Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BB469962A25F11EFA8EC1D8E762E951A.roa
File: BB469962A25F11EFA8EC1D8E762E951A.roa (raw, json)
Hash identifier: oPuSgcz/DGRWQCJxpRwdHX1+ibD71JIBVCZIxqVZtP0=
Subject key identifier: 24:37:5A:B6:16:D6:C7:38:6B:CC:DF:79:8F:AB:EF:28:9F:FA:00:F7
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D28F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BB469962A25F11EFA8EC1D8E762E951A.roa
Signing time: Thu 14 Nov 2024 08:09:12 +0000
ROA not before: Thu 14 Nov 2024 08:09:08 +0000
ROA not after: Wed 11 Dec 2024 08:09:08 +0000
asID: 134365
IP address blocks: 156.226.176.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 53903 (0xd28f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 14 08:09:08 2024 GMT
Not After : Dec 11 08:09:08 2024 GMT
Subject: CN=6735b028-a6f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:0f:2c:0d:f6:2c:fe:ab:5e:3f:a7:c6:4d:55:
3c:9f:b9:fc:0a:ab:dd:40:23:9f:12:d4:49:b7:d5:
3b:5d:95:20:93:82:b1:b3:16:33:98:65:61:20:f7:
d3:3e:ec:79:3e:4a:80:6c:ed:73:6b:c0:b3:20:d3:
84:23:86:27:d0:6a:39:2c:27:40:15:64:14:b1:a8:
9e:fa:70:b2:ea:07:c6:f6:d7:f8:b0:51:26:84:33:
e3:2c:d6:e6:ad:01:23:d5:e5:f3:72:b0:67:a0:f0:
e9:01:f4:35:12:3a:ac:e0:22:0a:13:21:50:78:05:
83:4d:a0:88:63:b2:76:91:27:2e:14:de:8f:db:2f:
e8:3f:22:bf:e4:e4:fc:30:1d:26:37:ce:73:5c:40:
97:a1:c1:16:88:5f:db:af:0c:8b:7e:73:01:13:d5:
e8:94:c0:4d:05:cc:e8:0b:1f:bd:ce:e2:3d:4a:a6:
53:c0:f9:20:cd:1a:ec:f9:4b:c6:7d:04:38:b1:f0:
b7:6a:a0:71:11:88:91:7b:40:e8:48:ee:59:6a:38:
ff:60:ea:0a:4c:f1:cb:d3:f1:bf:cd:14:b5:28:3b:
6f:06:a7:39:13:e6:d3:8f:bf:37:28:de:2b:ba:f6:
fd:3c:86:f5:74:dd:b3:1b:72:ad:d9:49:13:fd:8c:
10:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:37:5A:B6:16:D6:C7:38:6B:CC:DF:79:8F:AB:EF:28:9F:FA:00:F7
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BB469962A25F11EFA8EC1D8E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.226.176.0/21
Signature Algorithm: sha256WithRSAEncryption
57:05:78:78:28:82:90:b7:64:e7:45:21:1f:72:39:81:8a:ae:
6b:8f:9d:37:cd:28:97:f8:11:69:b1:81:ac:fb:4a:1c:75:8c:
80:3d:92:6a:f3:a8:60:7d:0b:b6:54:d0:50:7f:5f:91:f6:0e:
39:db:4f:e6:3a:13:40:4a:b4:a1:54:f5:f5:ed:70:e8:30:bb:
e1:b7:01:a0:49:18:15:cc:f5:92:34:0a:df:89:a1:d8:cd:7c:
bb:d0:6e:04:f5:55:e3:71:49:ef:d9:85:04:6c:5f:86:50:98:
3f:b4:aa:e5:16:b8:52:aa:fd:0e:4d:ae:5f:a5:c1:c6:d0:54:
8a:db:34:c6:80:33:21:0c:1f:6e:c0:ce:01:2a:60:bb:b2:1d:
40:39:2c:db:25:89:2f:c5:d7:90:f0:f1:8d:97:93:c9:2d:3a:
c0:fd:c0:9d:6a:48:2a:82:a8:98:25:7f:77:e0:86:b6:fb:77:
0b:b3:6c:38:41:0b:3c:83:b4:06:b1:9b:1f:dd:95:76:46:d2:
9f:08:de:64:80:a2:d8:48:4f:30:06:ca:e5:5e:1e:55:7b:e1:
58:bb:ed:81:3f:63:bc:2e:a5:cc:33:5e:a6:0f:44:b7:9c:de:
a1:cb:53:d2:7f:50:c7:d8:55:de:34:78:d9:ba:f8:8c:b4:07:
bf:b8:ea:ec
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANKPMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTE0MDgwOTA4WhcNMjQxMjExMDgwOTA4WjAYMRYw
FAYDVQQDEw02NzM1YjAyOC1hNmY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsQ8sDfYs/qteP6fGTVU8n7n8CqvdQCOfEtRJt9U7XZUgk4KxsxYzmGVh
IPfTPux5PkqAbO1za8CzINOEI4Yn0Go5LCdAFWQUsaie+nCy6gfG9tf4sFEmhDPj
LNbmrQEj1eXzcrBnoPDpAfQ1Ejqs4CIKEyFQeAWDTaCIY7J2kScuFN6P2y/oPyK/
5OT8MB0mN85zXECXocEWiF/brwyLfnMBE9XolMBNBczoCx+9zuI9SqZTwPkgzRrs
+UvGfQQ4sfC3aqBxEYiRe0DoSO5Zajj/YOoKTPHL0/G/zRS1KDtvBqc5E+bTj783
KN4ruvb9PIb1dN2zG3Kt2UkT/YwQIQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCQ3
WrYW1sc4a8zfeY+r7yif+gD3MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CQjQ2OTk2MkEyNUYxMUVGQThFQzFEOEU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnOKwMA0GCSqGSIb3DQEBCwUA
A4IBAQBXBXh4KIKQt2TnRSEfcjmBiq5rj503zSiX+BFpsYGs+0ocdYyAPZJq86hg
fQu2VNBQf1+R9g4520/mOhNASrShVPX17XDoMLvhtwGgSRgVzPWSNArfiaHYzXy7
0G4E9VXjcUnv2YUEbF+GUJg/tKrlFrhSqv0OTa5fpcHG0FSK2zTGgDMhDB9uwM4B
KmC7sh1AOSzbJYkvxdeQ8PGNl5PJLTrA/cCdakgqgqiYJX934Ia2+3cLs2w4QQs8
g7QGsZsf3ZV2RtKfCN5kgKLYSE8wBsrlXh5Ve+FYu+2BP2O8LqXMM16mD0S3nN6h
y1PSf1DH2FXeNHjZuviMtAe/uOrs
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:45 2024 by rpki-client on console-fra.rpki-client.org