Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D4C6885687CB11EFB96D4558762E951A.roa
File: D4C6885687CB11EFB96D4558762E951A.roa (raw, json)
Hash identifier: ivo07d4x7pZufhepj2oIAk/jZhpWNXHk0edUymWxH1g=
Subject key identifier: 46:3C:C6:48:77:7B:2F:60:04:8D:6F:6C:6C:06:D0:31:FE:C1:E2:A8
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: C3E5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D4C6885687CB11EFB96D4558762E951A.roa
Signing time: Fri 11 Oct 2024 12:24:59 +0000
ROA not before: Fri 11 Oct 2024 12:24:55 +0000
ROA not after: Fri 20 Dec 2024 12:24:55 +0000
asID: 142286
IP address blocks: 156.225.144.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 50149 (0xc3e5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Oct 11 12:24:55 2024 GMT
Not After : Dec 20 12:24:55 2024 GMT
Subject: CN=6709191b-6f7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:d4:22:2f:a4:1a:13:9c:6f:70:cf:88:54:bd:
82:82:b7:24:d4:ce:18:38:94:20:67:29:b5:8b:a8:
df:7e:bc:6c:1a:fe:96:ab:d0:0f:42:59:40:21:79:
ec:d2:70:ae:7a:4c:20:5e:88:76:63:2c:49:2e:7a:
86:98:19:48:b7:a7:e3:ba:41:2a:d8:cb:65:b0:f1:
69:18:cf:ca:89:1c:24:7a:18:0e:56:10:39:01:41:
ad:ec:c7:d7:86:3f:38:d4:b8:47:4a:da:42:43:cb:
f4:d6:8d:0d:4b:ff:ff:b1:1c:88:28:a6:70:28:e2:
f7:04:03:74:b1:95:a6:39:d1:19:69:3d:44:0e:ed:
a3:88:80:65:38:ed:da:9d:20:f9:9b:69:af:23:1e:
e4:f7:c7:29:82:96:e0:5a:80:88:69:11:7c:12:2b:
71:0f:06:02:b9:5d:8b:a5:c3:26:5d:0f:c4:be:96:
1e:eb:5a:89:1f:01:f8:16:fa:31:bc:e1:19:a7:8b:
e5:99:bd:11:c5:23:bf:ed:70:d0:fc:85:18:c8:b9:
32:c8:cf:a6:aa:2f:b8:c9:ab:80:cf:8e:40:b2:2a:
e7:f2:d8:54:9e:dd:0e:f8:5c:91:b6:88:e1:87:bc:
c6:8c:0d:9b:0b:8d:73:db:60:73:b6:59:c7:e2:36:
42:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:3C:C6:48:77:7B:2F:60:04:8D:6F:6C:6C:06:D0:31:FE:C1:E2:A8
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D4C6885687CB11EFB96D4558762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.144.0/20
Signature Algorithm: sha256WithRSAEncryption
6a:a8:97:b9:2f:be:e5:47:2d:5b:96:fb:53:8e:44:92:c1:1e:
51:0b:30:72:58:a3:05:c3:4e:4c:f4:57:39:33:63:fd:ec:a3:
65:5a:43:b6:38:ff:fb:2a:05:fa:81:1b:78:a5:52:07:76:02:
1b:a6:99:17:c5:e7:a4:d9:48:7d:a8:a7:75:5a:3a:21:fc:7d:
dd:4d:28:79:d9:86:05:95:4c:a5:95:dc:e8:de:19:5a:39:a4:
14:38:fb:f0:0c:d3:3a:04:4d:23:09:88:6a:97:a9:c5:a2:52:
65:f7:08:1e:9e:0d:30:f0:ec:58:67:26:1d:5d:d4:00:30:0d:
5b:db:43:20:d4:c3:f6:25:1d:f2:96:a4:69:eb:64:a6:14:4c:
53:a9:72:8c:ee:20:87:86:94:50:71:3e:ad:c6:99:29:1c:c9:
7b:5f:12:5d:09:33:80:80:03:2c:b8:81:9f:d1:91:8d:cd:0c:
bc:d2:fd:4b:10:d6:da:94:83:a6:7b:90:20:c5:cf:7d:69:59:
ac:9a:31:c2:b5:ce:55:38:63:0a:a1:8c:d1:58:b8:af:6d:4a:
78:f3:f5:6b:e8:5d:85:38:75:d8:85:5c:22:60:7b:99:34:34:
3d:30:5c:81:f5:fc:c4:8f:cd:32:a6:20:7c:bc:a7:73:7c:04:
08:60:01:a0
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAMPlMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMDExMTIyNDU1WhcNMjQxMjIwMTIyNDU1WjAYMRYw
FAYDVQQDEw02NzA5MTkxYi02ZjdmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmNQiL6QaE5xvcM+IVL2Cgrck1M4YOJQgZym1i6jffrxsGv6Wq9APQllA
IXns0nCuekwgXoh2YyxJLnqGmBlIt6fjukEq2MtlsPFpGM/KiRwkehgOVhA5AUGt
7MfXhj841LhHStpCQ8v01o0NS///sRyIKKZwKOL3BAN0sZWmOdEZaT1EDu2jiIBl
OO3anSD5m2mvIx7k98cpgpbgWoCIaRF8EitxDwYCuV2LpcMmXQ/EvpYe61qJHwH4
FvoxvOEZp4vlmb0RxSO/7XDQ/IUYyLkyyM+mqi+4yauAz45Asirn8thUnt0O+FyR
tojhh7zGjA2bC41z22BztlnH4jZCXQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEY8
xkh3ey9gBI1vbGwG0DH+weKoMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9ENEM2ODg1Njg3Q0IxMUVGQjk2RDQ1NTg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnOGQMA0GCSqGSIb3DQEBCwUA
A4IBAQBqqJe5L77lRy1blvtTjkSSwR5RCzByWKMFw05M9Fc5M2P97KNlWkO2OP/7
KgX6gRt4pVIHdgIbppkXxeek2Uh9qKd1Wjoh/H3dTSh52YYFlUylldzo3hlaOaQU
OPvwDNM6BE0jCYhql6nFolJl9wgeng0w8OxYZyYdXdQAMA1b20Mg1MP2JR3ylqRp
62SmFExTqXKM7iCHhpRQcT6txpkpHMl7XxJdCTOAgAMsuIGf0ZGNzQy80v1LENba
lIOme5Agxc99aVmsmjHCtc5VOGMKoYzRWLivbUp48/Vr6F2FOHXYhVwiYHuZNDQ9
MFyB9fzEj80ypiB8vKdzfAQIYAGg
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:51 2024 by rpki-client on console-ams.rpki-client.org