Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/ED70ED349B8911EFBCFBD55E762E951A.roa
File: ED70ED349B8911EFBCFBD55E762E951A.roa (raw, json)
Hash identifier: u+H9Ig2uBoE+HrrzBAQlvJlLSPfqzRnzAKhWKWoQ13U=
Subject key identifier: D6:F3:91:15:89:53:8D:51:0E:EF:1C:58:6C:4E:CD:F5:F6:F2:C5:17
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: CED9
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/ED70ED349B8911EFBCFBD55E762E951A.roa
Signing time: Tue 05 Nov 2024 15:23:37 +0000
ROA not before: Tue 05 Nov 2024 15:23:33 +0000
ROA not after: Wed 04 Dec 2024 15:23:33 +0000
asID: 200373
IP address blocks: 156.228.190.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 52953 (0xced9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 5 15:23:33 2024 GMT
Not After : Dec 4 15:23:33 2024 GMT
Subject: CN=672a3879-784e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:59:ca:05:aa:70:29:bb:91:f5:ce:81:e5:88:
4a:97:eb:57:cf:99:32:d8:a7:84:8a:b3:7d:5a:37:
9c:8f:39:9a:8d:c0:04:d9:a6:a2:ea:08:c4:3b:08:
00:3d:98:da:42:00:16:70:f1:d5:91:44:1b:c8:f2:
c2:24:e6:8d:09:bd:3f:c2:46:6f:05:01:58:7f:08:
03:0a:e5:8c:45:9e:ff:af:ff:39:42:b0:0e:8f:21:
95:84:95:96:e5:74:3c:33:6f:56:f7:ba:65:62:76:
1b:89:51:c1:71:04:99:eb:ba:27:96:78:dc:55:14:
7a:12:7b:ed:3e:31:d4:15:ed:b4:58:09:1d:70:04:
96:b1:61:72:4f:01:ac:51:b3:b1:09:86:ee:7a:b5:
27:54:40:bb:90:c6:da:7a:fa:f8:16:6e:f4:15:76:
2e:fa:3f:0d:ab:81:6f:3d:c1:cc:a7:6e:79:a5:5e:
e3:c7:15:d9:7b:00:28:8c:dc:ee:e0:1e:98:b6:51:
51:87:26:42:2a:5b:dd:c2:b5:6b:d0:55:b1:c3:e0:
e6:e2:2e:48:f9:32:8b:32:20:00:c2:a4:0c:ef:5a:
80:7f:12:c9:6b:ad:c7:16:9e:f1:59:9d:3e:f8:2c:
3a:9c:0e:2d:ab:d1:6f:23:03:4c:9b:5b:63:37:c8:
62:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:F3:91:15:89:53:8D:51:0E:EF:1C:58:6C:4E:CD:F5:F6:F2:C5:17
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/ED70ED349B8911EFBCFBD55E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.190.0/24
Signature Algorithm: sha256WithRSAEncryption
91:a2:7d:2d:a9:f4:15:6d:e4:68:a1:ca:d7:eb:6f:e4:ac:bb:
ab:70:4d:10:e6:a6:3c:99:67:99:d2:c5:4d:64:ab:55:1d:12:
d3:fd:fa:d0:72:2c:93:69:ae:b7:b6:ac:92:a5:69:4e:7d:ff:
ea:e3:08:2d:48:61:13:ab:7a:bc:e5:af:47:67:33:92:f8:9a:
fc:1e:6b:eb:bf:2d:d2:6d:6b:52:4d:c6:4f:70:d3:a2:33:3d:
c4:8e:a9:4a:79:2d:6d:8c:a9:7f:01:68:46:8c:45:fe:52:73:
6f:8a:46:fd:73:05:4d:1d:1e:2f:6b:a3:a0:ca:87:6b:d4:3c:
8b:0e:47:70:a5:0c:93:26:ee:99:73:a7:82:54:8f:b8:d9:ee:
a8:a4:7f:47:9c:0a:82:9f:d2:53:cc:69:6f:c4:aa:b2:3a:7b:
46:36:e3:f1:17:df:96:5c:f5:8e:fa:3b:bd:74:13:da:32:8a:
80:33:f0:8e:b9:fd:23:07:3b:f9:5a:84:47:17:a8:3c:8a:25:
76:e1:22:07:e3:0e:52:72:5d:b2:84:df:63:62:2d:27:06:40:
fe:0d:e9:76:b0:b5:da:19:ca:9d:8e:09:05:08:bf:6a:a5:58:
98:35:c7:89:d1:72:83:70:d9:08:d8:09:f3:c7:e9:0b:ed:f5:
ff:c2:9b:db
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAM7ZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTA1MTUyMzMzWhcNMjQxMjA0MTUyMzMzWjAYMRYw
FAYDVQQDEw02NzJhMzg3OS03ODRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAr1nKBapwKbuR9c6B5YhKl+tXz5ky2KeEirN9WjecjzmajcAE2aai6gjE
OwgAPZjaQgAWcPHVkUQbyPLCJOaNCb0/wkZvBQFYfwgDCuWMRZ7/r/85QrAOjyGV
hJWW5XQ8M29W97plYnYbiVHBcQSZ67onlnjcVRR6EnvtPjHUFe20WAkdcASWsWFy
TwGsUbOxCYbuerUnVEC7kMbaevr4Fm70FXYu+j8Nq4FvPcHMp255pV7jxxXZewAo
jNzu4B6YtlFRhyZCKlvdwrVr0FWxw+Dm4i5I+TKLMiAAwqQM71qAfxLJa63HFp7x
WZ0++Cw6nA4tq9FvIwNMm1tjN8hixQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNbz
kRWJU41RDu8cWGxOzfX28sUXMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FRDcwRUQzNDlCODkxMUVGQkNGQkQ1NUU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOS+MA0GCSqGSIb3DQEBCwUA
A4IBAQCRon0tqfQVbeRoocrX62/krLurcE0Q5qY8mWeZ0sVNZKtVHRLT/frQciyT
aa63tqySpWlOff/q4wgtSGETq3q85a9HZzOS+Jr8Hmvrvy3SbWtSTcZPcNOiMz3E
jqlKeS1tjKl/AWhGjEX+UnNvikb9cwVNHR4va6Ogyodr1DyLDkdwpQyTJu6Zc6eC
VI+42e6opH9HnAqCn9JTzGlvxKqyOntGNuPxF9+WXPWO+ju9dBPaMoqAM/COuf0j
Bzv5WoRHF6g8iiV24SIH4w5Scl2yhN9jYi0nBkD+Del2sLXaGcqdjgkFCL9qpViY
NceJ0XKDcNkI2Anzx+kL7fX/wpvb
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:55 2024 by rpki-client on console-ams.rpki-client.org