Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/ED704D9C9B7B11EF9ECE1A87762E951A.roa
File: ED704D9C9B7B11EF9ECE1A87762E951A.roa (raw, json)
Hash identifier: i75yTv2KjSky3XZIS1y9DtuXgDm+ykpGOHEWXchVAKQ=
Subject key identifier: C0:71:14:9F:A6:CB:06:E1:44:58:3E:AE:02:36:0B:60:3F:C5:9E:3A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: CE6F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/ED704D9C9B7B11EF9ECE1A87762E951A.roa
Signing time: Tue 05 Nov 2024 13:43:24 +0000
ROA not before: Tue 05 Nov 2024 13:43:20 +0000
ROA not after: Mon 13 Jan 2025 13:43:20 +0000
asID: 22773
IP address blocks: 156.235.56.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 52847 (0xce6f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 5 13:43:20 2024 GMT
Not After : Jan 13 13:43:20 2025 GMT
Subject: CN=672a20fc-42b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:0c:88:ca:d3:a4:1f:21:aa:01:c6:39:89:63:
5d:1a:46:da:47:4e:17:a9:99:e2:67:6a:63:18:e5:
af:b6:52:41:52:cb:0d:32:32:82:56:61:25:05:31:
34:a1:96:cb:fc:35:4d:a0:78:2f:72:17:2d:f7:2d:
36:8e:10:ee:3e:e3:c0:6f:f6:3f:c9:bc:b4:cf:3e:
4e:06:0d:db:c9:fc:44:de:a0:97:8b:50:8a:87:15:
ae:82:82:c9:b4:74:a5:0f:0b:b3:98:26:12:fd:5a:
d7:39:07:fc:33:77:7f:83:6a:12:47:30:7a:8b:ac:
32:09:44:13:6b:b9:47:f5:61:67:12:ea:34:1e:8d:
29:52:11:b9:81:0d:f3:b1:e7:20:45:5d:b2:5e:6f:
a8:bd:68:c9:73:09:73:2a:dd:d5:cc:d6:a7:13:32:
ad:7c:2a:bd:1c:fc:cc:ec:68:09:c3:ee:2f:63:23:
e8:f9:2a:89:8b:e0:b6:a7:b5:42:d5:4c:4c:4c:29:
a6:b2:76:3f:6f:31:b6:e8:dc:c8:3b:90:a7:ed:7e:
b5:7e:a4:c9:2d:d3:e4:1b:ff:e6:a2:69:fc:73:c9:
65:af:c8:01:5d:b0:04:67:38:e8:8a:92:10:66:39:
0d:19:11:89:ec:b4:d2:70:ab:d0:40:dc:41:b8:af:
30:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:71:14:9F:A6:CB:06:E1:44:58:3E:AE:02:36:0B:60:3F:C5:9E:3A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/ED704D9C9B7B11EF9ECE1A87762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.235.56.0/21
Signature Algorithm: sha256WithRSAEncryption
10:d8:c7:9b:98:40:8c:a2:a5:a0:d3:e3:e2:3b:f7:a8:f6:70:
da:8a:c6:1a:cf:d5:b9:60:86:1d:e3:59:00:00:9e:ef:80:c4:
35:ea:7c:6d:ec:c1:c7:65:0c:70:4a:a4:df:61:35:54:d6:ed:
ce:eb:cb:21:7e:fc:32:24:aa:56:03:af:93:4b:46:68:0a:cc:
39:57:a5:33:10:2d:1d:fb:70:c5:a2:ed:5d:49:e8:42:b4:33:
23:c0:7a:f5:f1:13:37:ac:7d:2f:8d:18:ed:ec:f4:53:bc:b8:
43:95:13:f2:78:dc:71:7e:33:76:41:99:55:64:7e:71:4d:10:
0d:eb:39:1a:08:2c:16:fd:09:c8:23:2b:e4:22:55:c7:24:c8:
40:b6:8a:cf:e0:1c:2d:98:8e:a8:5f:c8:a7:b1:e3:f0:f4:b6:
d1:2d:42:54:42:a5:0d:e5:77:eb:ed:a6:6f:20:cb:2d:41:ee:
f8:dc:c3:af:19:d2:c0:e8:95:2a:79:2d:a2:8b:9e:11:e4:1c:
ff:4c:c2:9c:0a:8b:b6:80:03:24:82:22:52:68:d6:77:ad:51:
7b:5c:20:21:5c:d4:1a:b4:6f:26:be:91:af:7c:18:8c:8f:02:
fa:a5:18:fb:42:09:72:c5:20:45:77:dd:5b:68:32:e0:75:84:
ef:db:fe:67
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAM5vMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTA1MTM0MzIwWhcNMjUwMTEzMTM0MzIwWjAYMRYw
FAYDVQQDEw02NzJhMjBmYy00MmIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwAyIytOkHyGqAcY5iWNdGkbaR04XqZniZ2pjGOWvtlJBUssNMjKCVmEl
BTE0oZbL/DVNoHgvchct9y02jhDuPuPAb/Y/yby0zz5OBg3byfxE3qCXi1CKhxWu
goLJtHSlDwuzmCYS/VrXOQf8M3d/g2oSRzB6i6wyCUQTa7lH9WFnEuo0Ho0pUhG5
gQ3zsecgRV2yXm+ovWjJcwlzKt3VzNanEzKtfCq9HPzM7GgJw+4vYyPo+SqJi+C2
p7VC1UxMTCmmsnY/bzG26NzIO5Cn7X61fqTJLdPkG//momn8c8llr8gBXbAEZzjo
ipIQZjkNGRGJ7LTScKvQQNxBuK8wAQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMBx
FJ+mywbhRFg+rgI2C2A/xZ46MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FRDcwNEQ5QzlCN0IxMUVGOUVDRTFBODc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnOs4MA0GCSqGSIb3DQEBCwUA
A4IBAQAQ2MebmECMoqWg0+PiO/eo9nDaisYaz9W5YIYd41kAAJ7vgMQ16nxt7MHH
ZQxwSqTfYTVU1u3O68shfvwyJKpWA6+TS0ZoCsw5V6UzEC0d+3DFou1dSehCtDMj
wHr18RM3rH0vjRjt7PRTvLhDlRPyeNxxfjN2QZlVZH5xTRAN6zkaCCwW/QnIIyvk
IlXHJMhAtorP4BwtmI6oX8insePw9LbRLUJUQqUN5Xfr7aZvIMstQe743MOvGdLA
6JUqeS2ii54R5Bz/TMKcCou2gAMkgiJSaNZ3rVF7XCAhXNQatG8mvpGvfBiMjwL6
pRj7QglyxSBFd91baDLgdYTv2/5n
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:55 2024 by rpki-client on console-ams.rpki-client.org