Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AF8CA196286311EFAD1194F27CDC24C2.roa
File: AF8CA196286311EFAD1194F27CDC24C2.roa (raw, json)
Hash identifier: LyhSDCt8LkRA/ApgaZVF5uC2Ownn8rqKr2kM10GgkKk=
Subject key identifier: 04:10:21:1B:59:E3:54:09:49:23:E9:AE:ED:43:11:5B:B8:49:52:EF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 90C5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AF8CA196286311EFAD1194F27CDC24C2.roa
Signing time: Wed 12 Jun 2024 02:30:09 +0000
ROA not before: Wed 12 Jun 2024 02:30:03 +0000
ROA not after: Sun 15 Jun 2025 02:30:03 +0000
asID: 138678
IP address blocks: 156.249.1.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 37061 (0x90c5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jun 12 02:30:03 2024 GMT
Not After : Jun 15 02:30:03 2025 GMT
Subject: CN=66690830-de23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:81:1d:aa:11:e2:07:9b:b4:f0:bd:e9:4f:62:
b6:23:45:a6:d2:56:78:23:78:27:db:f7:9b:85:e7:
8f:e5:16:24:f4:c0:7d:03:69:cf:71:53:c3:b6:60:
37:91:ae:db:dc:4f:84:22:44:9f:f9:32:28:19:3a:
cb:8c:e1:7e:d2:f9:af:e4:21:89:2d:97:e5:fd:33:
30:53:03:51:98:46:ec:18:4e:2f:5e:28:ed:9e:20:
00:f3:df:1f:1d:72:4a:f0:2c:18:1f:d0:aa:82:52:
a5:ef:67:a3:6f:fe:13:21:15:d1:e7:86:73:6e:eb:
3a:f1:47:30:f8:30:f5:fb:94:96:d2:55:3d:9a:fb:
d2:dd:30:2f:20:05:8a:ab:62:28:12:d4:41:e8:f4:
9c:3d:0c:df:d8:43:f4:a9:43:7d:88:56:dc:7b:0d:
ba:e3:d6:69:28:88:7b:0d:17:c3:8f:92:89:20:01:
3a:68:c1:5b:92:e8:b4:da:cb:7b:28:5a:59:f2:00:
1d:1e:17:33:17:39:20:04:60:bb:09:3f:eb:00:be:
70:0b:51:be:f2:de:79:0f:99:4c:65:5c:7a:91:d4:
9d:73:ff:67:9f:f6:f2:34:8b:99:cc:2a:74:e2:8b:
25:85:bb:db:9d:1c:6c:da:f8:f8:e3:13:05:e4:fc:
4a:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:10:21:1B:59:E3:54:09:49:23:E9:AE:ED:43:11:5B:B8:49:52:EF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AF8CA196286311EFAD1194F27CDC24C2.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.249.1.0/24
Signature Algorithm: sha256WithRSAEncryption
63:f3:b6:9a:7a:77:a4:c4:d2:2d:f7:74:d5:10:39:f6:f4:e9:
e8:7a:9f:35:06:a8:b2:0e:fa:ee:0c:97:a1:93:dd:4f:47:a1:
5c:a2:b5:54:b3:cf:db:7a:6a:51:29:1c:59:b4:44:91:ea:a5:
aa:da:ca:d1:8c:f1:df:14:1b:cf:aa:c9:cb:3f:2e:d5:3e:26:
00:43:36:24:b7:09:30:fa:43:dd:8a:42:7a:18:f0:05:de:73:
f2:9c:c8:57:dd:89:c4:0d:57:cd:88:9f:75:56:f7:6a:f0:96:
21:58:1f:47:51:d5:d6:98:9e:15:29:ac:6a:79:b1:1c:e1:6c:
ef:54:35:b0:f2:80:c3:d7:cf:c5:c5:f1:eb:f8:78:f7:93:35:
59:de:d9:60:bf:00:fc:07:83:18:33:ef:93:d8:eb:0b:89:5a:
9b:3d:64:d8:2e:a8:88:41:62:e5:96:83:9d:51:47:19:9e:2f:
b2:90:45:17:3c:c7:db:9f:31:8b:f3:ff:c4:3b:94:0e:21:5c:
08:47:ba:b3:e5:99:f7:ec:47:9e:d0:ae:1c:55:50:88:01:0c:
29:f0:f3:60:d8:8b:bf:94:e7:9e:cf:7a:94:a6:26:cd:5f:56:
b1:9b:b7:27:cc:9c:a2:fc:6b:2e:2e:29:4e:8c:19:4c:e3:78:
bd:12:b7:fc
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAJDFMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNjEyMDIzMDAzWhcNMjUwNjE1MDIzMDAzWjAYMRYw
FAYDVQQDEw02NjY5MDgzMC1kZTIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvoEdqhHiB5u08L3pT2K2I0Wm0lZ4I3gn2/ebheeP5RYk9MB9A2nPcVPD
tmA3ka7b3E+EIkSf+TIoGTrLjOF+0vmv5CGJLZfl/TMwUwNRmEbsGE4vXijtniAA
898fHXJK8CwYH9CqglKl72ejb/4TIRXR54Zzbus68Ucw+DD1+5SW0lU9mvvS3TAv
IAWKq2IoEtRB6PScPQzf2EP0qUN9iFbcew2649ZpKIh7DRfDj5KJIAE6aMFbkui0
2st7KFpZ8gAdHhczFzkgBGC7CT/rAL5wC1G+8t55D5lMZVx6kdSdc/9nn/byNIuZ
zCp04oslhbvbnRxs2vj44xMF5PxKiwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAQQ
IRtZ41QJSSPpru1DEVu4SVLvMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BRjhDQTE5NjI4NjMxMUVGQUQxMTk0RjI3Q0RDMjRDMi5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPkBMA0GCSqGSIb3DQEBCwUA
A4IBAQBj87aaenekxNIt93TVEDn29Onoep81BqiyDvruDJehk91PR6FcorVUs8/b
empRKRxZtESR6qWq2srRjPHfFBvPqsnLPy7VPiYAQzYktwkw+kPdikJ6GPAF3nPy
nMhX3YnEDVfNiJ91Vvdq8JYhWB9HUdXWmJ4VKaxqebEc4WzvVDWw8oDD18/FxfHr
+Hj3kzVZ3tlgvwD8B4MYM++T2OsLiVqbPWTYLqiIQWLlloOdUUcZni+ykEUXPMfb
nzGL8//EO5QOIVwIR7qz5Zn37Eee0K4cVVCIAQwp8PNg2Iu/lOeez3qUpibNX1ax
m7cnzJyi/GsuLilOjBlM43i9Erf8
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:45 2024 by rpki-client on console-ams.rpki-client.org