Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C75F40C8A45D11EFA5222599762E951A.roa
File: C75F40C8A45D11EFA5222599762E951A.roa (raw, json)
Hash identifier: Wkh/5e2zz/nypQ8v91DxTWNdQSN64S8qJsZWKHwnudU=
Subject key identifier: 25:A0:80:DC:F0:47:D4:DF:BA:42:32:AF:BE:46:20:D5:E0:BA:70:87
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D440
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C75F40C8A45D11EFA5222599762E951A.roa
Signing time: Sat 16 Nov 2024 21:00:16 +0000
ROA not before: Sat 16 Nov 2024 21:00:12 +0000
ROA not after: Fri 29 Nov 2024 21:00:12 +0000
asID: 198247
IP address blocks: 156.238.84.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 54336 (0xd440)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 16 21:00:12 2024 GMT
Not After : Nov 29 21:00:12 2024 GMT
Subject: CN=673907df-fc22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:1d:f0:3d:90:3a:39:a4:ca:1a:28:c9:db:1a:
4b:44:11:3f:e9:82:1a:09:45:d9:3f:f1:01:4c:ff:
41:41:33:c0:e3:0e:6e:c6:de:89:3d:ec:71:d1:ab:
d9:ba:54:c9:86:24:93:e2:d7:91:db:cf:2f:08:d4:
dc:78:43:de:7c:56:d2:53:b3:73:e1:d1:44:72:74:
c9:d0:6d:13:c3:a6:e3:5f:46:25:14:60:1b:c2:ed:
3a:df:46:b2:6b:42:ef:9e:c9:d2:a0:fe:0b:5d:c5:
02:b0:d8:28:9c:ec:80:c1:15:67:88:7c:d2:d3:d2:
21:d3:eb:a4:05:25:35:53:47:9e:55:26:4a:91:b4:
14:a3:d3:f2:0a:28:4f:56:76:e8:89:df:da:4c:a6:
98:ca:60:2c:54:4d:ac:51:61:e2:ed:af:3d:6c:99:
04:90:08:9d:1d:8b:ef:1e:47:41:65:f3:a2:7a:fc:
31:7f:35:37:53:69:e4:a6:21:93:f8:9c:9e:8f:21:
75:e8:d6:7f:5e:2c:75:a1:cf:0e:aa:e8:bf:05:ad:
f5:62:38:10:08:e7:3d:36:54:00:56:b7:65:11:89:
9d:f4:67:e8:5f:30:73:3a:6c:39:10:7f:e3:c0:74:
06:8d:11:36:0a:69:57:a4:59:e8:3f:e2:bb:3b:15:
45:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:A0:80:DC:F0:47:D4:DF:BA:42:32:AF:BE:46:20:D5:E0:BA:70:87
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C75F40C8A45D11EFA5222599762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.84.0/24
Signature Algorithm: sha256WithRSAEncryption
81:04:bd:f2:d9:70:2f:52:c2:a2:91:ae:63:eb:b9:98:c6:08:
ce:45:5b:27:6a:05:a0:f8:d8:67:04:d9:cf:30:fe:03:8c:6f:
29:20:3a:94:fe:3e:11:4e:3b:26:e7:32:22:07:f4:95:37:ca:
9c:a3:12:8a:1e:ea:a7:37:b4:32:61:6c:88:14:ae:2b:b9:b5:
1e:d3:a3:a1:7d:65:b8:a9:5e:16:ef:65:4c:66:fa:9f:36:10:
74:54:d0:c0:b3:53:7e:27:df:11:02:98:a0:5f:71:0e:91:6c:
39:9a:bf:d4:35:33:5a:86:b0:74:a4:41:01:34:3e:8f:46:6d:
75:ad:eb:52:cd:47:f9:22:a1:4e:34:42:50:24:0c:90:4b:b5:
a2:bd:4e:37:cc:ea:de:cd:c2:37:89:83:e6:8c:ff:97:38:ee:
62:63:4b:b6:16:be:f2:c7:4a:42:6a:d4:a1:bc:6a:85:38:17:
5b:58:fd:ea:82:06:b1:6f:2c:ab:1f:a0:04:49:52:df:68:79:
df:4a:28:23:80:43:04:f7:41:20:06:3a:e3:89:21:d6:41:f9:
b3:f1:3e:8b:18:7e:92:df:26:8d:af:de:da:dd:11:59:ad:33:
af:c7:83:73:79:cf:3a:dc:96:f1:9f:33:0b:08:8a:71:41:5f:
a3:f5:e9:de
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANRAMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTE2MjEwMDEyWhcNMjQxMTI5MjEwMDEyWjAYMRYw
FAYDVQQDEw02NzM5MDdkZi1mYzIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsR3wPZA6OaTKGijJ2xpLRBE/6YIaCUXZP/EBTP9BQTPA4w5uxt6JPexx
0avZulTJhiST4teR288vCNTceEPefFbSU7Nz4dFEcnTJ0G0Tw6bjX0YlFGAbwu06
30aya0LvnsnSoP4LXcUCsNgonOyAwRVniHzS09Ih0+ukBSU1U0eeVSZKkbQUo9Py
CihPVnboid/aTKaYymAsVE2sUWHi7a89bJkEkAidHYvvHkdBZfOievwxfzU3U2nk
piGT+JyejyF16NZ/Xix1oc8Oqui/Ba31YjgQCOc9NlQAVrdlEYmd9GfoXzBzOmw5
EH/jwHQGjRE2CmlXpFnoP+K7OxVFtwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCWg
gNzwR9TfukIyr75GINXgunCHMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DNzVGNDBDOEE0NUQxMUVGQTUyMjI1OTk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO5UMA0GCSqGSIb3DQEBCwUA
A4IBAQCBBL3y2XAvUsKika5j67mYxgjORVsnagWg+NhnBNnPMP4DjG8pIDqU/j4R
Tjsm5zIiB/SVN8qcoxKKHuqnN7QyYWyIFK4rubUe06OhfWW4qV4W72VMZvqfNhB0
VNDAs1N+J98RApigX3EOkWw5mr/UNTNahrB0pEEBND6PRm11retSzUf5IqFONEJQ
JAyQS7WivU43zOrezcI3iYPmjP+XOO5iY0u2Fr7yx0pCatShvGqFOBdbWP3qggax
byyrH6AESVLfaHnfSigjgEME90EgBjrjiSHWQfmz8T6LGH6S3yaNr97a3RFZrTOv
x4Nzec863JbxnzMLCIpxQV+j9ene
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:47 2024 by rpki-client on console-fra.rpki-client.org