Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C3BF4C3CA0E411EFA4DD3295762E951A.roa
File: C3BF4C3CA0E411EFA4DD3295762E951A.roa (raw, json)
Hash identifier: SGbz8/vabYtrNCpK2QewilaiBdb0RLXXcFAaRT3tpdw=
Subject key identifier: 1F:09:EE:BD:CC:D2:1F:EC:54:77:F0:E7:67:DD:45:CE:A7:8B:56:F5
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D1B5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C3BF4C3CA0E411EFA4DD3295762E951A.roa
Signing time: Tue 12 Nov 2024 10:56:27 +0000
ROA not before: Tue 12 Nov 2024 10:56:23 +0000
ROA not after: Fri 22 Nov 2024 10:56:23 +0000
asID: 39600
IP address blocks: 156.238.136.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 22 Nov 2024 10:56:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 53685 (0xd1b5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 12 10:56:23 2024 GMT
Not After : Nov 22 10:56:23 2024 GMT
Subject: CN=6733345b-9163
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:32:38:eb:c9:f4:5f:1c:ef:55:8a:7c:af:79:
92:27:73:89:61:42:6b:d7:a6:19:1e:95:06:9b:a7:
40:90:a8:07:18:de:51:ba:a7:36:91:0d:78:b5:20:
08:bb:09:d6:20:dd:ed:3d:d0:8c:e0:1e:13:0a:77:
61:c6:a5:01:b9:fc:bb:30:2d:52:54:26:0a:96:dd:
f4:97:53:c2:0f:32:40:aa:d2:3d:43:9b:dd:f4:4d:
2f:2c:90:28:0e:f3:8b:d5:4e:6f:ee:51:ab:5b:b7:
86:1b:89:30:03:a9:56:64:b0:76:c3:cf:78:ca:54:
ce:c7:b4:71:5e:a3:6c:2c:17:b2:67:a2:93:ac:e5:
af:aa:0f:ff:cc:8c:2d:60:a2:97:e4:5f:0a:03:13:
ce:cb:15:4b:8b:ea:35:7a:5f:b4:b8:2b:70:de:68:
e1:29:78:f4:20:6a:7d:54:79:1c:d2:51:c3:87:0e:
95:98:a1:48:1e:a1:12:12:18:fe:6d:e3:65:19:c8:
b9:c2:d8:34:47:41:f4:6c:15:52:5c:79:34:8b:b8:
8f:af:b4:5a:da:a7:3a:45:15:3d:9b:65:24:ec:2f:
c4:bf:89:8e:ab:d2:39:40:a0:81:57:b0:0f:54:02:
26:98:4a:cf:ec:90:1b:5d:37:a5:96:7c:94:5d:17:
7e:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:09:EE:BD:CC:D2:1F:EC:54:77:F0:E7:67:DD:45:CE:A7:8B:56:F5
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C3BF4C3CA0E411EFA4DD3295762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.136.0/21
Signature Algorithm: sha256WithRSAEncryption
10:f2:1d:dd:86:62:f9:20:af:e1:7a:9b:ed:20:0f:6c:de:21:
ba:6b:44:94:da:11:57:61:4f:99:32:b7:40:46:7a:f2:ab:ad:
93:bc:95:f4:4e:dd:de:8f:ed:19:a0:8f:d9:32:ae:fe:6c:49:
26:93:44:6b:51:38:35:89:6d:c3:ed:0a:e5:48:5b:49:9d:a3:
0f:be:2d:ac:4c:b4:39:90:61:e6:dd:64:b7:af:48:fa:47:ce:
e4:bd:5f:19:74:c1:89:1e:fc:72:3e:f1:37:55:53:f0:ad:68:
23:6c:fe:5c:7d:ba:4e:eb:90:f1:08:98:d4:6a:1c:0d:e4:aa:
bd:c0:22:6f:ab:12:5d:4b:23:c4:1b:59:0f:12:e9:25:7d:33:
69:a4:26:e6:83:53:7a:08:44:96:62:5d:e8:c8:84:03:a6:c1:
9b:54:da:f7:8c:23:dc:b4:00:a8:5d:e9:b3:42:59:d4:3a:df:
6c:34:7b:23:7e:22:2b:7d:5d:e1:b8:b0:dd:c4:af:b9:94:3b:
8d:5f:cd:51:67:1c:d1:28:2b:63:1d:66:ce:9a:92:b8:cb:d7:
58:3d:02:1e:82:7f:4e:9c:1b:91:7f:a2:d6:bb:33:8c:c5:58:
c1:fc:c4:4a:5e:93:6f:2d:4a:df:77:3c:e8:e2:de:bb:02:68:
07:a1:4c:1a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANG1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTEyMTA1NjIzWhcNMjQxMTIyMTA1NjIzWjAYMRYw
FAYDVQQDEw02NzMzMzQ1Yi05MTYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvDI468n0XxzvVYp8r3mSJ3OJYUJr16YZHpUGm6dAkKgHGN5Ruqc2kQ14
tSAIuwnWIN3tPdCM4B4TCndhxqUBufy7MC1SVCYKlt30l1PCDzJAqtI9Q5vd9E0v
LJAoDvOL1U5v7lGrW7eGG4kwA6lWZLB2w894ylTOx7RxXqNsLBeyZ6KTrOWvqg//
zIwtYKKX5F8KAxPOyxVLi+o1el+0uCtw3mjhKXj0IGp9VHkc0lHDhw6VmKFIHqES
Ehj+beNlGci5wtg0R0H0bBVSXHk0i7iPr7Ra2qc6RRU9m2Uk7C/Ev4mOq9I5QKCB
V7APVAImmErP7JAbXTellnyUXRd+3QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFB8J
7r3M0h/sVHfw52fdRc6ni1b1MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DM0JGNEMzQ0EwRTQxMUVGQTRERDMyOTU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnO6IMA0GCSqGSIb3DQEBCwUA
A4IBAQAQ8h3dhmL5IK/hepvtIA9s3iG6a0SU2hFXYU+ZMrdARnryq62TvJX0Tt3e
j+0ZoI/ZMq7+bEkmk0RrUTg1iW3D7QrlSFtJnaMPvi2sTLQ5kGHm3WS3r0j6R87k
vV8ZdMGJHvxyPvE3VVPwrWgjbP5cfbpO65DxCJjUahwN5Kq9wCJvqxJdSyPEG1kP
EuklfTNppCbmg1N6CESWYl3oyIQDpsGbVNr3jCPctACoXemzQlnUOt9sNHsjfiIr
fV3huLDdxK+5lDuNX81RZxzRKCtjHWbOmpK4y9dYPQIegn9OnBuRf6LWuzOMxVjB
/MRKXpNvLUrfdzzo4t67AmgHoUwa
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:46 2024 by rpki-client on console-fra.rpki-client.org