Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DB40447A8F8B11EFA4950749762E951A.roa
File: DB40447A8F8B11EFA4950749762E951A.roa (raw, json)
Hash identifier: BqpUW2GLFMTe7owDNkuw4r/Dzdjx8EHcs/AMGVGMaUw=
Subject key identifier: 0A:E8:AC:56:E5:E3:D1:5F:D6:5D:55:33:FB:48:4E:AC:FA:83:70:94
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: C763
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DB40447A8F8B11EFA4950749762E951A.roa
Signing time: Mon 21 Oct 2024 09:07:11 +0000
ROA not before: Mon 21 Oct 2024 09:07:08 +0000
ROA not after: Sat 26 Apr 2025 09:07:08 +0000
asID: 142629
IP address blocks: 156.232.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 51043 (0xc763)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Oct 21 09:07:08 2024 GMT
Not After : Apr 26 09:07:08 2025 GMT
Subject: CN=671619bf-1ea0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:e1:98:04:c5:bc:72:e1:34:06:1d:64:5f:01:
86:b4:23:a3:fc:34:8c:71:42:a7:07:c7:b6:58:35:
4e:83:3a:cd:43:5f:0d:f7:5d:67:23:1d:84:c2:4c:
0b:9a:ce:16:8d:98:57:d8:92:f8:18:3f:79:a5:61:
38:7d:6a:6f:fd:59:f4:9e:06:99:a7:89:91:ab:43:
9c:7c:d0:82:0c:4a:51:90:f8:c6:a5:11:a7:60:8f:
8d:bc:23:37:7f:92:72:2f:b6:c1:ff:59:63:90:92:
b5:32:61:c8:83:5a:e9:ca:3b:fe:50:0a:67:7b:8c:
f5:e7:66:af:d4:d4:ba:7c:3b:64:e3:e8:13:a5:f8:
2f:0f:d0:14:de:f8:c1:e7:18:13:e7:8f:21:52:84:
c0:0e:8a:bb:1a:45:85:81:a7:97:ce:0b:6f:be:70:
cf:36:bc:86:d9:e0:0e:71:40:a5:98:38:fa:7f:c5:
21:89:77:0e:97:55:4a:9e:9c:5f:87:90:07:05:49:
58:74:f6:43:42:1f:69:6f:5c:95:ba:bd:9d:07:10:
78:7f:ed:ea:d8:af:8a:02:83:c4:a6:c8:3b:f1:d5:
2c:57:76:92:d2:9d:80:c9:33:0a:8d:dc:67:1c:7c:
cc:68:37:75:70:9e:6e:de:15:16:c3:a8:41:d2:74:
78:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:E8:AC:56:E5:E3:D1:5F:D6:5D:55:33:FB:48:4E:AC:FA:83:70:94
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DB40447A8F8B11EFA4950749762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.232.107.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:b7:10:c6:72:78:dc:ae:c4:bc:72:f0:24:51:4e:4a:4f:a3:
77:0a:27:57:2a:90:7c:2d:c2:be:36:65:93:9d:01:7e:c2:6c:
33:05:1b:8f:03:82:ff:df:5f:94:f0:4d:7b:e6:16:39:6c:64:
e6:73:30:b5:f4:f8:39:89:82:c5:e2:83:ab:7a:c0:2f:e6:41:
d4:25:bb:76:85:fe:b1:98:c3:0d:c9:68:a5:d1:94:54:e6:1b:
1c:c6:1d:99:af:72:5a:de:c6:34:f5:ef:52:15:4f:c4:48:86:
2f:75:a5:9e:d8:f0:c5:f0:4f:53:a5:f6:8d:91:a1:42:fb:9a:
76:c1:2d:bf:0e:d7:a4:7e:5d:de:56:de:6f:51:85:09:66:ab:
6b:25:84:b5:0b:73:de:db:4b:3e:97:39:ba:0b:11:ae:cf:db:
47:a0:04:68:8c:e8:69:5c:90:7e:1f:a5:c2:64:26:f5:b3:9b:
7d:a3:01:a4:9f:29:45:19:cf:cc:94:00:af:de:4b:a4:1d:a8:
36:84:d9:cc:e5:90:eb:63:95:7b:5f:26:e1:16:f4:24:9b:87:
60:30:3b:77:cd:4a:3c:98:d7:8a:24:e1:52:a0:34:40:bd:2e:
2e:34:14:93:6b:4c:67:d2:21:c4:c8:a5:ae:56:cd:d0:12:a2:
7a:35:e5:48
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAMdjMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMDIxMDkwNzA4WhcNMjUwNDI2MDkwNzA4WjAYMRYw
FAYDVQQDEw02NzE2MTliZi0xZWEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAteGYBMW8cuE0Bh1kXwGGtCOj/DSMcUKnB8e2WDVOgzrNQ18N911nIx2E
wkwLms4WjZhX2JL4GD95pWE4fWpv/Vn0ngaZp4mRq0OcfNCCDEpRkPjGpRGnYI+N
vCM3f5JyL7bB/1ljkJK1MmHIg1rpyjv+UApne4z152av1NS6fDtk4+gTpfgvD9AU
3vjB5xgT548hUoTADoq7GkWFgaeXzgtvvnDPNryG2eAOcUClmDj6f8UhiXcOl1VK
npxfh5AHBUlYdPZDQh9pb1yVur2dBxB4f+3q2K+KAoPEpsg78dUsV3aS0p2AyTMK
jdxnHHzMaDd1cJ5u3hUWw6hB0nR4ZQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAro
rFbl49Ff1l1VM/tITqz6g3CUMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EQjQwNDQ3QThGOEIxMUVGQTQ5NTA3NDk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOhrMA0GCSqGSIb3DQEBCwUA
A4IBAQAqtxDGcnjcrsS8cvAkUU5KT6N3CidXKpB8LcK+NmWTnQF+wmwzBRuPA4L/
31+U8E175hY5bGTmczC19Pg5iYLF4oOresAv5kHUJbt2hf6xmMMNyWil0ZRU5hsc
xh2Zr3Ja3sY09e9SFU/ESIYvdaWe2PDF8E9TpfaNkaFC+5p2wS2/Dtekfl3eVt5v
UYUJZqtrJYS1C3Pe20s+lzm6CxGuz9tHoARojOhpXJB+H6XCZCb1s5t9owGknylF
Gc/MlACv3kukHag2hNnM5ZDrY5V7XybhFvQkm4dgMDt3zUo8mNeKJOFSoDRAvS4u
NBSTa0xn0iHEyKWuVs3QEqJ6NeVI
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:52 2024 by rpki-client on console-ams.rpki-client.org