Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EA84B06686F711EF9BF4D89C762E951A.roa
File: EA84B06686F711EF9BF4D89C762E951A.roa (raw, json)
Hash identifier: jvQJRh759DDV228nTXrmFKjaq0PGx9cd1uIA11g2hNk=
Subject key identifier: FF:9C:66:FA:B1:87:00:78:FA:33:0C:39:65:C6:A7:5C:C7:76:7E:5C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: C2DF
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EA84B06686F711EF9BF4D89C762E951A.roa
Signing time: Thu 10 Oct 2024 11:08:02 +0000
ROA not before: Thu 10 Oct 2024 11:07:58 +0000
ROA not after: Fri 20 Dec 2024 11:07:58 +0000
asID: 142286
IP address blocks: 156.225.132.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 49887 (0xc2df)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Oct 10 11:07:58 2024 GMT
Not After : Dec 20 11:07:58 2024 GMT
Subject: CN=6707b592-3516
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:64:34:e2:2e:5a:6a:7c:cc:da:f6:2d:ca:29:
0a:c4:10:9b:4e:a7:7e:f0:ce:48:49:be:cd:3f:8e:
47:1d:68:0e:6c:25:db:3e:97:3d:7f:48:17:6e:b9:
e1:34:ba:e9:15:b6:4f:4e:12:47:66:9b:7d:6e:70:
b2:aa:20:4d:1f:e9:32:69:48:1a:3c:ed:64:09:de:
00:12:5c:97:e1:1d:af:67:76:ac:b1:1e:39:8e:39:
d4:05:7a:a1:85:1c:fc:14:79:06:ea:4b:d1:b4:b7:
17:97:8d:87:5a:0b:3a:bc:b7:f7:77:de:5c:f1:76:
c4:c8:0d:b7:48:26:0e:3a:2d:77:09:5e:08:6d:ed:
97:b3:ed:ad:6b:7f:89:0e:d0:1f:8b:30:7c:21:1b:
2d:51:83:b2:e9:c3:c1:e4:4f:08:be:94:85:1d:86:
dd:33:d9:62:6f:d9:ba:e0:05:69:12:4e:4e:9b:0a:
a4:20:81:a4:7a:8f:ed:09:05:e6:be:c3:49:f7:8a:
35:90:a2:1d:75:37:72:6e:4c:62:db:ea:4e:df:d7:
c9:08:50:2e:b7:71:e5:87:fa:e8:e4:8f:59:b2:96:
ec:d0:02:38:83:d3:c4:47:24:38:5f:a2:48:60:ff:
e7:a5:9e:2c:bd:9d:7c:e3:fa:6c:43:55:76:aa:e6:
44:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:9C:66:FA:B1:87:00:78:FA:33:0C:39:65:C6:A7:5C:C7:76:7E:5C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EA84B06686F711EF9BF4D89C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.132.0/22
Signature Algorithm: sha256WithRSAEncryption
89:31:86:46:25:d1:af:bc:69:61:81:47:0a:4e:03:e8:b9:da:
61:14:46:e7:a2:42:71:f5:54:e5:a7:11:7e:58:50:1d:1c:55:
df:d1:a6:ea:1d:3e:5a:68:3a:21:e3:cd:f9:92:d1:20:9e:73:
c1:38:20:c3:fd:37:4d:b5:cf:67:6c:68:2e:a0:a4:0b:b2:2d:
a6:98:3f:5e:17:4f:9b:37:ca:4b:a4:ac:0f:3a:7f:9e:d5:c0:
d9:c1:47:de:53:86:f9:3d:51:bf:c6:0c:3b:2a:3c:ac:38:40:
e5:90:3f:c7:b5:08:a2:dd:3a:be:20:a7:92:69:10:7a:fe:cf:
bb:e5:99:08:38:73:5e:a2:3d:68:ae:fa:f4:45:0d:fc:de:8a:
be:6c:40:18:4a:e5:cb:5c:b1:84:a0:5b:4c:40:8e:44:cb:82:
57:b6:52:43:00:28:eb:fc:f7:ad:99:22:b6:1d:f3:34:e7:80:
50:7f:b4:ce:52:e1:67:1c:37:c1:ad:cb:ef:a2:b1:7a:46:37:
80:38:f7:c0:f9:72:af:85:dd:79:18:70:53:fb:58:39:1b:7c:
26:00:cb:4c:7e:18:86:f7:af:6b:08:b0:0a:63:8f:ac:e7:cd:
84:b6:c3:de:01:d1:ce:fd:b1:e2:56:40:cc:df:fa:5e:7e:5c:
f6:99:6a:df
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAMLfMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMDEwMTEwNzU4WhcNMjQxMjIwMTEwNzU4WjAYMRYw
FAYDVQQDEw02NzA3YjU5Mi0zNTE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAumQ04i5aanzM2vYtyikKxBCbTqd+8M5ISb7NP45HHWgObCXbPpc9f0gX
brnhNLrpFbZPThJHZpt9bnCyqiBNH+kyaUgaPO1kCd4AElyX4R2vZ3assR45jjnU
BXqhhRz8FHkG6kvRtLcXl42HWgs6vLf3d95c8XbEyA23SCYOOi13CV4Ibe2Xs+2t
a3+JDtAfizB8IRstUYOy6cPB5E8IvpSFHYbdM9lib9m64AVpEk5OmwqkIIGkeo/t
CQXmvsNJ94o1kKIddTdybkxi2+pO39fJCFAut3Hlh/ro5I9Zspbs0AI4g9PERyQ4
X6JIYP/npZ4svZ184/psQ1V2quZEOwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFP+c
ZvqxhwB4+jMMOWXGp1zHdn5cMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FQTg0QjA2Njg2RjcxMUVGOUJGNEQ4OUM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnOGEMA0GCSqGSIb3DQEBCwUA
A4IBAQCJMYZGJdGvvGlhgUcKTgPoudphFEbnokJx9VTlpxF+WFAdHFXf0abqHT5a
aDoh4835ktEgnnPBOCDD/TdNtc9nbGguoKQLsi2mmD9eF0+bN8pLpKwPOn+e1cDZ
wUfeU4b5PVG/xgw7KjysOEDlkD/HtQii3Tq+IKeSaRB6/s+75ZkIOHNeoj1orvr0
RQ383oq+bEAYSuXLXLGEoFtMQI5Ey4JXtlJDACjr/PetmSK2HfM054BQf7TOUuFn
HDfBrcvvorF6RjeAOPfA+XKvhd15GHBT+1g5G3wmAMtMfhiG969rCLAKY4+s582E
tsPeAdHO/bHiVkDM3/peflz2mWrf
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:52 2024 by rpki-client on console-fra.rpki-client.org