Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DD07E40E6AA411EFACD9F183762E951A.roa
File: DD07E40E6AA411EFACD9F183762E951A.roa (raw, json)
Hash identifier: ZthtxWe5GgbZDMedooqsQG6Jzi+qI127zfiE/GC5bT4=
Subject key identifier: 35:CE:17:EA:3C:2B:96:1B:03:29:E5:8F:6D:63:69:96:55:C9:81:19
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: B1D1
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DD07E40E6AA411EFACD9F183762E951A.roa
Signing time: Wed 04 Sep 2024 10:02:59 +0000
ROA not before: Wed 04 Sep 2024 10:02:55 +0000
ROA not after: Thu 24 Apr 2025 10:02:55 +0000
asID: 63888
IP address blocks: 156.255.120.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 45521 (0xb1d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 4 10:02:55 2024 GMT
Not After : Apr 24 10:02:55 2025 GMT
Subject: CN=66d83053-d26a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:b9:a8:d7:ec:0c:d0:02:0f:69:6c:aa:a4:03:
10:a8:c7:0f:b8:a2:f1:20:02:80:c3:f5:90:5d:c0:
72:fc:8c:cb:18:1d:41:b8:f1:fa:28:68:77:33:c1:
f9:26:4a:31:fb:51:ae:e7:69:f7:ae:1a:db:77:6c:
79:38:32:eb:d3:d8:91:9e:45:62:1c:5e:42:d0:a2:
4e:84:e3:82:e4:c8:6f:a1:cf:9d:60:98:9d:97:09:
5a:e2:28:ef:85:23:30:1e:c6:f3:1e:b7:2b:d3:a0:
d0:3f:a3:56:5d:93:90:21:2b:09:25:86:d7:fc:ff:
d0:67:45:27:99:bf:50:f1:54:0d:91:58:3c:cc:80:
80:b9:7d:87:89:c2:52:3b:84:b3:8e:ac:57:a1:0f:
dc:e0:20:ba:69:07:a7:40:21:44:cc:65:ed:0e:e1:
33:9c:18:02:05:b0:b6:a8:87:44:4c:b0:f6:53:3d:
2d:47:a4:3b:4c:61:cd:ef:53:e5:17:c3:90:b9:30:
57:6f:16:6c:ab:c0:ac:d3:0e:f2:67:f3:de:4d:3d:
65:15:5c:79:5a:77:7d:c5:f2:11:f0:1a:bf:76:97:
3c:6f:9c:68:5e:77:bd:e4:21:03:c2:20:e3:7f:7b:
9d:ff:c0:61:25:8c:01:4b:34:f5:1a:97:c7:b1:22:
08:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:CE:17:EA:3C:2B:96:1B:03:29:E5:8F:6D:63:69:96:55:C9:81:19
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DD07E40E6AA411EFACD9F183762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.255.120.0/21
Signature Algorithm: sha256WithRSAEncryption
ae:4d:2a:65:c7:9f:2b:e2:73:1c:e1:c5:1c:e0:a1:42:3f:44:
b7:dc:0d:cb:bc:1c:8b:30:5f:c5:0c:26:4a:c8:37:a7:ac:87:
8a:cd:5d:cd:66:52:93:4f:32:ed:e1:cc:42:d1:d3:f0:1c:3d:
01:4e:e2:c8:86:d6:74:26:c7:05:71:17:ec:4b:00:43:71:6a:
ce:03:92:35:bd:e1:a9:0b:3c:6f:c2:75:91:b0:cb:55:a2:45:
17:32:04:70:33:b6:40:82:80:d2:b0:b3:b2:b9:6b:24:99:f7:
eb:12:29:9c:6a:80:e2:d0:05:87:f7:49:06:e9:9c:d5:0d:1e:
a7:e0:ea:c9:35:68:9c:c7:43:1e:58:fc:4e:fc:aa:72:93:c4:
b6:c7:66:c0:2d:d8:2a:a2:ce:76:f4:1e:32:3e:83:a8:0d:51:
47:62:d1:34:3c:b8:4a:bc:85:23:bc:05:aa:63:64:54:12:23:
eb:e8:c1:8e:cf:2c:a0:ee:f7:a2:af:a2:5a:8a:23:d7:88:79:
7b:09:6d:a9:7f:15:7c:f0:4b:8f:07:a2:b3:6a:af:c3:7d:d9:
af:dd:70:11:67:12:c5:49:5b:03:e9:c1:19:b8:f7:29:5d:39:
de:fa:d5:a3:b5:ff:7d:be:1b:cc:7c:60:e7:29:c9:37:18:ae:
b5:94:26:e5
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDALHRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwOTA0MTAwMjU1WhcNMjUwNDI0MTAwMjU1WjAYMRYw
FAYDVQQDEw02NmQ4MzA1My1kMjZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAm7mo1+wM0AIPaWyqpAMQqMcPuKLxIAKAw/WQXcBy/IzLGB1BuPH6KGh3
M8H5Jkox+1Gu52n3rhrbd2x5ODLr09iRnkViHF5C0KJOhOOC5Mhvoc+dYJidlwla
4ijvhSMwHsbzHrcr06DQP6NWXZOQISsJJYbX/P/QZ0Unmb9Q8VQNkVg8zICAuX2H
icJSO4SzjqxXoQ/c4CC6aQenQCFEzGXtDuEznBgCBbC2qIdETLD2Uz0tR6Q7TGHN
71PlF8OQuTBXbxZsq8Cs0w7yZ/PeTT1lFVx5Wnd9xfIR8Bq/dpc8b5xoXne95CED
wiDjf3ud/8BhJYwBSzT1GpfHsSIInQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDXO
F+o8K5YbAynlj21jaZZVyYEZMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9ERDA3RTQwRTZBQTQxMUVGQUNEOUYxODM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnP94MA0GCSqGSIb3DQEBCwUA
A4IBAQCuTSplx58r4nMc4cUc4KFCP0S33A3LvByLMF/FDCZKyDenrIeKzV3NZlKT
TzLt4cxC0dPwHD0BTuLIhtZ0JscFcRfsSwBDcWrOA5I1veGpCzxvwnWRsMtVokUX
MgRwM7ZAgoDSsLOyuWskmffrEimcaoDi0AWH90kG6ZzVDR6n4OrJNWicx0MeWPxO
/Kpyk8S2x2bALdgqos529B4yPoOoDVFHYtE0PLhKvIUjvAWqY2RUEiPr6MGOzyyg
7veir6JaiiPXiHl7CW2pfxV88EuPB6Kzaq/Dfdmv3XARZxLFSVsD6cEZuPcpXTne
+tWjtf99vhvMfGDnKck3GK61lCbl
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:50 2024 by rpki-client on console-fra.rpki-client.org