Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C62E3B1E9B8911EFA8D90A5D762E951A.roa
File: C62E3B1E9B8911EFA8D90A5D762E951A.roa (raw, json)
Hash identifier: bNEvV/BuLrzuXNOtupFiAEqUARGGakhwtD3Ez63ck0Y=
Subject key identifier: 0B:41:FA:56:D3:13:9F:42:C5:77:44:86:40:E8:E4:CB:1A:19:50:DD
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: CED7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C62E3B1E9B8911EFA8D90A5D762E951A.roa
Signing time: Tue 05 Nov 2024 15:22:31 +0000
ROA not before: Tue 05 Nov 2024 15:22:27 +0000
ROA not after: Wed 04 Dec 2024 15:22:27 +0000
asID: 200373
IP address blocks: 156.233.72.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 52951 (0xced7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 5 15:22:27 2024 GMT
Not After : Dec 4 15:22:27 2024 GMT
Subject: CN=672a3837-dbfb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:cf:f6:bd:8d:90:6c:bb:76:01:12:1d:88:34:
a6:c5:62:e3:b6:17:63:08:32:ab:f1:b9:44:a0:75:
be:09:cc:c9:56:87:32:bb:f7:79:b4:b8:20:de:69:
7b:48:ce:e9:e2:aa:47:ba:9c:6b:8c:48:fe:86:73:
51:27:80:f3:28:10:f5:85:47:30:43:4a:1b:8f:ff:
01:85:d6:99:b4:80:a6:a3:7e:5a:95:5a:cf:9e:ef:
ac:a2:12:55:ea:f2:d5:8c:78:38:b5:51:2d:64:f1:
6d:38:bf:72:c5:b8:66:cc:42:74:94:fc:f2:14:ce:
d3:b7:d1:b9:77:77:ee:5d:c5:b2:89:27:63:9e:24:
72:97:68:c5:96:e5:f7:f5:27:54:8c:ca:6f:89:ac:
fc:7a:ef:cc:3f:7b:7a:70:dd:1a:fd:17:98:88:38:
61:b2:4b:77:22:09:83:df:f4:b6:19:55:b1:a8:70:
10:b7:c5:39:15:8e:a2:cc:50:ad:13:e8:cf:d9:67:
4c:da:64:11:1b:1d:a1:e3:0b:3b:db:f9:db:8c:a9:
af:ab:f1:dd:46:26:d5:f5:49:e2:93:4c:d5:87:07:
61:31:4d:f3:ae:cc:54:78:b3:36:f6:05:66:ed:35:
be:94:74:72:a5:03:60:14:c5:b2:b2:f5:17:d7:1f:
94:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:41:FA:56:D3:13:9F:42:C5:77:44:86:40:E8:E4:CB:1A:19:50:DD
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C62E3B1E9B8911EFA8D90A5D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.72.0/22
Signature Algorithm: sha256WithRSAEncryption
48:1a:eb:c0:e0:7c:01:b3:89:e3:5e:88:64:2e:56:7f:8b:60:
6c:31:8e:6b:77:ef:4f:b0:05:e0:0c:d0:50:d9:ae:21:35:c4:
5f:ad:28:3a:73:fd:f3:d3:e7:e3:2b:9a:5e:7c:d2:8c:10:c6:
24:ea:a5:e3:d6:8e:e7:93:c5:53:3c:b3:75:19:9c:f7:c8:53:
26:0c:9e:fc:cf:c2:ea:99:27:84:4e:33:c1:76:a4:6e:3c:31:
8e:2e:23:31:49:86:19:ae:2b:90:de:17:d9:0d:77:9e:9b:f4:
4c:52:3e:b1:24:a5:05:1a:6b:7c:75:dd:e7:4c:2a:8b:ee:c5:
3b:09:03:89:30:e3:e2:77:d5:a0:fd:df:f0:15:46:2a:59:e8:
cc:6d:4d:74:c7:8e:4d:a6:53:80:e6:0e:35:d4:ac:b0:11:73:
a6:97:ef:d5:03:2a:b6:ae:d8:b3:9b:6f:a5:dc:63:d6:f6:f7:
b2:38:10:49:07:23:55:f8:a4:95:49:16:9e:f2:61:7b:f3:b1:
b6:da:fd:22:87:2c:b6:3a:97:94:4f:20:cc:5a:5c:b4:6f:9d:
f2:a4:ae:f2:f8:f7:1a:ec:65:26:d1:39:38:82:78:90:fd:a0:
3a:94:fb:13:0e:71:15:59:cb:d6:a7:c7:5d:19:2b:e7:10:8e:
c0:9d:fe:a6
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAM7XMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTA1MTUyMjI3WhcNMjQxMjA0MTUyMjI3WjAYMRYw
FAYDVQQDEw02NzJhMzgzNy1kYmZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuM/2vY2QbLt2ARIdiDSmxWLjthdjCDKr8blEoHW+CczJVocyu/d5tLgg
3ml7SM7p4qpHupxrjEj+hnNRJ4DzKBD1hUcwQ0obj/8BhdaZtICmo35alVrPnu+s
ohJV6vLVjHg4tVEtZPFtOL9yxbhmzEJ0lPzyFM7Tt9G5d3fuXcWyiSdjniRyl2jF
luX39SdUjMpviaz8eu/MP3t6cN0a/ReYiDhhskt3IgmD3/S2GVWxqHAQt8U5FY6i
zFCtE+jP2WdM2mQRGx2h4ws72/nbjKmvq/HdRibV9Unik0zVhwdhMU3zrsxUeLM2
9gVm7TW+lHRypQNgFMWysvUX1x+UjQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAtB
+lbTE59CxXdEhkDo5MsaGVDdMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DNjJFM0IxRTlCODkxMUVGQThEOTBBNUQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnOlIMA0GCSqGSIb3DQEBCwUA
A4IBAQBIGuvA4HwBs4njXohkLlZ/i2BsMY5rd+9PsAXgDNBQ2a4hNcRfrSg6c/3z
0+fjK5pefNKMEMYk6qXj1o7nk8VTPLN1GZz3yFMmDJ78z8LqmSeETjPBdqRuPDGO
LiMxSYYZriuQ3hfZDXeem/RMUj6xJKUFGmt8dd3nTCqL7sU7CQOJMOPid9Wg/d/w
FUYqWejMbU10x45NplOA5g411KywEXOml+/VAyq2rtizm2+l3GPW9veyOBBJByNV
+KSVSRae8mF787G22v0ihyy2OpeUTyDMWly0b53ypK7y+Pca7GUm0Tk4gniQ/aA6
lPsTDnEVWcvWp8ddGSvnEI7Anf6m
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:49 2024 by rpki-client on console-ams.rpki-client.org