Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C136C460E9A411EE880CC052775412E6.roa
File: C136C460E9A411EE880CC052775412E6.roa (raw, json)
Hash identifier: qOzFVD8o5o0EKGuLFx7NMorrP0uWhTDm2YTAcoj1K1U=
Subject key identifier: A2:B0:BF:EC:F5:EC:1A:20:B3:0C:EB:72:B2:D1:2B:82:59:B3:61:FD
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 8027
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C136C460E9A411EE880CC052775412E6.roa
Signing time: Sun 24 Mar 2024 06:07:12 +0000
ROA not before: Sun 24 Mar 2024 06:07:09 +0000
ROA not after: Fri 22 Nov 2024 06:07:09 +0000
asID: 209242
IP address blocks: 156.237.4.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 22 Nov 2024 06:07:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 32807 (0x8027)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Mar 24 06:07:09 2024 GMT
Not After : Nov 22 06:07:09 2024 GMT
Subject: CN=65ffc310-2865
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:74:f8:3b:95:be:1d:d7:2a:e2:94:23:5c:4f:
52:bc:93:75:1d:17:15:fe:28:1a:49:15:58:a0:70:
df:c8:a6:39:f8:3a:72:a5:2d:a4:45:ca:de:9b:86:
75:f9:91:fe:ae:76:c5:51:b3:bc:84:4f:63:37:df:
01:40:f9:8e:a2:e1:64:ff:71:80:a8:a1:a6:77:21:
9b:5f:b7:57:3c:cb:e6:e4:37:6d:21:13:63:c9:e1:
b2:91:c8:8b:8e:9d:20:4b:ac:ca:d9:22:db:25:77:
26:2e:84:01:67:60:80:cd:0f:fc:26:85:57:1f:79:
84:67:64:3d:22:8d:1a:f7:15:59:69:e8:ba:35:16:
cc:48:c6:6e:e3:17:1e:cb:70:57:b1:5d:6d:44:13:
ef:10:8f:e7:da:b7:a4:53:56:57:2d:63:29:86:8c:
69:75:fc:9c:c1:8b:c5:14:89:91:ee:a1:6a:e9:e9:
fe:50:34:ae:9e:da:06:5e:3c:4e:d6:23:b1:e7:03:
30:b8:44:5c:51:46:54:24:5d:2e:9f:18:3a:2d:9d:
fb:be:5d:cc:65:b0:b8:06:a5:c1:36:40:b7:e2:1c:
09:56:08:9d:2a:64:84:90:fa:81:88:2c:9d:57:e6:
f2:f5:32:06:bb:ff:a4:be:25:c5:a9:85:da:83:08:
fe:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:B0:BF:EC:F5:EC:1A:20:B3:0C:EB:72:B2:D1:2B:82:59:B3:61:FD
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C136C460E9A411EE880CC052775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.237.4.0/23
Signature Algorithm: sha256WithRSAEncryption
72:be:4d:b1:04:20:14:21:98:44:7f:06:8f:64:3c:02:dd:60:
9e:5d:fb:05:ec:74:79:a9:2d:e9:39:f3:63:d9:a8:82:40:35:
bb:f8:ff:35:eb:f4:d2:9e:14:63:5b:50:24:f9:32:4d:32:07:
f3:5e:d9:fe:ab:d6:dc:00:24:1f:13:cb:42:e6:a0:bd:5d:cb:
6a:f8:28:8d:8f:a0:4f:27:4f:56:24:a2:ae:5b:d7:ca:b6:58:
65:b7:0e:04:e5:17:1a:d4:1e:7b:82:2d:c1:71:00:e7:a3:e3:
e4:c1:b9:c2:9f:6f:a2:56:4b:8d:dd:88:ab:d4:be:db:36:33:
d0:c5:2b:b0:3d:dd:d3:6e:93:70:4b:4e:74:41:6a:f2:ab:16:
d8:04:72:93:75:ea:d4:73:08:a3:b8:75:3a:32:f0:5c:f6:96:
f5:ab:43:b0:c6:78:b4:fa:43:63:b9:28:04:18:7c:08:ea:28:
7b:2e:27:82:47:f3:e0:9a:be:cb:b5:be:ef:e3:99:64:3c:32:
bf:aa:0b:4a:d8:af:53:71:95:05:7b:13:78:d7:e0:da:85:9c:
e7:b6:71:ac:4e:61:55:f7:55:a5:5d:75:7d:4e:fc:8e:8e:ab:
09:4a:79:e2:bb:55:2f:04:07:41:a7:3e:98:65:b2:cc:74:3a:
a3:dc:98:5e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAIAnMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwMzI0MDYwNzA5WhcNMjQxMTIyMDYwNzA5WjAYMRYw
FAYDVQQDEw02NWZmYzMxMC0yODY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqXT4O5W+Hdcq4pQjXE9SvJN1HRcV/igaSRVYoHDfyKY5+DpypS2kRcre
m4Z1+ZH+rnbFUbO8hE9jN98BQPmOouFk/3GAqKGmdyGbX7dXPMvm5DdtIRNjyeGy
kciLjp0gS6zK2SLbJXcmLoQBZ2CAzQ/8JoVXH3mEZ2Q9Io0a9xVZaei6NRbMSMZu
4xcey3BXsV1tRBPvEI/n2rekU1ZXLWMphoxpdfycwYvFFImR7qFq6en+UDSuntoG
XjxO1iOx5wMwuERcUUZUJF0unxg6LZ37vl3MZbC4BqXBNkC34hwJVgidKmSEkPqB
iCydV+by9TIGu/+kviXFqYXagwj+kQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKKw
v+z17BogswzrcrLRK4JZs2H9MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DMTM2QzQ2MEU5QTQxMUVFODgwQ0MwNTI3NzU0MTJFNi5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnO0EMA0GCSqGSIb3DQEBCwUA
A4IBAQByvk2xBCAUIZhEfwaPZDwC3WCeXfsF7HR5qS3pOfNj2aiCQDW7+P816/TS
nhRjW1Ak+TJNMgfzXtn+q9bcACQfE8tC5qC9Xctq+CiNj6BPJ09WJKKuW9fKtlhl
tw4E5Rca1B57gi3BcQDno+PkwbnCn2+iVkuN3Yir1L7bNjPQxSuwPd3TbpNwS050
QWryqxbYBHKTderUcwijuHU6MvBc9pb1q0Owxni0+kNjuSgEGHwI6ih7LieCR/Pg
mr7Ltb7v45lkPDK/qgtK2K9TcZUFexN41+DahZzntnGsTmFV91WlXXV9TvyOjqsJ
Snniu1UvBAdBpz6YZbLMdDqj3Jhe
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:46 2024 by rpki-client on console-fra.rpki-client.org