Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B120E3F05EF511EF8CE130B0762E951A.roa
File: B120E3F05EF511EF8CE130B0762E951A.roa (raw, json)
Hash identifier: AN9xi4rgDJo0Fbn/TH7bfEQkodZLt/Rqlp1WKzyl8pA=
Subject key identifier: B3:DF:35:29:BF:B3:14:ED:20:3C:9B:A3:FB:16:32:FD:01:D5:D5:02
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: AA1C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B120E3F05EF511EF8CE130B0762E951A.roa
Signing time: Tue 20 Aug 2024 13:11:20 +0000
ROA not before: Tue 20 Aug 2024 13:11:15 +0000
ROA not after: Tue 27 May 2025 13:11:15 +0000
asID: 399077
IP address blocks: 156.251.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43548 (0xaa1c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Aug 20 13:11:15 2024 GMT
Not After : May 27 13:11:15 2025 GMT
Subject: CN=66c495f8-fae2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:9d:0f:2e:2d:fa:33:34:4c:df:8d:1d:60:21:
4c:f9:09:03:a6:72:28:86:60:69:e4:c7:0d:1c:d2:
36:f4:a1:8b:37:59:28:63:ed:a4:fb:13:7c:6d:94:
b9:3e:8e:38:79:b9:14:36:84:a3:53:65:b3:58:7d:
d6:97:69:97:39:c6:87:9f:a7:63:95:02:97:03:8b:
2c:a1:61:96:99:f8:cf:9f:91:84:0d:aa:3f:07:2c:
f1:25:5b:f2:b3:ff:52:56:18:99:12:0b:57:a6:a3:
a8:f6:32:53:10:94:2e:59:1b:f6:f5:f9:bb:0c:a9:
a5:ff:81:b0:7d:b7:7b:86:eb:89:aa:5f:53:6e:a1:
fd:cb:42:f2:02:b2:e8:cf:6b:db:e6:56:2a:e7:71:
28:b9:69:e6:5f:aa:ca:2b:fb:11:13:d7:32:58:4f:
08:8b:08:3a:bb:1f:03:48:52:14:85:0d:5a:03:bb:
4c:db:bf:eb:a6:65:63:5b:b9:bb:5d:0d:a5:1d:92:
00:28:67:0d:b2:a6:a9:c7:00:35:4f:35:f1:d0:ec:
4e:fe:12:3e:b9:f5:34:10:c6:c4:1f:87:16:a1:a1:
5e:40:c6:12:42:a4:6a:86:e4:6d:70:a5:d0:e4:fc:
8c:9a:bc:1a:ae:e4:3c:05:53:f6:6a:eb:3b:7b:96:
2a:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:DF:35:29:BF:B3:14:ED:20:3C:9B:A3:FB:16:32:FD:01:D5:D5:02
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B120E3F05EF511EF8CE130B0762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.251.0.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:a7:18:51:09:c7:de:62:17:88:08:83:09:9c:ca:05:7b:59:
54:a2:44:7b:58:06:2b:48:2a:72:fd:41:7d:ab:78:4d:ca:90:
62:41:7c:3c:9a:73:0d:d0:6a:d8:ac:43:4d:ff:1b:53:4f:49:
36:a3:dc:f2:71:28:9e:8e:8f:fd:97:e6:0b:61:b8:da:1b:12:
47:92:7b:a8:ac:d0:59:c5:0d:8d:45:f4:d2:0d:cd:81:74:bd:
2e:e7:70:61:14:30:08:88:a5:e0:6b:2d:da:8f:b1:53:4a:d5:
ae:81:b9:43:9c:8e:af:6c:56:b3:9d:03:19:a7:a0:6a:da:ec:
a0:0e:02:13:9b:f8:75:6b:0e:10:f8:7b:df:e4:82:5a:90:e7:
ff:61:f8:2d:74:d0:bc:65:6e:ab:c1:8c:43:38:dc:9f:ea:6c:
8a:2a:6e:1e:b3:d0:8b:78:ce:a8:b3:bb:56:a8:7b:cf:9b:00:
d1:01:df:13:7a:ce:e1:30:86:00:8f:ff:7f:72:4e:46:97:8c:
e4:57:a0:9f:e0:6c:21:62:12:e0:03:8f:f0:f5:cb:e4:46:01:
3e:35:d3:4d:fd:e0:c9:a0:be:19:4e:6b:7a:86:df:f8:04:d5:
84:f7:81:49:5b:ca:97:b3:bf:3a:5a:0a:68:3e:33:51:fe:8f:
bf:eb:ee:d3
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAKocMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwODIwMTMxMTE1WhcNMjUwNTI3MTMxMTE1WjAYMRYw
FAYDVQQDEw02NmM0OTVmOC1mYWUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA250PLi36MzRM340dYCFM+QkDpnIohmBp5McNHNI29KGLN1koY+2k+xN8
bZS5Po44ebkUNoSjU2WzWH3Wl2mXOcaHn6djlQKXA4ssoWGWmfjPn5GEDao/Byzx
JVvys/9SVhiZEgtXpqOo9jJTEJQuWRv29fm7DKml/4Gwfbd7huuJql9TbqH9y0Ly
ArLoz2vb5lYq53EouWnmX6rKK/sRE9cyWE8Iiwg6ux8DSFIUhQ1aA7tM27/rpmVj
W7m7XQ2lHZIAKGcNsqapxwA1TzXx0OxO/hI+ufU0EMbEH4cWoaFeQMYSQqRqhuRt
cKXQ5PyMmrwaruQ8BVP2aus7e5YquwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLPf
NSm/sxTtIDybo/sWMv0B1dUCMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CMTIwRTNGMDVFRjUxMUVGOENFMTMwQjA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPsAMA0GCSqGSIb3DQEBCwUA
A4IBAQCwpxhRCcfeYheICIMJnMoFe1lUokR7WAYrSCpy/UF9q3hNypBiQXw8mnMN
0GrYrENN/xtTT0k2o9zycSiejo/9l+YLYbjaGxJHknuorNBZxQ2NRfTSDc2BdL0u
53BhFDAIiKXgay3aj7FTStWugblDnI6vbFaznQMZp6Bq2uygDgITm/h1aw4Q+Hvf
5IJakOf/YfgtdNC8ZW6rwYxDONyf6myKKm4es9CLeM6os7tWqHvPmwDRAd8Tes7h
MIYAj/9/ck5Gl4zkV6Cf4GwhYhLgA4/w9cvkRgE+NdNN/eDJoL4ZTmt6ht/4BNWE
94FJW8qXs786WgpoPjNR/o+/6+7T
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:45 2024 by rpki-client on console-ams.rpki-client.org