Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DDD05A50F70011EE9AEEFB66775412E6.roa
File: DDD05A50F70011EE9AEEFB66775412E6.roa (raw, json)
Hash identifier: QyOTnR6O5Rg128hA4y3/jDNVAFDbcDH/+ZGEZJNV5/Y=
Subject key identifier: 71:28:45:95:14:CB:43:36:9E:AC:D3:C8:A9:07:6F:52:97:74:1A:D0
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 81DD
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DDD05A50F70011EE9AEEFB66775412E6.roa
Signing time: Wed 10 Apr 2024 06:09:19 +0000
ROA not before: Wed 10 Apr 2024 06:09:16 +0000
ROA not after: Sat 29 Nov 2025 06:09:16 +0000
asID: 134700
IP address blocks: 156.248.1.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 33245 (0x81dd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 10 06:09:16 2024 GMT
Not After : Nov 29 06:09:16 2025 GMT
Subject: CN=66162d0f-a05b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:c1:73:73:54:ce:99:03:21:35:b6:25:53:f1:
e3:16:07:91:ed:0c:4b:4b:ea:83:b1:80:dd:10:52:
c4:fc:d7:fb:e2:a1:e3:d8:93:9b:34:1d:e4:1e:b2:
4b:26:8b:a5:cc:69:03:eb:09:3c:45:c2:e2:e1:f4:
cc:ba:42:ae:08:6a:40:22:7e:cf:c0:72:43:3b:90:
b6:ba:3f:55:47:35:75:57:ca:d0:26:9d:d5:94:50:
b9:1d:9d:21:9d:86:26:f6:88:33:95:84:1d:f4:1c:
f5:7e:54:73:3d:37:87:36:6b:28:e3:7e:19:dc:30:
9e:37:08:35:3f:ea:c2:05:b5:c0:e7:d8:83:9d:fc:
e2:dd:61:9e:25:f0:3b:e1:c7:57:f9:e5:1a:63:fd:
ae:d6:13:4f:2a:70:b3:dc:d3:0d:46:33:7b:4d:14:
e7:c4:44:fe:7f:02:60:3e:f9:08:69:7c:43:c5:46:
d3:fd:8e:07:94:bb:a7:8f:b5:b2:41:4b:83:a9:b3:
be:b4:73:76:c2:b8:da:69:a5:60:12:94:1c:6e:94:
81:74:df:f7:e3:a0:59:b8:db:a7:e0:a4:14:66:1b:
0f:a4:e3:48:be:3f:49:81:29:29:a0:d2:55:ad:b1:
b9:22:25:a9:4e:23:20:ff:c3:71:57:6d:9a:a9:69:
d0:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:28:45:95:14:CB:43:36:9E:AC:D3:C8:A9:07:6F:52:97:74:1A:D0
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DDD05A50F70011EE9AEEFB66775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.248.1.0/24
Signature Algorithm: sha256WithRSAEncryption
72:5b:f5:8d:2b:1c:47:60:98:1b:0b:22:9b:ff:84:d9:e9:37:
e8:85:37:40:e0:c3:bb:7b:cc:2f:e9:e9:4e:d3:53:fd:8c:ec:
d2:e6:ae:af:ea:f0:e0:63:7e:fc:de:9b:fe:9e:7f:79:db:7c:
d9:23:0e:63:37:17:0c:34:f1:f4:bb:56:75:7a:91:81:c4:dd:
b7:a3:08:94:a3:29:9f:6f:74:2b:2d:ba:13:fa:fb:cd:bb:c3:
f4:53:55:28:cb:8e:1b:56:90:cf:0c:32:d8:c3:78:84:cd:3a:
94:6c:f5:0c:ff:71:f8:c6:eb:a3:50:2f:3e:b5:a9:06:9f:30:
84:b2:da:90:38:8b:65:60:f0:bf:99:45:0f:cd:5b:f5:dd:3d:
44:57:36:2e:58:c0:d7:c3:e8:91:88:bd:92:00:a2:6d:38:ea:
3f:41:5f:54:06:6a:dc:33:e2:57:5e:4a:af:aa:75:7b:2d:d7:
1e:32:d7:02:ae:81:69:8a:63:3e:21:44:c0:6c:b6:78:25:dd:
5b:90:b1:57:b7:39:28:8a:19:fe:da:1e:b2:eb:29:0e:b7:20:
30:35:23:58:89:6c:db:ef:d9:eb:37:71:8c:22:da:5c:7d:1a:
ea:17:b3:9c:c3:ea:8c:b4:fb:cd:96:e2:c2:c6:9e:85:fc:56:
6e:84:21:3f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAIHdMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNDEwMDYwOTE2WhcNMjUxMTI5MDYwOTE2WjAYMRYw
FAYDVQQDEw02NjE2MmQwZi1hMDViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAu8Fzc1TOmQMhNbYlU/HjFgeR7QxLS+qDsYDdEFLE/Nf74qHj2JObNB3k
HrJLJoulzGkD6wk8RcLi4fTMukKuCGpAIn7PwHJDO5C2uj9VRzV1V8rQJp3VlFC5
HZ0hnYYm9ogzlYQd9Bz1flRzPTeHNmso434Z3DCeNwg1P+rCBbXA59iDnfzi3WGe
JfA74cdX+eUaY/2u1hNPKnCz3NMNRjN7TRTnxET+fwJgPvkIaXxDxUbT/Y4HlLun
j7WyQUuDqbO+tHN2wrjaaaVgEpQcbpSBdN/346BZuNun4KQUZhsPpONIvj9JgSkp
oNJVrbG5IiWpTiMg/8NxV22aqWnQrQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHEo
RZUUy0M2nqzTyKkHb1KXdBrQMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EREQwNUE1MEY3MDAxMUVFOUFFRUZCNjY3NzU0MTJFNi5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPgBMA0GCSqGSIb3DQEBCwUA
A4IBAQByW/WNKxxHYJgbCyKb/4TZ6TfohTdA4MO7e8wv6elO01P9jOzS5q6v6vDg
Y3783pv+nn9523zZIw5jNxcMNPH0u1Z1epGBxN23owiUoymfb3QrLboT+vvNu8P0
U1Uoy44bVpDPDDLYw3iEzTqUbPUM/3H4xuujUC8+takGnzCEstqQOItlYPC/mUUP
zVv13T1EVzYuWMDXw+iRiL2SAKJtOOo/QV9UBmrcM+JXXkqvqnV7LdceMtcCroFp
imM+IUTAbLZ4Jd1bkLFXtzkoihn+2h6y6ykOtyAwNSNYiWzb79nrN3GMItpcfRrq
F7Ocw+qMtPvNluLCxp6F/FZuhCE/
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:50 2024 by rpki-client on console-fra.rpki-client.org