Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F3DF7E465EEF11EF92C55689762E951A.roa
File: F3DF7E465EEF11EF92C55689762E951A.roa (raw, json)
Hash identifier: Dq+Trl7fLYR8NmcNOVN0Jz3JO1tnZn3GgB0XY55w/8M=
Subject key identifier: E8:A9:84:F1:58:CA:03:F1:D3:AE:E6:C7:26:C5:A2:6F:A0:40:7B:5D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: A9CE
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F3DF7E465EEF11EF92C55689762E951A.roa
Signing time: Tue 20 Aug 2024 12:30:15 +0000
ROA not before: Tue 20 Aug 2024 12:30:10 +0000
ROA not after: Tue 27 May 2025 12:30:10 +0000
asID: 399077
IP address blocks: 156.251.40.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43470 (0xa9ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Aug 20 12:30:10 2024 GMT
Not After : May 27 12:30:10 2025 GMT
Subject: CN=66c48c57-6af9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:b7:45:2b:d3:70:1f:a4:4b:3a:99:90:04:74:
6d:be:f4:9a:ab:14:03:9e:61:bd:8c:45:1c:8e:a0:
cf:99:63:0f:13:4f:b8:8a:67:6a:97:47:5c:8e:bf:
29:47:6c:4d:00:96:80:9d:82:6c:26:3d:73:10:e6:
2c:af:50:19:b9:6b:85:35:a0:2d:25:ab:63:8f:92:
2a:a5:8e:41:5a:40:d4:46:9c:90:52:d7:cc:a4:da:
a9:ab:7d:04:00:34:76:43:dc:65:96:5d:23:a7:5d:
76:c8:af:37:1e:ab:45:ca:62:1f:e7:bb:23:8f:c7:
0e:e5:39:14:6b:f8:2d:2f:7d:2d:64:cd:34:ec:6a:
45:da:4c:5b:13:99:d6:9b:d5:e8:6b:fb:87:89:4f:
c6:32:02:3c:c6:9a:32:2f:2e:57:83:22:d9:74:50:
45:00:43:85:3b:49:0e:12:83:f5:9c:5c:78:2c:09:
32:57:0c:65:f6:00:19:f1:ee:09:ca:18:1a:44:b0:
20:f9:8f:2b:70:fa:bb:0c:19:be:28:8b:f0:6a:31:
22:68:19:04:39:9d:9c:e4:25:d9:e5:61:cf:0e:ed:
da:36:52:66:e4:ad:ff:0c:0e:91:38:ca:de:1c:12:
6e:b7:3b:2c:fa:a4:03:e8:b5:f1:8d:4c:56:6c:c2:
11:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:A9:84:F1:58:CA:03:F1:D3:AE:E6:C7:26:C5:A2:6F:A0:40:7B:5D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F3DF7E465EEF11EF92C55689762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.251.40.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:2d:b0:a1:aa:a8:f0:90:00:48:33:69:12:37:bf:6b:48:79:
1a:da:42:39:a7:4e:61:b3:c8:f8:97:c5:22:34:09:6d:b1:64:
72:df:84:09:e2:25:fe:11:42:db:09:21:11:13:b2:8b:16:d7:
6d:73:af:89:d0:d4:d3:23:51:86:e5:a6:d8:7a:5b:ad:90:e5:
d8:51:97:a6:68:9d:02:20:cd:02:db:76:27:8a:2e:a6:08:4d:
95:f4:5e:fb:b5:65:6c:53:3c:8d:79:56:ed:9a:d8:6b:47:f9:
1b:7e:2c:b4:8a:68:9e:58:64:5f:58:2e:29:86:d5:3a:88:bc:
d3:c4:16:ff:88:02:9e:51:bf:60:f9:35:84:22:7f:67:97:6b:
61:46:ce:98:a7:92:d7:34:a1:e5:53:58:b1:b7:46:e7:78:78:
7a:dc:a6:ff:4e:37:eb:f9:f3:f4:31:2e:55:7c:26:22:8f:8b:
9f:4e:ba:5c:c4:cd:38:df:b7:97:6e:cb:fc:37:86:02:76:53:
6a:99:91:16:45:b1:c2:5b:d6:6e:7f:fd:f6:0f:28:88:82:00:
12:25:0e:3f:e8:28:0e:63:a6:dc:0e:c7:b4:61:b2:62:17:b9:
2c:a9:57:28:d9:2d:f3:02:cc:1d:e3:da:9c:da:29:c4:c3:43:
82:12:cc:a0
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAKnOMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwODIwMTIzMDEwWhcNMjUwNTI3MTIzMDEwWjAYMRYw
FAYDVQQDEw02NmM0OGM1Ny02YWY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApbdFK9NwH6RLOpmQBHRtvvSaqxQDnmG9jEUcjqDPmWMPE0+4imdql0dc
jr8pR2xNAJaAnYJsJj1zEOYsr1AZuWuFNaAtJatjj5IqpY5BWkDURpyQUtfMpNqp
q30EADR2Q9xlll0jp112yK83HqtFymIf57sjj8cO5TkUa/gtL30tZM007GpF2kxb
E5nWm9Xoa/uHiU/GMgI8xpoyLy5XgyLZdFBFAEOFO0kOEoP1nFx4LAkyVwxl9gAZ
8e4JyhgaRLAg+Y8rcPq7DBm+KIvwajEiaBkEOZ2c5CXZ5WHPDu3aNlJm5K3/DA6R
OMreHBJutzss+qQD6LXxjUxWbMIRPQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOip
hPFYygPx067mxybFom+gQHtdMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GM0RGN0U0NjVFRUYxMUVGOTJDNTU2ODk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPsoMA0GCSqGSIb3DQEBCwUA
A4IBAQAKLbChqqjwkABIM2kSN79rSHka2kI5p05hs8j4l8UiNAltsWRy34QJ4iX+
EULbCSERE7KLFtdtc6+J0NTTI1GG5abYelutkOXYUZemaJ0CIM0C23Ynii6mCE2V
9F77tWVsUzyNeVbtmthrR/kbfiy0imieWGRfWC4phtU6iLzTxBb/iAKeUb9g+TWE
In9nl2thRs6Yp5LXNKHlU1ixt0bneHh63Kb/Tjfr+fP0MS5VfCYij4ufTrpcxM04
37eXbsv8N4YCdlNqmZEWRbHCW9Zuf/32DyiIggASJQ4/6CgOY6bcDse0YbJiF7ks
qVco2S3zAswd49qc2inEw0OCEsyg
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:54 2024 by rpki-client on console-fra.rpki-client.org