Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C0696A3A9B7C11EF823F9F8B762E951A.roa
File: C0696A3A9B7C11EF823F9F8B762E951A.roa (raw, json)
Hash identifier: SZrS5XDJ6BUFqe4TyWIon1G7TYzO10PR+meOopCYiA0=
Subject key identifier: 71:27:12:CB:DC:8C:1E:80:E7:18:1E:AF:52:B1:0C:C5:2F:79:01:3F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: CE79
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C0696A3A9B7C11EF823F9F8B762E951A.roa
Signing time: Tue 05 Nov 2024 13:49:18 +0000
ROA not before: Tue 05 Nov 2024 13:49:14 +0000
ROA not after: Mon 13 Jan 2025 13:49:14 +0000
asID: 7018
IP address blocks: 156.238.0.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 52857 (0xce79)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 5 13:49:14 2024 GMT
Not After : Jan 13 13:49:14 2025 GMT
Subject: CN=672a225e-bde0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:ec:54:00:d7:24:68:04:41:a9:92:1d:56:bf:
3a:ca:43:11:b2:17:42:40:54:c2:e9:4a:4a:10:00:
53:4b:e7:2f:cf:5c:da:dc:8c:3b:01:72:fe:8c:fc:
80:c4:d2:e8:74:50:02:b6:80:bb:8f:04:09:90:12:
f4:76:a6:54:d1:ed:4c:4f:66:96:26:24:cb:e0:60:
d8:d4:f9:d3:48:c5:7f:08:cc:32:81:5c:b5:05:c5:
c4:cf:ab:77:68:3f:bd:21:a6:cc:a3:f6:f9:99:68:
ec:36:9a:9c:52:66:bd:5f:a9:7e:71:13:6c:07:99:
3a:c4:9e:be:48:3c:78:34:17:e2:e0:d2:1a:26:5d:
b8:0b:b4:d8:07:e3:0f:80:68:3c:51:a2:af:3f:18:
e8:09:0e:66:5e:9f:d9:be:f1:10:b7:b1:bb:ab:d5:
14:82:aa:70:b3:76:49:94:da:cb:93:c2:38:db:f3:
a9:24:2f:c7:43:f6:dc:ef:a1:61:51:d3:75:8d:eb:
08:54:aa:25:4f:14:c0:c3:90:c8:4b:fb:35:26:43:
64:cf:e0:31:35:b0:81:e2:d4:e1:5b:1b:97:b0:ff:
ca:b1:41:78:2a:58:64:bc:65:43:79:1b:eb:63:2d:
85:41:b9:00:2e:d8:26:51:e0:ed:9c:fb:50:d3:91:
f9:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:27:12:CB:DC:8C:1E:80:E7:18:1E:AF:52:B1:0C:C5:2F:79:01:3F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C0696A3A9B7C11EF823F9F8B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.0.0/23
Signature Algorithm: sha256WithRSAEncryption
1e:6b:f9:8a:61:93:e4:b6:6f:30:92:0d:9d:a2:7f:15:af:37:
de:7b:ff:70:ce:73:20:49:d6:a6:d6:28:1d:c4:d6:95:fd:ec:
c1:61:ea:df:47:e8:a1:1a:f5:2a:13:3d:21:c0:4b:98:b9:5a:
44:65:32:6a:ea:57:d0:c5:94:ad:9d:d5:93:67:ec:ac:a2:c1:
6c:79:2b:f6:a9:76:33:e5:b2:00:7c:42:e0:40:1a:99:01:eb:
8d:17:2d:a5:98:ac:d6:3d:ae:28:47:4d:95:a4:cb:a6:22:6b:
2e:56:b7:04:e6:17:2e:c0:aa:88:c2:36:49:96:48:f4:1a:04:
f1:dc:36:da:54:44:3b:52:12:25:a6:81:4c:8d:8f:5c:00:22:
14:0e:9c:cd:e4:41:25:53:ae:1a:e6:b7:94:56:18:b5:f8:f0:
f1:bc:93:d6:4b:48:a7:a4:28:2e:eb:f7:31:00:a6:b6:a8:02:
c4:55:5e:69:0c:5d:fe:9d:de:a1:c9:0b:b7:8a:c9:71:7c:1e:
f5:59:5e:6b:ee:37:ab:40:be:36:79:0f:a0:50:30:27:b5:33:
fd:c1:ff:77:08:3a:c1:0c:ae:1f:6b:f2:7f:6d:14:40:33:d4:
7c:20:c2:e7:3c:1f:46:b5:ca:e7:01:55:8e:4d:f7:d5:56:1b:
be:f3:a9:65
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAM55MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTA1MTM0OTE0WhcNMjUwMTEzMTM0OTE0WjAYMRYw
FAYDVQQDEw02NzJhMjI1ZS1iZGUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAw+xUANckaARBqZIdVr86ykMRshdCQFTC6UpKEABTS+cvz1za3Iw7AXL+
jPyAxNLodFACtoC7jwQJkBL0dqZU0e1MT2aWJiTL4GDY1PnTSMV/CMwygVy1BcXE
z6t3aD+9IabMo/b5mWjsNpqcUma9X6l+cRNsB5k6xJ6+SDx4NBfi4NIaJl24C7TY
B+MPgGg8UaKvPxjoCQ5mXp/ZvvEQt7G7q9UUgqpws3ZJlNrLk8I42/OpJC/HQ/bc
76FhUdN1jesIVKolTxTAw5DIS/s1JkNkz+AxNbCB4tThWxuXsP/KsUF4KlhkvGVD
eRvrYy2FQbkALtgmUeDtnPtQ05H5NwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHEn
EsvcjB6A5xger1KxDMUveQE/MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DMDY5NkEzQTlCN0MxMUVGODIzRjlGOEI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnO4AMA0GCSqGSIb3DQEBCwUA
A4IBAQAea/mKYZPktm8wkg2don8Vrzfee/9wznMgSdam1igdxNaV/ezBYerfR+ih
GvUqEz0hwEuYuVpEZTJq6lfQxZStndWTZ+ysosFseSv2qXYz5bIAfELgQBqZAeuN
Fy2lmKzWPa4oR02VpMumImsuVrcE5hcuwKqIwjZJlkj0GgTx3DbaVEQ7UhIlpoFM
jY9cACIUDpzN5EElU64a5reUVhi1+PDxvJPWS0inpCgu6/cxAKa2qALEVV5pDF3+
nd6hyQu3islxfB71WV5r7jerQL42eQ+gUDAntTP9wf93CDrBDK4fa/J/bRRAM9R8
IMLnPB9GtcrnAVWOTffVVhu+86ll
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:47 2024 by rpki-client on console-ams.rpki-client.org