Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D6AFB890976611EF9CECEC48762E951A.roa
File: D6AFB890976611EF9CECEC48762E951A.roa (raw, json)
Hash identifier: ntXloJ8DYjmjZwYah1qJQb9zCnwa6dPNr5UG20ShUJ4=
Subject key identifier: FF:91:3D:70:E4:0F:54:D6:2F:A6:B7:7D:5C:AA:25:D7:83:86:2A:A3
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: CB04
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D6AFB890976611EF9CECEC48762E951A.roa
Signing time: Thu 31 Oct 2024 09:02:22 +0000
ROA not before: Thu 31 Oct 2024 09:02:18 +0000
ROA not after: Sun 24 Nov 2024 09:02:18 +0000
asID: 133522
IP address blocks: 156.227.32.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 51972 (0xcb04)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Oct 31 09:02:18 2024 GMT
Not After : Nov 24 09:02:18 2024 GMT
Subject: CN=6723479d-e8a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:5c:3a:b7:c3:ad:b1:1c:29:8b:bf:5c:c8:b1:
7f:75:39:86:c2:3c:d4:3a:fc:df:ea:70:fb:0f:d3:
27:eb:60:61:fb:0f:8d:93:33:0b:0d:a3:b8:78:3a:
d8:c1:b5:75:e9:18:82:a5:6b:0f:64:d2:bc:d4:64:
2e:40:59:77:c6:ce:91:81:50:56:e7:d1:ea:9c:c3:
3e:21:d0:a1:fd:6d:eb:e0:d7:32:4d:5d:92:09:8f:
15:eb:c5:32:fa:dd:26:63:30:05:91:23:49:9e:40:
ae:7f:ee:03:cf:3b:a9:c9:64:51:17:d3:d7:37:f1:
d0:1e:af:d8:22:0b:de:3a:8d:5a:5b:07:34:b2:47:
be:f6:44:ee:cf:26:d4:85:c1:ea:09:30:b0:71:f6:
ea:a3:47:23:94:26:3e:fd:83:36:82:ee:2b:f1:e8:
42:9a:fd:55:70:dc:47:76:26:10:31:3d:4f:5d:c9:
28:d2:cc:1b:e3:5a:82:83:dd:03:a4:f5:ad:78:f4:
f7:23:b4:d6:f3:1a:f1:38:83:63:0a:8b:c4:df:9f:
ec:e7:5c:06:d0:f3:45:f4:bd:5e:7d:dd:95:07:e1:
ba:20:1b:cf:4b:ed:49:f3:ae:f5:de:f0:68:55:b4:
65:7d:3a:79:19:1b:da:57:7c:c0:37:8e:87:bb:ad:
e4:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:91:3D:70:E4:0F:54:D6:2F:A6:B7:7D:5C:AA:25:D7:83:86:2A:A3
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D6AFB890976611EF9CECEC48762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.32.0/19
Signature Algorithm: sha256WithRSAEncryption
9a:6b:54:03:a7:54:69:c5:26:16:85:9a:72:78:fc:8b:40:8c:
32:10:f4:1d:17:28:25:73:d9:0a:dd:f6:a8:d9:17:b0:6f:5d:
23:e7:c6:4f:b9:c2:4c:24:aa:82:8b:df:bb:79:63:47:78:02:
3f:be:2d:23:89:e2:c7:e2:f2:82:0e:77:3e:b0:17:3a:d3:63:
e2:d6:3e:64:05:ff:da:db:f8:72:ae:34:98:37:ba:33:e7:1e:
54:c1:07:7d:a7:6a:46:c5:c5:96:6d:a0:55:14:e7:6d:09:17:
89:d6:9d:c4:75:bd:a7:af:a3:d8:4c:01:a9:e0:60:26:11:59:
e8:8d:e8:17:93:01:0f:69:a0:e9:97:9d:f2:c4:d9:c2:3b:5d:
14:a0:df:c6:73:a1:87:5e:55:53:4c:52:d6:95:54:0d:44:cc:
09:27:77:6b:78:d8:7d:c5:b8:c1:de:1a:c8:35:25:36:46:cc:
da:49:44:56:cc:31:de:75:9c:70:43:c8:73:62:3b:32:af:38:
08:fb:24:ce:56:25:65:68:43:f2:a6:23:ce:4d:86:77:a5:86:
d3:8d:59:86:dd:60:81:b9:b5:d5:9e:c0:81:47:73:ae:05:6a:
ad:d3:ac:3d:4c:4f:2c:5d:6d:3f:aa:f9:28:f6:5f:76:84:f5:
a8:12:fd:10
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAMsEMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMDMxMDkwMjE4WhcNMjQxMTI0MDkwMjE4WjAYMRYw
FAYDVQQDEw02NzIzNDc5ZC1lOGE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA61w6t8OtsRwpi79cyLF/dTmGwjzUOvzf6nD7D9Mn62Bh+w+NkzMLDaO4
eDrYwbV16RiCpWsPZNK81GQuQFl3xs6RgVBW59HqnMM+IdCh/W3r4NcyTV2SCY8V
68Uy+t0mYzAFkSNJnkCuf+4DzzupyWRRF9PXN/HQHq/YIgveOo1aWwc0ske+9kTu
zybUhcHqCTCwcfbqo0cjlCY+/YM2gu4r8ehCmv1VcNxHdiYQMT1PXcko0swb41qC
g90DpPWtePT3I7TW8xrxOINjCovE35/s51wG0PNF9L1efd2VB+G6IBvPS+1J8671
3vBoVbRlfTp5GRvaV3zAN46Hu63kJwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFP+R
PXDkD1TWL6a3fVyqJdeDhiqjMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9ENkFGQjg5MDk3NjYxMUVGOUNFQ0VDNDg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFnOMgMA0GCSqGSIb3DQEBCwUA
A4IBAQCaa1QDp1RpxSYWhZpyePyLQIwyEPQdFyglc9kK3fao2Rewb10j58ZPucJM
JKqCi9+7eWNHeAI/vi0jieLH4vKCDnc+sBc602Pi1j5kBf/a2/hyrjSYN7oz5x5U
wQd9p2pGxcWWbaBVFOdtCReJ1p3Edb2nr6PYTAGp4GAmEVnojegXkwEPaaDpl53y
xNnCO10UoN/Gc6GHXlVTTFLWlVQNRMwJJ3dreNh9xbjB3hrINSU2RszaSURWzDHe
dZxwQ8hzYjsyrzgI+yTOViVlaEPypiPOTYZ3pYbTjVmG3WCBubXVnsCBR3OuBWqt
06w9TE8sXW0/qvko9l92hPWoEv0Q
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:49 2024 by rpki-client on console-fra.rpki-client.org