Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DA949D26A15D11EF8C8C9850762E951A.roa
File: DA949D26A15D11EF8C8C9850762E951A.roa (raw, json)
Hash identifier: 19qXv6g2kStG8ZSHx26/bRBoMSoSARhR67f0ssdMfwo=
Subject key identifier: FD:D7:22:78:22:BB:09:4D:C3:95:F1:5A:7C:59:AC:EE:28:3E:41:BC
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D1E4
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DA949D26A15D11EF8C8C9850762E951A.roa
Signing time: Wed 13 Nov 2024 01:23:14 +0000
ROA not before: Wed 13 Nov 2024 01:23:11 +0000
ROA not after: Fri 04 Apr 2025 01:23:11 +0000
asID: 55967
IP address blocks: 156.240.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 53732 (0xd1e4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 13 01:23:11 2024 GMT
Not After : Apr 4 01:23:11 2025 GMT
Subject: CN=6733ff82-ba25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:87:96:9b:3d:cb:82:97:72:09:f2:87:c1:a9:
a1:d5:16:27:3b:74:e5:2c:2d:e1:50:78:5a:29:8c:
91:80:0e:ae:16:3b:dc:e2:68:be:f4:d2:9c:b9:80:
55:a2:05:a0:22:7b:88:0e:da:b3:4e:94:8e:18:bf:
49:75:bf:26:0b:4d:c5:50:6e:e9:97:be:af:47:63:
9c:bc:df:c7:02:34:27:a5:55:65:31:c8:98:f2:1b:
24:41:60:e8:fa:fb:3f:6b:03:67:97:6e:58:09:69:
c0:1e:e1:eb:53:20:e3:44:f4:05:69:ad:45:cc:89:
b8:da:c1:48:30:db:8d:06:4b:52:06:cf:89:03:fe:
71:f8:3d:6e:29:b8:9a:f7:ae:08:2b:98:6c:d8:31:
19:db:da:16:46:3c:70:b3:4d:c0:00:5b:9e:c2:4b:
b5:15:75:02:47:90:ca:d0:27:6a:32:1e:c8:4e:af:
f2:b0:76:18:c5:a4:91:cd:35:84:c6:35:a1:99:14:
e9:58:61:6d:2c:d0:ec:56:ea:73:0e:93:5b:d5:ca:
c6:a6:19:f5:82:c1:8f:fc:bd:9b:b6:8f:1f:47:8c:
be:15:4e:d2:a4:b0:96:53:22:a8:cc:64:a2:f3:27:
03:e0:0d:a7:9a:fe:38:f0:d9:f5:fc:62:a8:f3:a9:
05:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:D7:22:78:22:BB:09:4D:C3:95:F1:5A:7C:59:AC:EE:28:3E:41:BC
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DA949D26A15D11EF8C8C9850762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.240.119.0/24
Signature Algorithm: sha256WithRSAEncryption
41:34:d0:85:35:9c:0e:7e:3f:d8:f7:5e:2c:f8:a9:44:df:d6:
9c:57:1d:cd:39:52:b4:73:5b:64:8e:60:d1:6a:3a:4c:4e:37:
1c:91:a0:cf:3b:c6:fd:7b:41:22:48:4b:33:32:55:5e:52:3d:
4f:36:48:0b:fa:18:2b:45:40:99:c0:f8:de:7f:22:f9:6d:69:
29:ac:73:6f:b3:ef:c3:87:8d:cc:ca:7b:eb:b1:53:4b:4e:19:
e6:a5:00:a8:8d:93:37:c2:9c:ae:81:14:a4:05:c5:7e:45:e1:
fd:bb:89:2c:35:d5:a1:62:dd:7f:8c:fc:6b:bb:5c:51:10:ea:
0b:82:89:ad:2c:52:5f:d4:48:7e:8f:2c:c3:5a:03:f4:3e:06:
ad:51:de:14:55:0c:19:3d:b3:42:cb:b8:fd:ae:39:3b:db:82:
be:c5:a9:1d:47:22:a5:fd:50:6c:f2:d4:d6:95:dd:9b:5d:13:
3a:21:9b:63:d4:ed:58:40:ca:b9:7d:43:e4:e9:da:9e:d6:59:
0e:8e:55:c9:3e:67:ed:b4:d3:8e:d4:d9:93:65:04:30:8b:fb:
41:a5:13:46:6c:af:0b:c8:ed:3e:57:ef:8b:61:d2:65:7b:e3:
5f:be:06:3e:f3:5e:a1:a6:81:2a:27:ca:e2:a8:f0:7f:34:c6:
35:29:01:47
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANHkMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTEzMDEyMzExWhcNMjUwNDA0MDEyMzExWjAYMRYw
FAYDVQQDEw02NzMzZmY4Mi1iYTI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtYeWmz3LgpdyCfKHwamh1RYnO3TlLC3hUHhaKYyRgA6uFjvc4mi+9NKc
uYBVogWgInuIDtqzTpSOGL9Jdb8mC03FUG7pl76vR2OcvN/HAjQnpVVlMciY8hsk
QWDo+vs/awNnl25YCWnAHuHrUyDjRPQFaa1FzIm42sFIMNuNBktSBs+JA/5x+D1u
Kbia964IK5hs2DEZ29oWRjxws03AAFuewku1FXUCR5DK0CdqMh7ITq/ysHYYxaSR
zTWExjWhmRTpWGFtLNDsVupzDpNb1crGphn1gsGP/L2bto8fR4y+FU7SpLCWUyKo
zGSi8ycD4A2nmv448Nn1/GKo86kFPQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFP3X
IngiuwlNw5XxWnxZrO4oPkG8MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EQTk0OUQyNkExNUQxMUVGOEM4Qzk4NTA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPB3MA0GCSqGSIb3DQEBCwUA
A4IBAQBBNNCFNZwOfj/Y914s+KlE39acVx3NOVK0c1tkjmDRajpMTjcckaDPO8b9
e0EiSEszMlVeUj1PNkgL+hgrRUCZwPjefyL5bWkprHNvs+/Dh43MynvrsVNLThnm
pQCojZM3wpyugRSkBcV+ReH9u4ksNdWhYt1/jPxru1xREOoLgomtLFJf1Eh+jyzD
WgP0PgatUd4UVQwZPbNCy7j9rjk724K+xakdRyKl/VBs8tTWld2bXRM6IZtj1O1Y
QMq5fUPk6dqe1lkOjlXJPmfttNOO1NmTZQQwi/tBpRNGbK8LyO0+V++LYdJle+Nf
vgY+816hpoEqJ8riqPB/NMY1KQFH
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:50 2024 by rpki-client on console-fra.rpki-client.org