Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D31C0CE8A45311EF83B0E95A762E951A.roa
File: D31C0CE8A45311EF83B0E95A762E951A.roa (raw, json)
Hash identifier: u55oLEA6qhKvLltMaw20u32pKUV6x2uukonfJ5eLSZw=
Subject key identifier: 01:E8:F3:4F:0A:AC:2F:84:81:D3:F0:26:04:66:0E:56:9C:C0:D9:B5
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D3DC
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D31C0CE8A45311EF83B0E95A762E951A.roa
Signing time: Sat 16 Nov 2024 19:49:00 +0000
ROA not before: Sat 16 Nov 2024 19:48:55 +0000
ROA not after: Tue 26 Nov 2024 19:48:55 +0000
asID: 5068
IP address blocks: 156.245.192.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 54236 (0xd3dc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 16 19:48:55 2024 GMT
Not After : Nov 26 19:48:55 2024 GMT
Subject: CN=6738f72c-14de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:83:43:88:b4:14:f8:ef:fa:c4:c6:08:64:b5:
7d:60:a3:7c:bd:b1:49:01:50:e9:29:a9:9d:7c:ad:
04:27:33:7f:09:fd:00:ed:82:ba:8c:1f:25:c2:a2:
b6:11:b2:d7:50:7c:a7:2b:81:40:2f:e4:ec:14:50:
e5:1c:88:6c:1d:6f:ab:f7:29:27:bd:3d:36:f2:2b:
a1:3e:cd:e0:a7:88:35:83:a6:b6:45:3a:91:c5:ca:
c0:00:b2:c3:df:78:80:39:f6:16:44:1c:6f:7f:d3:
f1:88:aa:74:4b:36:6c:38:6d:6f:cf:56:51:48:51:
5d:c0:60:84:12:60:57:c7:72:4d:f8:0f:c2:ba:2b:
d8:a5:c3:8c:7e:96:4a:3f:b1:88:6e:ff:e9:93:c9:
72:94:c9:42:a0:c5:39:9c:fe:0b:07:e9:c8:75:ab:
74:54:b5:c6:61:22:ac:f9:33:b1:c3:70:46:79:b3:
bc:d0:99:03:a2:ab:7d:de:b4:6a:75:18:8f:cf:80:
65:d9:7f:5d:03:90:e9:9f:1a:7d:5a:6c:d5:1c:20:
48:6b:13:da:87:1c:77:73:1b:90:36:4f:cf:e9:c6:
37:aa:5c:8e:d4:ee:95:31:da:21:6b:9b:4e:1b:aa:
39:70:c8:f7:e6:fe:d7:8b:83:16:39:cb:8b:3c:be:
80:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:E8:F3:4F:0A:AC:2F:84:81:D3:F0:26:04:66:0E:56:9C:C0:D9:B5
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D31C0CE8A45311EF83B0E95A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.245.192.0/23
Signature Algorithm: sha256WithRSAEncryption
2c:14:e7:f9:83:9f:a4:c2:1a:8d:57:16:8b:39:d8:55:28:6d:
78:38:4d:ab:f9:79:d8:12:bd:31:1b:98:6d:2d:ee:e6:ae:39:
20:7a:41:83:fa:1d:5b:59:08:fb:92:25:59:58:bd:ad:f1:da:
96:f3:df:33:73:b3:73:fc:35:2b:e2:b2:77:21:9d:68:33:9b:
e4:3d:82:20:59:3c:47:5a:00:3d:ce:d9:a5:81:af:aa:8c:7c:
39:d4:b0:a0:b9:fe:5c:41:10:6a:ab:5b:80:d4:a7:7c:e8:a4:
07:f5:03:1b:a8:65:31:71:00:11:ab:43:7f:0d:5f:f4:c0:3a:
b4:cd:09:9d:5a:cb:28:1f:bb:58:2e:3c:68:0e:d7:70:63:c3:
b6:fb:81:4e:a9:33:25:3d:39:7d:e4:cb:9d:08:5c:e4:25:2a:
21:03:ba:97:a6:6c:5d:50:e0:22:71:46:48:af:07:25:65:7e:
bc:62:ee:d5:52:7c:94:11:e1:5a:88:94:e9:e2:fc:4a:be:09:
fd:2f:c3:7a:90:90:f0:85:c3:ad:3a:22:a5:23:9c:f8:6d:16:
ec:fb:c1:3d:cf:c1:c3:17:56:dc:a8:b7:af:93:92:17:e2:06:
0a:66:9b:46:8d:16:0a:c3:42:74:72:53:4a:d8:e2:5d:f0:5b:
d1:41:8f:bb
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANPcMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTE2MTk0ODU1WhcNMjQxMTI2MTk0ODU1WjAYMRYw
FAYDVQQDEw02NzM4ZjcyYy0xNGRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA04NDiLQU+O/6xMYIZLV9YKN8vbFJAVDpKamdfK0EJzN/Cf0A7YK6jB8l
wqK2EbLXUHynK4FAL+TsFFDlHIhsHW+r9yknvT028iuhPs3gp4g1g6a2RTqRxcrA
ALLD33iAOfYWRBxvf9PxiKp0SzZsOG1vz1ZRSFFdwGCEEmBXx3JN+A/CuivYpcOM
fpZKP7GIbv/pk8lylMlCoMU5nP4LB+nIdat0VLXGYSKs+TOxw3BGebO80JkDoqt9
3rRqdRiPz4Bl2X9dA5Dpnxp9WmzVHCBIaxPahxx3cxuQNk/P6cY3qlyO1O6VMdoh
a5tOG6o5cMj35v7Xi4MWOcuLPL6AlwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAHo
808KrC+EgdPwJgRmDlacwNm1MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EMzFDMENFOEE0NTMxMUVGODNCMEU5NUE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnPXAMA0GCSqGSIb3DQEBCwUA
A4IBAQAsFOf5g5+kwhqNVxaLOdhVKG14OE2r+XnYEr0xG5htLe7mrjkgekGD+h1b
WQj7kiVZWL2t8dqW898zc7Nz/DUr4rJ3IZ1oM5vkPYIgWTxHWgA9ztmlga+qjHw5
1LCguf5cQRBqq1uA1Kd86KQH9QMbqGUxcQARq0N/DV/0wDq0zQmdWssoH7tYLjxo
DtdwY8O2+4FOqTMlPTl95MudCFzkJSohA7qXpmxdUOAicUZIrwclZX68Yu7VUnyU
EeFaiJTp4vxKvgn9L8N6kJDwhcOtOiKlI5z4bRbs+8E9z8HDF1bcqLevk5IX4gYK
ZptGjRYKw0J0clNK2OJd8FvRQY+7
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:51 2024 by rpki-client on console-ams.rpki-client.org