Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BDC10818976911EFA1B4FD5B762E951A.roa
File: BDC10818976911EFA1B4FD5B762E951A.roa (raw, json)
Hash identifier: LtbiI+LoCJf6sSbVsyUAUiEknXqED4zpP2BEGDx3ZAQ=
Subject key identifier: 83:39:97:7F:77:F6:31:F7:48:3F:F8:92:FE:D5:26:2C:6C:C8:CA:DE
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: CB20
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BDC10818976911EFA1B4FD5B762E951A.roa
Signing time: Thu 31 Oct 2024 09:23:08 +0000
ROA not before: Thu 31 Oct 2024 09:23:05 +0000
ROA not after: Fri 13 Dec 2024 09:23:05 +0000
asID: 55320
IP address blocks: 156.244.24.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 52000 (0xcb20)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Oct 31 09:23:05 2024 GMT
Not After : Dec 13 09:23:05 2024 GMT
Subject: CN=67234c7c-bbb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:ef:9d:c8:5f:64:aa:96:05:74:97:ac:34:40:
4d:f6:d5:87:41:34:f9:47:ee:a3:06:05:c8:13:fc:
65:74:f9:6b:c5:46:67:5c:c1:16:69:9c:f0:10:b6:
98:6c:4f:7a:e4:85:61:54:d2:7d:5e:fc:ea:6d:d6:
3b:a9:86:bb:20:2a:35:0c:8f:61:64:8a:8b:45:68:
fc:2a:90:c2:e4:95:0c:db:0c:33:ed:01:3e:94:d7:
ea:56:3e:f4:50:7f:22:71:4a:c7:ac:1d:9c:36:83:
19:5f:16:fe:74:e8:ed:5c:36:49:51:14:78:9b:6b:
f3:94:d4:f9:14:28:69:b0:a3:96:2a:8d:ee:ed:43:
03:5a:c2:4c:d0:9c:72:a9:a4:7e:80:d8:df:2f:20:
63:21:94:42:92:b2:49:96:a4:3f:2f:33:f3:4b:4e:
9a:5a:21:87:cd:9b:00:28:44:15:7b:d6:66:1f:8f:
e5:cd:12:da:75:77:bd:c3:39:8a:6e:e2:50:81:bf:
5d:47:d2:d0:7d:49:87:e0:f7:7f:da:cf:14:db:ed:
9a:f6:e5:9a:6e:66:e2:8d:af:d9:ce:96:d7:19:e2:
17:03:62:45:95:78:c2:c5:d8:ff:b6:e3:a5:2d:7c:
a1:32:6f:bb:55:f9:cc:42:b0:f7:48:89:de:ff:ef:
e1:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:39:97:7F:77:F6:31:F7:48:3F:F8:92:FE:D5:26:2C:6C:C8:CA:DE
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BDC10818976911EFA1B4FD5B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.244.24.0/24
Signature Algorithm: sha256WithRSAEncryption
34:2d:5e:39:9c:ae:76:19:dd:f8:a2:68:7c:8c:c4:0a:82:0a:
a7:8a:59:95:c6:3a:e1:18:58:e0:b4:6e:41:0c:d1:b7:f6:18:
fc:75:46:fc:4c:e4:1a:da:5f:12:95:e8:55:d5:cc:19:7e:b4:
a0:a2:97:38:d1:f2:3f:3a:9d:64:2d:1e:3a:fd:19:69:d5:98:
75:35:01:59:e7:e3:6c:da:c6:77:db:de:6c:d8:ca:c7:67:d2:
97:a8:93:9a:ba:cb:03:54:7c:40:ab:12:74:0c:6f:9d:c8:55:
7e:8d:bb:5b:c5:92:5c:87:a3:fc:f7:09:ff:34:86:2b:ac:7b:
3c:3e:59:f5:aa:73:99:fa:8d:f5:76:83:b8:ba:9b:14:1b:66:
75:da:75:d8:33:49:c2:74:50:e0:94:b9:5e:2b:a2:f2:be:41:
ff:1e:9d:e7:fb:3c:91:cb:94:94:1f:ae:6b:9d:9f:ff:85:12:
2d:90:0a:aa:be:b6:ad:8f:2c:5b:f6:63:7b:12:79:3b:c4:8f:
8a:5a:22:e4:82:24:e4:32:3a:22:03:85:85:9a:14:8f:60:26:
1b:78:0d:fc:d8:3d:84:8c:c3:f0:82:e0:91:61:a4:fe:98:a6:
db:c1:43:02:f7:76:3d:d4:06:f7:58:0a:7c:05:ab:ae:15:ac:
95:05:c3:76
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAMsgMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMDMxMDkyMzA1WhcNMjQxMjEzMDkyMzA1WjAYMRYw
FAYDVQQDEw02NzIzNGM3Yy1iYmIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6++dyF9kqpYFdJesNEBN9tWHQTT5R+6jBgXIE/xldPlrxUZnXMEWaZzw
ELaYbE965IVhVNJ9XvzqbdY7qYa7ICo1DI9hZIqLRWj8KpDC5JUM2wwz7QE+lNfq
Vj70UH8icUrHrB2cNoMZXxb+dOjtXDZJURR4m2vzlNT5FChpsKOWKo3u7UMDWsJM
0JxyqaR+gNjfLyBjIZRCkrJJlqQ/LzPzS06aWiGHzZsAKEQVe9ZmH4/lzRLadXe9
wzmKbuJQgb9dR9LQfUmH4Pd/2s8U2+2a9uWabmbija/ZzpbXGeIXA2JFlXjCxdj/
tuOlLXyhMm+7VfnMQrD3SIne/+/h/QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIM5
l3939jH3SD/4kv7VJixsyMreMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CREMxMDgxODk3NjkxMUVGQTFCNEZENUI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPQYMA0GCSqGSIb3DQEBCwUA
A4IBAQA0LV45nK52Gd34omh8jMQKggqnilmVxjrhGFjgtG5BDNG39hj8dUb8TOQa
2l8SlehV1cwZfrSgopc40fI/Op1kLR46/Rlp1Zh1NQFZ5+Ns2sZ3295s2MrHZ9KX
qJOaussDVHxAqxJ0DG+dyFV+jbtbxZJch6P89wn/NIYrrHs8Pln1qnOZ+o31doO4
upsUG2Z12nXYM0nCdFDglLleK6LyvkH/Hp3n+zyRy5SUH65rnZ//hRItkAqqvrat
jyxb9mN7Enk7xI+KWiLkgiTkMjoiA4WFmhSPYCYbeA382D2EjMPwguCRYaT+mKbb
wUMC93Y91Ab3WAp8BauuFayVBcN2
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:47 2024 by rpki-client on console-ams.rpki-client.org