Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DE3E220C5F1411EFA2C1A785762E951A.roa
File: DE3E220C5F1411EFA2C1A785762E951A.roa (raw, json)
Hash identifier: jqU6quCeSI8OEOZZ3AG8XYRTUsgQjt/TIPPdLRJIH0c=
Subject key identifier: 50:5F:08:5C:49:41:3E:D8:32:63:92:A8:78:4C:3D:D1:A1:76:6E:20
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: AA54
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DE3E220C5F1411EFA2C1A785762E951A.roa
Signing time: Tue 20 Aug 2024 16:54:30 +0000
ROA not before: Tue 20 Aug 2024 16:54:27 +0000
ROA not after: Sun 01 Dec 2024 16:54:27 +0000
asID: 5065
IP address blocks: 156.229.57.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43604 (0xaa54)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Aug 20 16:54:27 2024 GMT
Not After : Dec 1 16:54:27 2024 GMT
Subject: CN=66c4ca46-8aa6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:82:a4:68:4c:b2:af:d3:00:96:e9:23:19:2a:
5b:88:eb:ca:f3:cb:19:96:46:2a:74:01:11:75:09:
ab:cc:e6:13:c5:48:70:5a:99:89:eb:b5:1b:ed:15:
a9:e0:52:30:fd:d3:b6:c6:25:27:4b:71:83:a4:32:
a3:cf:9e:c9:d7:1f:15:5a:c6:91:c0:c9:1b:05:08:
7d:6d:7d:fd:45:6c:9c:e7:56:50:53:97:2c:a5:dc:
ab:f7:61:cc:d4:aa:6b:8a:c6:e1:31:cb:d9:cf:49:
ed:15:66:88:45:a0:9e:ac:e2:d3:70:15:ef:75:85:
26:30:a6:0c:3b:d4:10:e9:85:14:df:73:47:a8:c5:
17:8a:ef:36:cc:31:6c:98:cd:0a:61:bd:49:9a:9c:
e9:bd:ff:54:ae:d7:3e:c0:65:d1:20:4b:13:82:b6:
9e:94:b6:30:ce:d9:94:df:7b:1c:25:25:a1:9f:03:
84:a0:31:d6:4a:12:20:81:bf:64:84:b6:03:bb:63:
d2:85:55:1b:13:b7:88:f4:cb:cc:8d:88:af:00:bb:
7e:fc:d8:1a:cf:b8:5e:72:da:53:62:97:3d:98:64:
d6:98:cf:32:62:72:6c:8b:03:65:28:d2:38:23:04:
b4:3a:bf:06:d5:52:37:13:71:5f:c1:f7:1d:9c:12:
4c:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:5F:08:5C:49:41:3E:D8:32:63:92:A8:78:4C:3D:D1:A1:76:6E:20
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DE3E220C5F1411EFA2C1A785762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.57.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:b5:cf:e2:5d:64:78:25:99:f3:53:15:10:d4:2e:56:e9:e8:
b1:a8:01:93:1d:6a:b1:21:64:71:ee:ac:a5:3a:39:af:58:52:
e1:9d:6c:1e:90:a0:a0:52:2e:bf:af:9d:77:8c:d8:99:1b:8e:
72:bd:92:4e:04:dd:bc:2b:63:1e:7e:1d:2e:84:8b:c8:48:23:
80:ea:52:a3:75:00:aa:8a:cd:97:da:04:c1:96:c4:73:6f:58:
f0:09:5f:72:39:65:86:22:68:0b:d4:cb:ff:f5:d8:e6:fd:79:
17:a5:a5:7c:6f:8e:18:32:5b:a1:ae:d6:c5:68:91:18:e4:6b:
b8:6d:98:f5:87:fd:22:74:cd:46:2b:90:fc:8f:22:ff:40:9e:
ce:3d:61:7e:8c:6a:7e:00:0a:1b:31:5e:d1:46:8e:4b:dd:45:
f4:d5:40:7a:10:27:26:9f:c1:63:e0:95:7b:8b:fd:0d:27:48:
2a:82:91:60:50:d9:78:2e:57:cb:00:a0:56:85:e3:0a:73:d9:
44:73:43:b4:68:12:a0:16:97:89:7c:6a:22:c0:37:67:ae:9c:
6f:b6:8c:59:76:52:b8:69:54:b2:7d:da:f9:16:88:0d:9d:23:
ae:be:6e:ab:ce:22:1b:c4:fe:9f:b0:75:c7:9d:72:90:3c:b2:
41:36:61:50
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAKpUMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwODIwMTY1NDI3WhcNMjQxMjAxMTY1NDI3WjAYMRYw
FAYDVQQDEw02NmM0Y2E0Ni04YWE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzIKkaEyyr9MAlukjGSpbiOvK88sZlkYqdAERdQmrzOYTxUhwWpmJ67Ub
7RWp4FIw/dO2xiUnS3GDpDKjz57J1x8VWsaRwMkbBQh9bX39RWyc51ZQU5cspdyr
92HM1KprisbhMcvZz0ntFWaIRaCerOLTcBXvdYUmMKYMO9QQ6YUU33NHqMUXiu82
zDFsmM0KYb1Jmpzpvf9Urtc+wGXRIEsTgraelLYwztmU33scJSWhnwOEoDHWShIg
gb9khLYDu2PShVUbE7eI9MvMjYivALt+/Ngaz7hectpTYpc9mGTWmM8yYnJsiwNl
KNI4IwS0Or8G1VI3E3FfwfcdnBJM1wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFBf
CFxJQT7YMmOSqHhMPdGhdm4gMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9ERTNFMjIwQzVGMTQxMUVGQTJDMUE3ODU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOU5MA0GCSqGSIb3DQEBCwUA
A4IBAQC1tc/iXWR4JZnzUxUQ1C5W6eixqAGTHWqxIWRx7qylOjmvWFLhnWwekKCg
Ui6/r513jNiZG45yvZJOBN28K2Mefh0uhIvISCOA6lKjdQCqis2X2gTBlsRzb1jw
CV9yOWWGImgL1Mv/9djm/XkXpaV8b44YMluhrtbFaJEY5Gu4bZj1h/0idM1GK5D8
jyL/QJ7OPWF+jGp+AAobMV7RRo5L3UX01UB6ECcmn8Fj4JV7i/0NJ0gqgpFgUNl4
LlfLAKBWheMKc9lEc0O0aBKgFpeJfGoiwDdnrpxvtoxZdlK4aVSyfdr5FogNnSOu
vm6rziIbxP6fsHXHnXKQPLJBNmFQ
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:53 2024 by rpki-client on console-ams.rpki-client.org