Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B68538C29B7D11EFAAB61792762E951A.roa
File: B68538C29B7D11EFAAB61792762E951A.roa (raw, json)
Hash identifier: PBDimHUkg0WkPbJ6c4UNOTnaukantbgRiniNZu4Q3oo=
Subject key identifier: 07:28:A2:D7:C3:26:6E:E1:1D:A1:B4:7F:C0:D5:79:02:33:CF:34:3D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: CE85
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B68538C29B7D11EFAAB61792762E951A.roa
Signing time: Tue 05 Nov 2024 13:56:11 +0000
ROA not before: Tue 05 Nov 2024 13:56:07 +0000
ROA not after: Mon 13 Jan 2025 13:56:07 +0000
asID: 212238
IP address blocks: 156.239.18.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 52869 (0xce85)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 5 13:56:07 2024 GMT
Not After : Jan 13 13:56:07 2025 GMT
Subject: CN=672a23fb-99d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ed:e3:97:1f:ed:cf:aa:b8:b3:79:52:73:ad:
5f:ce:91:c1:f6:9a:4a:18:5f:0b:74:93:ed:3e:17:
5a:ce:ca:c9:b4:6a:c8:08:05:ec:18:6c:2e:e1:23:
f3:52:94:10:1a:8c:69:de:de:85:1f:61:43:29:ff:
71:2c:b1:bb:33:ca:ab:6c:72:46:6c:20:dd:4c:7b:
a2:10:2b:18:0b:be:38:e0:5e:93:5c:8d:5d:1f:f1:
32:eb:26:3a:07:c2:f1:85:a3:40:25:1d:48:e1:3d:
92:0d:b4:5b:8b:41:19:d8:72:06:39:42:77:de:df:
ec:16:08:4e:9b:03:87:59:97:2d:9c:22:03:c1:91:
01:40:0d:b6:53:08:26:91:b7:db:c2:be:73:c7:91:
ef:d2:ca:14:60:a9:9a:1c:bc:fb:72:8d:c2:3c:bd:
30:34:49:8c:4b:0d:42:57:10:19:ea:cf:5a:4b:e0:
26:e8:cb:0c:a3:31:3b:a5:cd:ae:c1:29:7f:38:4a:
8b:56:bb:57:90:c3:61:b8:35:ce:15:85:c6:1c:41:
10:32:d6:8e:eb:32:63:ed:3a:30:43:b9:14:35:3e:
ea:7f:8e:ec:52:db:a7:8b:48:6f:c6:6a:45:ae:96:
f1:c9:0a:6b:f0:90:5a:0e:3c:e3:1a:a1:ad:8a:cc:
59:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:28:A2:D7:C3:26:6E:E1:1D:A1:B4:7F:C0:D5:79:02:33:CF:34:3D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B68538C29B7D11EFAAB61792762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.239.18.0/24
Signature Algorithm: sha256WithRSAEncryption
97:58:a4:4b:07:43:09:e1:6d:38:2c:86:2c:c1:5c:9f:5d:4a:
49:d9:c8:14:9e:32:1f:e3:fa:68:63:ca:5b:da:5d:61:39:68:
0b:b5:71:bf:fb:21:42:9f:43:b1:8c:93:38:f1:a5:a9:b6:14:
ce:53:7d:7b:f9:dd:a3:b2:9c:44:ae:c5:a3:64:3f:de:e1:5b:
e3:29:63:38:31:09:44:7a:c0:59:6b:4e:73:a9:34:d0:57:33:
1a:83:74:34:e4:e7:81:7a:6b:ac:b8:a2:a2:5b:ad:2d:bf:4e:
cb:32:0e:df:58:ae:5b:bd:71:47:bb:43:23:4b:b8:51:ed:18:
29:6e:a1:c2:d7:1c:e9:17:47:b1:37:64:4b:c5:59:e2:08:55:
8a:6c:59:4d:cf:41:1d:b3:17:b9:61:08:07:b1:b0:89:63:85:
be:97:9a:a8:85:e5:2f:89:8c:94:03:88:eb:af:61:55:30:6e:
d0:0b:7c:b9:e1:92:52:ec:5a:52:d7:ea:e0:e3:68:eb:d9:e4:
3c:9a:75:1b:7d:85:23:53:c4:e9:b7:2c:7f:f8:3f:8f:5c:7e:
58:08:de:f1:95:09:3c:60:b0:a9:ff:8e:cb:95:cd:6a:5d:6f:
9c:6c:1a:31:dc:9c:09:cc:81:6a:77:82:43:90:2d:52:8e:18:
4d:8f:9e:63
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAM6FMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTA1MTM1NjA3WhcNMjUwMTEzMTM1NjA3WjAYMRYw
FAYDVQQDEw02NzJhMjNmYi05OWQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtO3jlx/tz6q4s3lSc61fzpHB9ppKGF8LdJPtPhdazsrJtGrICAXsGGwu
4SPzUpQQGoxp3t6FH2FDKf9xLLG7M8qrbHJGbCDdTHuiECsYC7444F6TXI1dH/Ey
6yY6B8LxhaNAJR1I4T2SDbRbi0EZ2HIGOUJ33t/sFghOmwOHWZctnCIDwZEBQA22
Uwgmkbfbwr5zx5Hv0soUYKmaHLz7co3CPL0wNEmMSw1CVxAZ6s9aS+Am6MsMozE7
pc2uwSl/OEqLVrtXkMNhuDXOFYXGHEEQMtaO6zJj7TowQ7kUNT7qf47sUtuni0hv
xmpFrpbxyQpr8JBaDjzjGqGtisxZewIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAco
otfDJm7hHaG0f8DVeQIzzzQ9MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CNjg1MzhDMjlCN0QxMUVGQUFCNjE3OTI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO8SMA0GCSqGSIb3DQEBCwUA
A4IBAQCXWKRLB0MJ4W04LIYswVyfXUpJ2cgUnjIf4/poY8pb2l1hOWgLtXG/+yFC
n0OxjJM48aWpthTOU317+d2jspxErsWjZD/e4VvjKWM4MQlEesBZa05zqTTQVzMa
g3Q05OeBemusuKKiW60tv07LMg7fWK5bvXFHu0MjS7hR7RgpbqHC1xzpF0exN2RL
xVniCFWKbFlNz0Edsxe5YQgHsbCJY4W+l5qoheUviYyUA4jrr2FVMG7QC3y54ZJS
7FpS1+rg42jr2eQ8mnUbfYUjU8Tptyx/+D+PXH5YCN7xlQk8YLCp/47Llc1qXW+c
bBox3JwJzIFqd4JDkC1SjhhNj55j
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:46 2024 by rpki-client on console-ams.rpki-client.org