Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C8F9E7FA5EEC11EF8B7C6674762E951A.roa
File: C8F9E7FA5EEC11EF8B7C6674762E951A.roa (raw, json)
Hash identifier: ppiVVshz59ps1yOUo2QdRs7fHdyo+F92ryMmnEAPCpU=
Subject key identifier: 20:C3:ED:90:CD:A5:67:8B:D5:EE:06:96:1E:23:9E:D2:A2:EC:7E:C9
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: A9A8
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C8F9E7FA5EEC11EF8B7C6674762E951A.roa
Signing time: Tue 20 Aug 2024 12:07:35 +0000
ROA not before: Tue 20 Aug 2024 12:07:32 +0000
ROA not after: Tue 27 May 2025 12:07:32 +0000
asID: 399077
IP address blocks: 156.251.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43432 (0xa9a8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Aug 20 12:07:32 2024 GMT
Not After : May 27 12:07:32 2025 GMT
Subject: CN=66c48707-afd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:b2:c6:c3:e3:7e:2c:96:2c:5a:d0:1e:76:87:
5a:b8:12:9b:6f:d7:3b:a0:1f:19:9f:24:25:79:24:
90:79:38:34:ee:a4:6c:16:ae:8d:e5:99:fb:10:2a:
7c:fb:c3:91:dd:8a:74:5f:c8:ab:b9:d1:f4:5e:a4:
76:80:e7:76:9a:c2:d2:d8:23:5a:39:3c:7d:c1:f1:
7f:2d:a7:fe:fe:d9:17:00:5c:c4:51:75:0c:b8:a7:
05:df:c1:ee:2d:bd:de:79:80:11:31:5d:4c:eb:9c:
b6:d6:80:7c:a3:25:d3:c4:22:5f:71:05:95:98:d7:
a3:c1:99:a8:6e:d8:f1:b4:19:94:62:b9:d0:26:46:
fb:99:06:8d:10:50:68:72:c3:e8:4a:67:9e:fe:03:
28:6d:76:c4:c8:93:19:50:22:6d:0e:3c:4d:36:e1:
19:0a:54:ef:9a:07:87:0a:79:59:06:27:11:76:99:
6c:5e:c9:49:79:7f:c6:bd:13:00:5a:1b:2f:9f:c7:
9e:0a:12:31:54:67:dd:88:7d:6f:a1:93:bf:c0:ac:
7f:43:a5:db:6c:58:d7:9b:ec:f1:ab:09:2b:ac:ed:
ff:a8:c2:6a:41:6c:f1:eb:69:ef:d7:7d:39:f7:fc:
5d:21:a8:7f:9f:e3:98:8b:09:d8:8c:a0:8d:ac:8d:
2b:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:C3:ED:90:CD:A5:67:8B:D5:EE:06:96:1E:23:9E:D2:A2:EC:7E:C9
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C8F9E7FA5EEC11EF8B7C6674762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.251.63.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:32:dd:b2:64:98:2d:0f:28:9d:f7:cc:ff:85:2f:ee:0c:e8:
21:a9:38:53:4f:2a:16:92:3e:f5:a4:c7:11:1e:cf:de:7e:b1:
de:33:6e:e8:90:1d:76:83:38:84:40:f5:52:01:28:df:41:fb:
74:b6:7f:46:67:64:6b:c5:e9:b2:67:75:98:5c:1a:7b:dc:1c:
cc:9e:0f:99:3b:d7:90:cf:15:5a:de:84:4b:ba:f0:4d:40:4d:
b5:1e:9a:92:43:46:5f:1c:d4:f9:02:fd:28:69:d4:e4:77:cc:
05:3e:e1:a6:ae:7b:5a:9b:7c:8e:45:9b:af:bd:75:47:78:0b:
22:7d:03:40:1b:37:32:d5:c0:d8:86:28:9b:c5:d2:12:91:d5:
b2:75:7d:18:57:14:c8:ff:1a:94:39:74:2c:47:3d:08:e7:8e:
26:01:64:e3:0c:f8:3a:85:57:3f:5e:c6:24:3e:54:fc:cc:ce:
bb:2b:24:f4:16:ca:78:85:d6:c1:49:c9:77:ad:55:54:5f:80:
8e:72:7f:e1:61:10:3f:61:5c:49:c2:76:f9:c4:63:6d:35:ec:
d4:cf:1a:63:c1:3c:b3:5e:5f:5c:eb:b0:93:b0:d5:30:0f:b4:
5b:d2:93:68:88:76:4c:13:7f:57:07:95:3f:28:d7:20:95:03:
56:f5:8c:e4
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAKmoMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwODIwMTIwNzMyWhcNMjUwNTI3MTIwNzMyWjAYMRYw
FAYDVQQDEw02NmM0ODcwNy1hZmQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1rLGw+N+LJYsWtAedodauBKbb9c7oB8ZnyQleSSQeTg07qRsFq6N5Zn7
ECp8+8OR3Yp0X8irudH0XqR2gOd2msLS2CNaOTx9wfF/Laf+/tkXAFzEUXUMuKcF
38HuLb3eeYARMV1M65y21oB8oyXTxCJfcQWVmNejwZmobtjxtBmUYrnQJkb7mQaN
EFBocsPoSmee/gMobXbEyJMZUCJtDjxNNuEZClTvmgeHCnlZBicRdplsXslJeX/G
vRMAWhsvn8eeChIxVGfdiH1voZO/wKx/Q6XbbFjXm+zxqwkrrO3/qMJqQWzx62nv
13059/xdIah/n+OYiwnYjKCNrI0rDQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCDD
7ZDNpWeL1e4Glh4jntKi7H7JMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DOEY5RTdGQTVFRUMxMUVGOEI3QzY2NzQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPs/MA0GCSqGSIb3DQEBCwUA
A4IBAQBsMt2yZJgtDyid98z/hS/uDOghqThTTyoWkj71pMcRHs/efrHeM27okB12
gziEQPVSASjfQft0tn9GZ2RrxemyZ3WYXBp73BzMng+ZO9eQzxVa3oRLuvBNQE21
HpqSQ0ZfHNT5Av0oadTkd8wFPuGmrntam3yORZuvvXVHeAsifQNAGzcy1cDYhiib
xdISkdWydX0YVxTI/xqUOXQsRz0I544mAWTjDPg6hVc/XsYkPlT8zM67KyT0Fsp4
hdbBScl3rVVUX4COcn/hYRA/YVxJwnb5xGNtNezUzxpjwTyzXl9c67CTsNUwD7Rb
0pNoiHZME39XB5U/KNcglQNW9Yzk
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:47 2024 by rpki-client on console-fra.rpki-client.org