Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C2947EF4766911EFBD2E1B62762E951A.roa
File: C2947EF4766911EFBD2E1B62762E951A.roa (raw, json)
Hash identifier: TrWQeGemOrRyHX4p9EvdHloGU0a+lf1+C9rloC6tQI0=
Subject key identifier: 45:5C:82:0C:47:D7:CA:B8:2D:D2:CA:79:C4:11:1D:6A:17:05:93:07
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: B813
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C2947EF4766911EFBD2E1B62762E951A.roa
Signing time: Thu 19 Sep 2024 09:30:08 +0000
ROA not before: Thu 19 Sep 2024 09:30:04 +0000
ROA not after: Fri 08 Aug 2025 09:30:04 +0000
asID: 133199
IP address blocks: 156.245.28.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 47123 (0xb813)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 19 09:30:04 2024 GMT
Not After : Aug 8 09:30:04 2025 GMT
Subject: CN=66ebef20-ba1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:af:a9:0c:87:bb:37:22:d3:89:57:8d:37:ee:
73:1d:cc:71:81:2c:7d:47:f1:94:a9:23:11:89:81:
2a:29:38:b1:a0:6e:ce:4f:97:30:43:21:40:c3:9f:
90:92:55:bc:bc:0c:7a:8f:7e:1e:59:1f:3c:0b:44:
fc:80:ac:5e:f5:28:03:c6:e1:ed:61:c9:f2:e0:4b:
49:db:d5:99:c9:e2:dd:43:11:d5:be:f4:20:c4:ee:
a5:c0:71:41:f6:c5:18:10:50:f4:60:cd:27:91:58:
48:5b:7a:8d:80:52:ca:55:d2:ce:fe:d9:1e:2a:ae:
5a:4e:cf:a7:b1:29:3f:7c:ac:6e:27:fe:ac:62:02:
89:34:50:00:5a:6b:66:54:bf:ad:b4:29:0a:0e:e0:
88:08:75:1e:a4:19:6d:18:f5:27:9d:25:86:35:d2:
bf:0c:8c:41:7e:6e:ca:02:cd:67:5d:3e:01:1c:5e:
fe:87:11:79:4d:2d:d9:4e:8a:f7:1e:fb:11:5f:f3:
dd:48:41:45:e8:17:36:aa:b3:f9:4a:fe:8d:95:50:
46:1f:b3:2e:f2:9b:33:e8:ff:e3:c9:eb:de:92:b5:
a7:30:2b:29:da:a8:89:27:2a:27:75:44:7d:9e:a1:
a8:58:c5:59:9a:68:42:74:8d:c0:f1:1e:56:51:18:
99:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:5C:82:0C:47:D7:CA:B8:2D:D2:CA:79:C4:11:1D:6A:17:05:93:07
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C2947EF4766911EFBD2E1B62762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.245.28.0/23
Signature Algorithm: sha256WithRSAEncryption
93:0c:4a:dd:11:20:cc:e0:29:31:1b:ac:90:ea:05:7e:6a:47:
70:08:bf:52:6e:b1:69:6b:11:8f:f7:a7:80:a4:6f:f1:ae:75:
71:c2:0c:53:16:b5:d4:02:ca:7e:fe:88:bf:f4:2e:a4:a9:a8:
38:84:e4:2e:4a:3b:34:f5:52:85:75:e8:8f:00:4a:fa:03:0e:
6b:05:97:e6:71:be:34:90:50:9c:94:83:1e:7d:28:fa:cd:ba:
94:f4:56:1d:a8:4a:ca:3a:b5:5f:1c:e8:fa:63:c0:37:8a:97:
f2:c0:b2:fc:38:40:27:aa:93:f6:df:94:16:16:57:b6:dd:d0:
d1:fd:ef:ee:5b:0a:bb:31:e7:43:58:6b:6b:a3:ba:00:76:58:
69:5d:64:06:34:29:be:01:05:98:b8:ce:ff:50:cd:16:75:b0:
4f:0b:74:61:65:3b:f0:e7:cf:e0:99:bc:1d:31:f0:5e:72:84:
aa:39:bd:ab:92:63:f2:35:53:5f:f2:03:38:6a:d9:a8:38:bd:
40:a0:81:9b:97:c3:d4:06:2b:42:00:ad:45:dd:3b:4c:c9:a0:
f5:8a:28:f7:6c:a7:f6:c3:b3:5a:10:25:05:1b:f9:37:48:2a:
61:6d:5f:f9:82:1c:48:2e:74:1e:d1:50:64:83:b8:4b:dd:28:
ae:af:6a:40
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDALgTMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwOTE5MDkzMDA0WhcNMjUwODA4MDkzMDA0WjAYMRYw
FAYDVQQDEw02NmViZWYyMC1iYTFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvq+pDIe7NyLTiVeNN+5zHcxxgSx9R/GUqSMRiYEqKTixoG7OT5cwQyFA
w5+QklW8vAx6j34eWR88C0T8gKxe9SgDxuHtYcny4EtJ29WZyeLdQxHVvvQgxO6l
wHFB9sUYEFD0YM0nkVhIW3qNgFLKVdLO/tkeKq5aTs+nsSk/fKxuJ/6sYgKJNFAA
WmtmVL+ttCkKDuCICHUepBltGPUnnSWGNdK/DIxBfm7KAs1nXT4BHF7+hxF5TS3Z
Tor3HvsRX/PdSEFF6Bc2qrP5Sv6NlVBGH7Mu8psz6P/jyevekrWnMCsp2qiJJyon
dUR9nqGoWMVZmmhCdI3A8R5WURiZRQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEVc
ggxH18q4LdLKecQRHWoXBZMHMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DMjk0N0VGNDc2NjkxMUVGQkQyRTFCNjI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnPUcMA0GCSqGSIb3DQEBCwUA
A4IBAQCTDErdESDM4CkxG6yQ6gV+akdwCL9SbrFpaxGP96eApG/xrnVxwgxTFrXU
Asp+/oi/9C6kqag4hOQuSjs09VKFdeiPAEr6Aw5rBZfmcb40kFCclIMefSj6zbqU
9FYdqErKOrVfHOj6Y8A3ipfywLL8OEAnqpP235QWFle23dDR/e/uWwq7MedDWGtr
o7oAdlhpXWQGNCm+AQWYuM7/UM0WdbBPC3RhZTvw58/gmbwdMfBecoSqOb2rkmPy
NVNf8gM4atmoOL1AoIGbl8PUBitCAK1F3TtMyaD1iij3bKf2w7NaECUFG/k3SCph
bV/5ghxILnQe0VBkg7hL3Siur2pA
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:46 2024 by rpki-client on console-fra.rpki-client.org