Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B5D19110ECA911EE9F70DD73775412E6.roa
File: B5D19110ECA911EE9F70DD73775412E6.roa (raw, json)
Hash identifier: 4veyHDM9CHzOAzzw3/D6kCRRi8ruC5o9rC6tVeFh3+g=
Subject key identifier: 27:2E:15:37:B4:A8:C6:60:32:D5:F0:A2:56:0E:A6:FC:65:A2:8E:C4
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 80E1
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B5D19110ECA911EE9F70DD73775412E6.roa
Signing time: Thu 28 Mar 2024 02:20:14 +0000
ROA not before: Thu 28 Mar 2024 02:20:11 +0000
ROA not after: Tue 25 Feb 2025 02:20:11 +0000
asID: 140227
IP address blocks: 156.240.111.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 32993 (0x80e1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Mar 28 02:20:11 2024 GMT
Not After : Feb 25 02:20:11 2025 GMT
Subject: CN=6604d3de-7607
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:b2:14:f7:50:82:7f:17:98:83:61:8f:fe:71:
0c:ce:1d:fd:ee:5a:48:0d:22:95:c9:8d:e4:58:1f:
96:eb:e2:3e:8e:05:ab:63:89:8b:dc:59:b7:50:41:
90:89:5c:e5:c6:47:41:8f:83:ac:04:a2:32:5a:de:
1d:78:c2:34:ab:05:cd:1c:9f:a9:06:59:ce:de:c0:
51:9a:10:91:72:db:0e:ed:75:14:4a:f6:40:2b:bf:
40:d8:a7:63:80:10:02:54:ef:53:43:7a:36:15:b2:
f5:2f:fe:6d:05:63:4b:3a:04:5f:c9:c4:b1:e3:32:
da:41:9e:c1:e9:6d:7f:a0:7a:1a:ad:bc:9c:84:16:
4f:39:46:c6:00:a5:6d:fb:2b:7f:a5:89:2a:14:19:
bb:8d:7f:43:f8:26:86:0c:17:ab:d2:05:15:7f:53:
4c:55:2e:3a:eb:85:75:dd:e4:a7:21:0b:f5:b2:04:
22:6f:ac:fa:76:07:90:d1:84:7a:49:89:ed:5e:4d:
c4:8d:b8:84:e6:c7:8d:6e:ef:2b:cc:60:85:e9:a9:
31:c7:0d:22:8b:c2:21:c7:72:22:4b:83:22:04:e1:
17:95:62:ea:e7:fd:d6:54:b5:e3:26:26:92:68:c6:
a2:57:b0:9e:6e:56:8a:5c:af:1b:73:93:ec:7a:89:
10:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:2E:15:37:B4:A8:C6:60:32:D5:F0:A2:56:0E:A6:FC:65:A2:8E:C4
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B5D19110ECA911EE9F70DD73775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.240.111.0/24
Signature Algorithm: sha256WithRSAEncryption
48:ac:db:a7:07:09:69:96:a8:fe:37:fb:6a:28:77:68:a2:76:
b2:ea:49:a7:86:9d:3d:30:c0:e3:69:a0:16:46:fb:cd:e9:70:
78:0c:e9:f9:c2:71:60:70:14:f5:d6:cf:14:0c:9b:87:86:47:
a7:ea:9b:4b:78:4a:73:04:c7:4e:cb:03:a3:f7:29:86:01:ca:
1b:aa:a3:72:24:b5:a1:de:7b:b4:2f:c0:4d:e3:c6:f1:91:df:
aa:11:8f:c4:11:ac:29:63:99:3f:7e:cc:e4:3e:b4:0f:e8:87:
67:ef:03:12:ec:6c:c7:91:7a:ec:f0:e2:24:9d:bb:b7:c3:b5:
fb:b5:fd:bd:8f:14:7b:73:b6:a3:03:45:c6:f1:a4:39:57:34:
3c:d0:b7:ba:78:8e:f9:29:4e:db:15:c6:b3:fc:ba:ef:f9:4f:
99:f9:45:94:b4:31:de:fe:34:64:f2:92:73:aa:5a:98:b7:f7:
5f:e7:95:2f:bd:15:8e:bd:17:95:4c:ea:77:05:ec:65:e3:f7:
a3:ca:08:62:69:d6:9d:35:12:82:7f:29:42:71:ba:b3:cc:94:
e0:7f:fd:da:9f:33:68:dd:16:9a:e4:22:32:b1:a8:76:82:1c:
4a:29:f2:35:17:75:3f:cf:84:06:b7:23:10:b9:f3:71:83:7a:
50:97:c6:6e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAIDhMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwMzI4MDIyMDExWhcNMjUwMjI1MDIyMDExWjAYMRYw
FAYDVQQDEw02NjA0ZDNkZS03NjA3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA+rIU91CCfxeYg2GP/nEMzh397lpIDSKVyY3kWB+W6+I+jgWrY4mL3Fm3
UEGQiVzlxkdBj4OsBKIyWt4deMI0qwXNHJ+pBlnO3sBRmhCRctsO7XUUSvZAK79A
2KdjgBACVO9TQ3o2FbL1L/5tBWNLOgRfycSx4zLaQZ7B6W1/oHoarbychBZPOUbG
AKVt+yt/pYkqFBm7jX9D+CaGDBer0gUVf1NMVS4664V13eSnIQv1sgQib6z6dgeQ
0YR6SYntXk3EjbiE5seNbu8rzGCF6akxxw0ii8Ihx3IiS4MiBOEXlWLq5/3WVLXj
JiaSaMaiV7CeblaKXK8bc5PseokQOQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCcu
FTe0qMZgMtXwolYOpvxloo7EMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CNUQxOTExMEVDQTkxMUVFOUY3MERENzM3NzU0MTJFNi5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPBvMA0GCSqGSIb3DQEBCwUA
A4IBAQBIrNunBwlplqj+N/tqKHdoonay6kmnhp09MMDjaaAWRvvN6XB4DOn5wnFg
cBT11s8UDJuHhken6ptLeEpzBMdOywOj9ymGAcobqqNyJLWh3nu0L8BN48bxkd+q
EY/EEawpY5k/fszkPrQP6Idn7wMS7GzHkXrs8OIknbu3w7X7tf29jxR7c7ajA0XG
8aQ5VzQ80Le6eI75KU7bFcaz/Lrv+U+Z+UWUtDHe/jRk8pJzqlqYt/df55UvvRWO
vReVTOp3Bexl4/ejyghiadadNRKCfylCcbqzzJTgf/3anzNo3Raa5CIysah2ghxK
KfI1F3U/z4QGtyMQufNxg3pQl8Zu
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:46 2024 by rpki-client on console-ams.rpki-client.org