Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CD5E920C5EEF11EF959E2589762E951A.roa
File: CD5E920C5EEF11EF959E2589762E951A.roa (raw, json)
Hash identifier: cg4uVauxo0pZFAaI9Dnq8SYjZW7fZeYIS1F8S3JH/2I=
Subject key identifier: 12:DC:6C:D5:8E:6C:57:5B:FB:9E:80:F7:59:06:4F:93:BE:D2:D2:C2
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: A9CC
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CD5E920C5EEF11EF959E2589762E951A.roa
Signing time: Tue 20 Aug 2024 12:29:11 +0000
ROA not before: Tue 20 Aug 2024 12:28:55 +0000
ROA not after: Tue 27 May 2025 12:28:55 +0000
asID: 399077
IP address blocks: 156.251.41.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43468 (0xa9cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Aug 20 12:28:55 2024 GMT
Not After : May 27 12:28:55 2025 GMT
Subject: CN=66c48c17-beed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:74:27:2d:29:81:6d:1e:d2:2c:32:c1:44:31:
8c:06:01:05:a6:51:37:3d:a2:1f:15:33:86:f8:fa:
99:d6:04:bc:43:11:fb:d0:1b:4b:52:90:e9:e7:9f:
2e:d6:8a:d1:a8:74:c9:a0:88:e5:7d:6e:78:d4:96:
32:f3:36:b4:ea:57:a3:50:de:ee:07:c5:c3:f7:ef:
45:76:dc:e0:0e:22:4b:f3:e9:75:39:ea:58:d6:82:
8f:f9:6d:d7:45:6a:3c:04:8e:0a:22:b2:ba:7b:0d:
e4:3a:55:42:84:55:b3:de:82:60:0f:e6:ef:e5:3e:
a1:31:96:68:1f:4f:85:8c:aa:c7:23:2c:fd:22:fd:
ad:c6:4a:61:e3:50:34:80:1d:ac:f5:51:a5:57:6c:
a0:16:10:28:f3:a0:4a:de:36:bd:50:47:b7:71:89:
81:eb:ff:12:ac:cd:ba:d2:01:29:49:e1:4e:1a:bd:
a8:f0:e4:f1:43:ad:53:d7:f4:04:f9:2b:bd:fc:00:
d1:9f:a9:63:c0:42:ac:94:25:2b:1e:fc:c9:82:57:
91:fd:de:e8:40:3a:ff:3b:a0:b7:0f:2e:1b:56:20:
68:4e:3e:ba:b8:63:7c:1e:5a:cf:af:06:74:2f:b6:
81:46:ef:e3:6f:ba:43:52:e8:53:b7:06:76:6f:ba:
ab:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:DC:6C:D5:8E:6C:57:5B:FB:9E:80:F7:59:06:4F:93:BE:D2:D2:C2
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CD5E920C5EEF11EF959E2589762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.251.41.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:62:16:5e:b9:40:8b:1b:91:95:f2:bc:d2:10:01:ff:f7:2b:
c6:f1:25:da:fd:5e:6d:5b:e5:1f:ed:ba:2d:19:1b:ae:45:41:
32:73:84:3f:7a:73:b7:0e:71:12:57:4c:81:a2:e9:1e:b6:3b:
04:35:33:2d:e2:6b:4d:6e:02:db:1c:ad:a6:a2:29:97:2f:e9:
1e:3a:9d:ba:91:8f:15:60:69:53:81:d4:f2:10:c1:42:cd:f8:
db:24:be:98:7e:e7:c7:24:47:65:7e:c9:ee:a0:03:fb:4c:10:
fd:b9:9c:37:99:11:08:07:cd:cd:65:0c:fa:93:9d:8f:7c:ec:
b9:10:65:1f:61:19:b3:32:a6:e7:be:ed:e2:e6:76:f2:92:e3:
d1:61:33:3c:f2:68:3f:25:3a:35:04:37:a1:c1:17:62:99:18:
18:bd:ff:8b:0c:5e:06:77:88:45:58:f7:85:7b:3a:64:80:8d:
22:ea:a6:51:02:63:c7:ec:e9:70:80:71:45:d9:32:ba:0e:8b:
e9:14:f6:37:c9:7f:ea:53:ab:90:d6:0c:4e:8d:ce:99:86:17:
16:bb:c4:17:48:38:07:cc:3f:11:fc:13:1a:bb:c3:16:c7:76:
d9:2b:d6:db:c7:70:89:5f:9f:e3:ff:72:93:b3:9b:09:b9:8f:
54:f9:68:70
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAKnMMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwODIwMTIyODU1WhcNMjUwNTI3MTIyODU1WjAYMRYw
FAYDVQQDEw02NmM0OGMxNy1iZWVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmXQnLSmBbR7SLDLBRDGMBgEFplE3PaIfFTOG+PqZ1gS8QxH70BtLUpDp
558u1orRqHTJoIjlfW541JYy8za06lejUN7uB8XD9+9FdtzgDiJL8+l1OepY1oKP
+W3XRWo8BI4KIrK6ew3kOlVChFWz3oJgD+bv5T6hMZZoH0+FjKrHIyz9Iv2txkph
41A0gB2s9VGlV2ygFhAo86BK3ja9UEe3cYmB6/8SrM260gEpSeFOGr2o8OTxQ61T
1/QE+Su9/ADRn6ljwEKslCUrHvzJgleR/d7oQDr/O6C3Dy4bViBoTj66uGN8HlrP
rwZ0L7aBRu/jb7pDUuhTtwZ2b7qriQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBLc
bNWObFdb+56A91kGT5O+0tLCMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DRDVFOTIwQzVFRUYxMUVGOTU5RTI1ODk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPspMA0GCSqGSIb3DQEBCwUA
A4IBAQCaYhZeuUCLG5GV8rzSEAH/9yvG8SXa/V5tW+Uf7botGRuuRUEyc4Q/enO3
DnESV0yBouketjsENTMt4mtNbgLbHK2moimXL+keOp26kY8VYGlTgdTyEMFCzfjb
JL6YfufHJEdlfsnuoAP7TBD9uZw3mREIB83NZQz6k52PfOy5EGUfYRmzMqbnvu3i
5nbykuPRYTM88mg/JTo1BDehwRdimRgYvf+LDF4Gd4hFWPeFezpkgI0i6qZRAmPH
7OlwgHFF2TK6DovpFPY3yX/qU6uQ1gxOjc6ZhhcWu8QXSDgHzD8R/BMau8MWx3bZ
K9bbx3CJX5/j/3KTs5sJuY9U+Whw
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:48 2024 by rpki-client on console-fra.rpki-client.org