Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D49AA3009EAD11EFB28452A4762E951A.roa
File: D49AA3009EAD11EFB28452A4762E951A.roa (raw, json)
Hash identifier: zCuN98s+BEDfBa4Edpp5fIMD/zLHBaPKHUE418FXO1w=
Subject key identifier: 38:CF:FD:97:32:A7:06:AF:5E:BA:7D:F5:F2:A1:6D:FA:80:7F:E3:40
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D02B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D49AA3009EAD11EFB28452A4762E951A.roa
Signing time: Sat 09 Nov 2024 15:18:11 +0000
ROA not before: Sat 09 Nov 2024 15:18:07 +0000
ROA not after: Sun 14 Sep 2025 15:18:07 +0000
asID: 152920
IP address blocks: 156.237.104.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 53291 (0xd02b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 9 15:18:07 2024 GMT
Not After : Sep 14 15:18:07 2025 GMT
Subject: CN=672f7d32-9b84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:ad:d5:4b:d1:00:21:e9:3c:20:2d:2a:12:6a:
bf:9c:92:22:41:51:97:5e:23:15:cf:e2:f2:99:0f:
c4:dc:dd:9c:d7:ff:68:88:b0:61:b4:39:73:c0:7e:
d4:d0:e5:1e:51:90:48:74:07:7d:46:94:9b:fc:25:
0c:18:45:28:71:6b:2b:f0:b1:9a:30:15:b9:8c:e1:
28:ac:bf:e8:1d:9b:43:59:46:54:42:20:78:bc:ef:
11:93:cd:3c:31:54:b1:99:a9:3f:ca:de:63:c6:c6:
da:96:01:28:c5:b9:de:01:09:73:a9:78:6e:ea:8f:
34:42:3a:f9:2a:ac:13:0e:0b:46:65:f1:6e:ec:bf:
75:bb:f6:b6:84:52:e5:28:90:2f:09:f4:0b:a4:c3:
ed:a5:80:6f:98:e8:51:10:09:a5:2f:86:68:92:c6:
11:47:ff:d3:73:c1:e1:e3:42:a8:c4:33:67:27:44:
8b:d6:f2:61:44:64:75:d6:28:01:76:61:8f:45:a7:
29:57:68:9e:e5:ed:fb:0a:ae:06:8d:1b:a5:a1:88:
87:33:ff:3f:43:ee:42:2e:2a:60:7b:43:82:b3:a6:
05:35:95:7d:d0:f5:25:00:c9:89:a6:6e:64:a4:d5:
45:69:04:b1:ec:63:82:5e:6b:c2:77:f0:76:a7:78:
b4:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:CF:FD:97:32:A7:06:AF:5E:BA:7D:F5:F2:A1:6D:FA:80:7F:E3:40
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D49AA3009EAD11EFB28452A4762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.237.104.0/23
Signature Algorithm: sha256WithRSAEncryption
6b:55:ef:1b:65:43:f6:18:7b:5f:54:bd:4b:7c:1e:68:46:2f:
63:bf:7b:73:88:7e:57:f3:ba:f2:2b:ad:09:a9:82:a4:23:8a:
77:69:06:d1:0e:3f:3e:fe:ff:86:6f:12:10:8a:f9:53:90:f4:
da:9d:1c:eb:c9:b7:56:8d:65:9e:3c:87:8c:50:41:56:86:c7:
09:19:06:1f:d6:a5:f5:59:76:ab:55:85:25:f2:0d:11:ac:b0:
2c:88:14:f2:72:52:7b:39:2a:22:e9:35:a8:6c:e6:37:22:0c:
fd:75:04:e4:c8:57:64:dc:2c:2c:11:05:b9:eb:34:0d:db:b6:
ae:2a:4d:ad:54:87:0e:70:a6:2a:ac:b9:d8:93:16:44:2b:04:
02:6b:d1:49:3e:e0:40:2d:24:97:58:98:76:ed:50:0e:ac:f6:
38:2a:e9:3e:82:75:69:19:65:1a:03:4f:0d:08:8a:84:ff:a4:
d2:ba:07:d9:15:05:8a:b2:a6:e0:9d:a9:72:69:ad:0e:7d:bb:
e7:b3:6a:ba:3c:71:fd:90:d5:f6:d6:72:b2:34:f9:b7:6a:24:
07:24:08:bc:ef:24:e6:67:52:cf:14:92:e1:bd:3f:e8:97:59:
93:19:92:eb:ea:29:37:27:92:64:ec:50:45:84:f1:3a:7d:14:
b8:e3:9e:ba
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANArMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTA5MTUxODA3WhcNMjUwOTE0MTUxODA3WjAYMRYw
FAYDVQQDEw02NzJmN2QzMi05Yjg0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAo63VS9EAIek8IC0qEmq/nJIiQVGXXiMVz+LymQ/E3N2c1/9oiLBhtDlz
wH7U0OUeUZBIdAd9RpSb/CUMGEUocWsr8LGaMBW5jOEorL/oHZtDWUZUQiB4vO8R
k808MVSxmak/yt5jxsbalgEoxbneAQlzqXhu6o80Qjr5KqwTDgtGZfFu7L91u/a2
hFLlKJAvCfQLpMPtpYBvmOhREAmlL4ZoksYRR//Tc8Hh40KoxDNnJ0SL1vJhRGR1
1igBdmGPRacpV2ie5e37Cq4GjRuloYiHM/8/Q+5CLipge0OCs6YFNZV90PUlAMmJ
pm5kpNVFaQSx7GOCXmvCd/B2p3i0AwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDjP
/ZcypwavXrp99fKhbfqAf+NAMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9ENDlBQTMwMDlFQUQxMUVGQjI4NDUyQTQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnO1oMA0GCSqGSIb3DQEBCwUA
A4IBAQBrVe8bZUP2GHtfVL1LfB5oRi9jv3tziH5X87ryK60JqYKkI4p3aQbRDj8+
/v+GbxIQivlTkPTanRzrybdWjWWePIeMUEFWhscJGQYf1qX1WXarVYUl8g0RrLAs
iBTyclJ7OSoi6TWobOY3Igz9dQTkyFdk3CwsEQW56zQN27auKk2tVIcOcKYqrLnY
kxZEKwQCa9FJPuBALSSXWJh27VAOrPY4Kuk+gnVpGWUaA08NCIqE/6TSugfZFQWK
sqbgnalyaa0Ofbvns2q6PHH9kNX21nKyNPm3aiQHJAi87yTmZ1LPFJLhvT/ol1mT
GZLr6ik3J5Jk7FBFhPE6fRS44566
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:51 2024 by rpki-client on console-ams.rpki-client.org