58:f3:5b:0c:4b:46:4a:62:fa:aa:0a:
2c:a2:60:17:21:39:dc:db:99:8e:9c:4b:69:9f:53:
2b:b0:85:6f:f3:c0:fa:e0:42:98:ed:31:4e:ea:96:
b9:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:0C:5A:0C:CF:AF:1B:F5:4E:EB:CD:17:22:D3:62:0B:8A:14:2C:A5
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AF5E3CD296A611EFA6A8D189762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.224.84.0/22
Signature Algorithm: sha256WithRSAEncryption
6f:ee:c6:7a:21:f5:e2:b8:37:43:21:df:9c:91:6a:29:26:3a:
d3:71:eb:f9:49:86:cc:44:93:bc:e9:18:1a:e2:a6:e8:36:12:
c4:69:62:60:24:90:71:da:af:a6:80:8b:5e:e8:ad:0f:b6:48:
73:69:57:df:a0:c4:a9:18:4d:a3:07:d0:37:b6:95:4e:f2:13:
88:24:98:48:4a:c3:d8:d2:22:61:de:cc:ee:8b:d5:41:ef:dc:
8e:0a:78:13:c6:63:1f:50:3e:6d:80:36:76:43:f7:20:5d:a0:
a7:5f:c3:de:31:d2:a5:7b:68:4e:98:e4:38:bc:90:45:d7:36:
f8:d2:c3:50:3c:9c:b1:6a:61:16:38:c1:3f:fe:cf:bf:da:54:
a4:27:a2:93:d7:03:98:c5:e5:0b:af:7e:57:94:63:20:29:7c:
4a:11:e9:5b:1a:4e:f7:66:5c:c3:b7:ec:3c:4d:60:6e:d3:74:
22:44:f9:c2:cf:f7:fc:1f:71:88:91:e7:5c:d0:46:a1:61:92:
3f:22:80:93:8d:b7:11:ed:fc:91:36:68:75:69:b0:86:28:7a:
7f:2d:b9:c6:1d:d2:68:44:6a:2e:6a:9c:35:39:78:da:6a:e4:
57:3d:f0:10:70:14:4b:f2:3e:53:1f:57:72:3a:cd:12:8f:54:
ac:b2:bf:e7
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAMoVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMDMwMTAwNjQ4WhcNMjQxMTI1MTAwNjQ4WjAYMRYw
FAYDVQQDEw02NzIyMDUzYy0xMTYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxz+D5ibkrUfIqIpOrdfWbI3Yy5ICD+3zCTnd7+u2Fj5L9BBMS7JLyjiG
F2VYhXhInUyBVchnr+VhOz4bBm7Xag4sYcvRIvapaMLmnSF+EIifWwqQ2vdrXTbp
Kb0YMncwR9zYISrj1+PcSVFSUsBNnXYg2VoV7sHn5RYMDeogl6NYbO9JI0438QFB
xtuAZctqh7XyCvvT/8hNu9zOr+n+EZarzLqY/6sGFWX7BoYGFGDkJkFLclb52j+9
8pajW/TLjWPjb6Dubet7D/oH2cnBvbu/H1XYWPNbDEtGSmL6qgosomAXITnc25mO
nEtpn1MrsIVv88D64EKY7TFO6pa5vwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDAM
WgzPrxv1TuvNFyLTYguKFCylMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BRjVFM0NEMjk2QTYxMUVGQTZBOEQxODk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnOBUMA0GCSqGSIb3DQEBCwUA
A4IBAQBv7sZ6IfXiuDdDId+ckWopJjrTcev5SYbMRJO86Rga4qboNhLEaWJgJJBx
2q+mgIte6K0PtkhzaVffoMSpGE2jB9A3tpVO8hOIJJhISsPY0iJh3szui9VB79yO
CngTxmMfUD5tgDZ2Q/cgXaCnX8PeMdKle2hOmOQ4vJBF1zb40sNQPJyxamEWOME/
/s+/2lSkJ6KT1wOYxeULr35XlGMgKXxKEelbGk73ZlzDt+w8TWBu03QiRPnCz/f8
H3GIkedc0EahYZI/IoCTjbcR7fyRNmh1abCGKHp/LbnGHdJoRGouapw1OXjaauRX
PfAQcBRL8j5TH1dyOs0Sj1Sssr/n
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:43 2024 by rpki-client on console-fra.rpki-client.org