Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DFCFF4745EF111EF82B61297762E951A.roa
File: DFCFF4745EF111EF82B61297762E951A.roa (raw, json)
Hash identifier: J98JQ/V//3iYPI7fQ0a/NGwN6lR0IyPK5rC2aKs06ks=
Subject key identifier: 59:30:E6:0A:6B:2C:EA:9E:73:C9:BC:3B:12:85:2F:EE:A7:44:39:10
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: A9EA
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DFCFF4745EF111EF82B61297762E951A.roa
Signing time: Tue 20 Aug 2024 12:44:01 +0000
ROA not before: Tue 20 Aug 2024 12:43:57 +0000
ROA not after: Tue 27 May 2025 12:43:57 +0000
asID: 399077
IP address blocks: 156.251.26.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43498 (0xa9ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Aug 20 12:43:57 2024 GMT
Not After : May 27 12:43:57 2025 GMT
Subject: CN=66c48f91-17ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:53:27:a1:f1:40:d9:e0:4c:da:5b:83:4d:4a:
c3:cd:b5:48:f3:35:96:62:5c:cf:fb:f5:23:27:49:
00:5b:ab:63:30:7d:f5:9c:2b:17:67:68:76:97:be:
a5:d2:0a:ab:20:2e:9e:21:92:0a:c7:b3:73:ca:5c:
96:d5:36:81:8f:fe:20:50:fc:85:ef:0d:43:a5:cf:
5c:95:b7:31:31:f3:78:74:5c:ef:be:09:9d:b5:70:
45:5c:d7:48:23:32:af:07:41:1a:55:25:64:38:b3:
bc:11:9a:f0:d1:db:b2:f2:c4:62:0e:f2:67:84:34:
d0:62:8f:6c:13:89:1a:8e:42:a3:c9:34:12:ab:11:
49:09:b9:a2:49:f8:e9:ec:1f:77:66:f8:59:4c:db:
b2:9d:45:14:d3:db:9a:03:36:d4:6b:f4:ee:e5:3c:
c5:9a:e9:a1:6c:17:01:7b:95:a0:a3:d6:7d:38:01:
d0:69:49:29:51:12:f8:c7:5e:7b:6c:38:68:2e:c4:
95:85:09:12:2c:4b:8d:ef:94:cd:ea:ce:9d:17:59:
b9:44:dc:c6:e5:27:f2:1f:4d:4a:e7:d8:f3:1b:1c:
46:93:7c:24:57:33:c1:4d:69:28:3b:38:8d:bf:8b:
17:61:d6:44:11:9e:7f:20:9b:7c:4b:13:cc:81:55:
c6:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:30:E6:0A:6B:2C:EA:9E:73:C9:BC:3B:12:85:2F:EE:A7:44:39:10
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DFCFF4745EF111EF82B61297762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.251.26.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:f1:1b:cd:41:ce:2a:d3:4e:3f:c4:99:6e:86:4a:64:0d:b3:
80:7a:0d:0c:b2:c9:9b:70:54:7f:ea:0e:ac:01:b6:ba:dd:b1:
e0:c8:f4:96:f1:38:9c:ec:0d:e9:12:0f:c0:1c:2d:a5:34:87:
2c:9e:eb:f8:a2:96:87:be:e1:89:b5:a1:dc:f2:62:3e:21:c2:
aa:49:34:2f:af:25:85:9f:6c:a1:5d:14:7f:ad:fd:59:9e:a0:
89:48:a1:ca:8a:41:cc:ce:0e:3f:08:4f:db:33:86:78:92:5f:
50:c4:13:49:b7:5b:4a:43:4f:fa:ce:27:4b:97:16:0b:81:fb:
a2:51:5e:e7:51:36:6c:92:8c:a3:df:b9:66:99:ff:02:b5:59:
fe:53:53:2a:7c:f4:1e:7d:56:d8:9c:75:47:7f:ca:e2:10:68:
40:53:24:34:d0:88:41:84:07:82:70:9e:e9:c8:d6:75:91:bd:
ab:6b:e1:fd:b2:cb:ac:07:ae:0d:39:2d:76:95:1b:e6:32:12:
b7:97:85:71:67:95:eb:94:a0:48:8c:19:ce:34:4b:30:df:9d:
f4:26:53:51:4d:e5:08:bf:f3:af:6b:c6:38:0a:a2:88:42:f3:
15:d3:43:4a:6a:30:cd:7e:b2:c7:5e:cb:1d:df:ce:17:66:1d:
d0:a1:67:c3
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAKnqMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwODIwMTI0MzU3WhcNMjUwNTI3MTI0MzU3WjAYMRYw
FAYDVQQDEw02NmM0OGY5MS0xN2FlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzVMnofFA2eBM2luDTUrDzbVI8zWWYlzP+/UjJ0kAW6tjMH31nCsXZ2h2
l76l0gqrIC6eIZIKx7NzylyW1TaBj/4gUPyF7w1Dpc9clbcxMfN4dFzvvgmdtXBF
XNdIIzKvB0EaVSVkOLO8EZrw0duy8sRiDvJnhDTQYo9sE4kajkKjyTQSqxFJCbmi
Sfjp7B93ZvhZTNuynUUU09uaAzbUa/Tu5TzFmumhbBcBe5Wgo9Z9OAHQaUkpURL4
x157bDhoLsSVhQkSLEuN75TN6s6dF1m5RNzG5SfyH01K59jzGxxGk3wkVzPBTWko
OziNv4sXYdZEEZ5/IJt8SxPMgVXG7wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFkw
5gprLOqec8m8OxKFL+6nRDkQMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9ERkNGRjQ3NDVFRjExMUVGODJCNjEyOTc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPsaMA0GCSqGSIb3DQEBCwUA
A4IBAQCk8RvNQc4q004/xJluhkpkDbOAeg0MssmbcFR/6g6sAba63bHgyPSW8Tic
7A3pEg/AHC2lNIcsnuv4opaHvuGJtaHc8mI+IcKqSTQvryWFn2yhXRR/rf1ZnqCJ
SKHKikHMzg4/CE/bM4Z4kl9QxBNJt1tKQ0/6zidLlxYLgfuiUV7nUTZskoyj37lm
mf8CtVn+U1MqfPQefVbYnHVHf8riEGhAUyQ00IhBhAeCcJ7pyNZ1kb2ra+H9ssus
B64NOS12lRvmMhK3l4VxZ5XrlKBIjBnONEsw3530JlNRTeUIv/Ova8Y4CqKIQvMV
00NKajDNfrLHXssd384XZh3QoWfD
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:53 2024 by rpki-client on console-ams.rpki-client.org