Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D190DF5EA42E11EF85A83B74762E951A.roa
File: D190DF5EA42E11EF85A83B74762E951A.roa (raw, json)
Hash identifier: HpKf6wjZk3REfQsiSuz7/nRsV6NsUCM8Qm879jqHBpo=
Subject key identifier: B4:A1:9F:C8:AD:1E:0D:06:15:77:D6:81:54:C4:94:F5:75:C3:71:B8
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D32C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D190DF5EA42E11EF85A83B74762E951A.roa
Signing time: Sat 16 Nov 2024 15:24:06 +0000
ROA not before: Sat 16 Nov 2024 15:24:03 +0000
ROA not after: Wed 18 Dec 2024 15:24:03 +0000
asID: 213993
IP address blocks: 156.253.234.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 54060 (0xd32c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 16 15:24:03 2024 GMT
Not After : Dec 18 15:24:03 2024 GMT
Subject: CN=6738b916-ea3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:66:0f:49:83:5f:ba:aa:ed:af:62:dd:c5:ef:
74:ee:56:8f:c7:13:01:cd:fd:73:cd:21:3d:ac:07:
64:94:22:c8:b1:25:93:4a:a9:9d:72:6c:ea:66:94:
80:cb:45:58:ba:e1:e5:dc:37:87:77:f3:2c:1b:00:
7a:25:72:6c:89:fd:72:9d:4a:7f:08:39:06:9c:94:
50:b5:96:b8:70:83:97:75:ef:83:57:55:9d:58:2e:
49:25:9d:c2:2c:bf:d6:97:e6:71:5a:73:82:63:0b:
e4:40:f2:7d:53:ab:5c:5e:3d:e5:c2:14:0a:41:4f:
ec:08:90:19:a2:d3:e4:f6:c3:95:2b:4b:4f:7f:03:
f4:d1:8d:04:22:6e:9b:5e:a0:34:60:0a:9b:19:0c:
d4:7d:4a:96:46:18:77:9a:4b:bb:9e:7f:bd:2e:cf:
21:79:b8:f5:50:7a:10:37:37:d0:bc:8b:8f:95:e8:
73:64:58:80:03:0b:78:20:9b:db:e8:d6:e3:18:36:
48:28:5f:c4:69:1b:0b:2a:e9:68:35:bb:50:98:6d:
77:2a:58:81:a6:6e:9b:5f:02:4a:d5:08:fb:0e:37:
97:5a:8f:69:ef:95:f3:8f:3e:3a:66:9a:8a:e6:67:
7c:88:f8:0e:a0:2d:53:49:fd:c5:0c:48:eb:6f:1d:
31:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:A1:9F:C8:AD:1E:0D:06:15:77:D6:81:54:C4:94:F5:75:C3:71:B8
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D190DF5EA42E11EF85A83B74762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.253.234.0/23
Signature Algorithm: sha256WithRSAEncryption
2d:b2:e5:7d:98:2b:71:03:0f:89:97:98:c4:0d:8e:da:bc:e2:
61:e0:d6:04:50:5a:eb:c2:03:a4:ac:9f:9d:25:14:7a:d7:66:
eb:9d:02:24:f2:c3:35:20:1e:23:24:c9:aa:a6:35:69:af:7a:
fe:f6:ec:a3:c7:7d:91:b4:43:74:40:36:fe:fc:7c:32:2a:1e:
2d:94:a1:ae:a2:a2:4f:19:88:fc:25:31:f3:fd:73:46:84:39:
82:1e:53:e7:6f:9b:54:fd:f8:ea:92:0d:8a:86:41:3f:c1:66:
47:5f:76:47:be:0e:c4:e1:59:b4:64:3f:23:0d:ee:3e:e3:7b:
f6:0b:dd:ad:c9:5f:37:5f:2a:4c:11:7f:14:d2:58:fa:b7:77:
6e:42:f6:73:18:a7:2b:55:25:d3:ac:7c:cd:42:da:32:6d:95:
63:a8:e8:c3:2c:12:16:53:dc:76:5e:0b:48:a7:4c:03:86:1d:
49:65:52:57:14:80:d7:1a:2f:68:2c:58:78:cf:d7:f6:dd:63:
68:01:75:e2:f7:f2:23:80:b7:21:f9:0f:24:85:83:07:38:d2:
91:b3:17:c4:2c:a6:7a:39:9a:49:fc:1a:77:0a:de:90:16:5f:
47:70:02:9c:ea:4e:91:0f:22:56:91:5d:50:4f:52:c3:74:4b:
14:0d:4c:8f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANMsMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTE2MTUyNDAzWhcNMjQxMjE4MTUyNDAzWjAYMRYw
FAYDVQQDEw02NzM4YjkxNi1lYTNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqWYPSYNfuqrtr2Ldxe907laPxxMBzf1zzSE9rAdklCLIsSWTSqmdcmzq
ZpSAy0VYuuHl3DeHd/MsGwB6JXJsif1ynUp/CDkGnJRQtZa4cIOXde+DV1WdWC5J
JZ3CLL/Wl+ZxWnOCYwvkQPJ9U6tcXj3lwhQKQU/sCJAZotPk9sOVK0tPfwP00Y0E
Im6bXqA0YAqbGQzUfUqWRhh3mku7nn+9Ls8hebj1UHoQNzfQvIuPlehzZFiAAwt4
IJvb6NbjGDZIKF/EaRsLKuloNbtQmG13KliBpm6bXwJK1Qj7DjeXWo9p75Xzjz46
ZpqK5md8iPgOoC1TSf3FDEjrbx0x+QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLSh
n8itHg0GFXfWgVTElPV1w3G4MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EMTkwREY1RUE0MkUxMUVGODVBODNCNzQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnP3qMA0GCSqGSIb3DQEBCwUA
A4IBAQAtsuV9mCtxAw+Jl5jEDY7avOJh4NYEUFrrwgOkrJ+dJRR612brnQIk8sM1
IB4jJMmqpjVpr3r+9uyjx32RtEN0QDb+/HwyKh4tlKGuoqJPGYj8JTHz/XNGhDmC
HlPnb5tU/fjqkg2KhkE/wWZHX3ZHvg7E4Vm0ZD8jDe4+43v2C92tyV83XypMEX8U
0lj6t3duQvZzGKcrVSXTrHzNQtoybZVjqOjDLBIWU9x2XgtIp0wDhh1JZVJXFIDX
Gi9oLFh4z9f23WNoAXXi9/IjgLch+Q8khYMHONKRsxfELKZ6OZpJ/Bp3Ct6QFl9H
cAKc6k6RDyJWkV1QT1LDdEsUDUyP
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:48 2024 by rpki-client on console-fra.rpki-client.org