Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F8123E1C9C1C11EF82E83683762E951A.roa
File: F8123E1C9C1C11EF82E83683762E951A.roa (raw, json)
Hash identifier: Wt6XRTVLevvxt+BvsaUUmpcwN7P9FfAyoMoXAP2FqMc=
Subject key identifier: A1:92:6B:26:9D:FF:B2:A2:7E:6B:6C:82:23:E3:D2:51:7D:78:1E:89
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: CF1C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F8123E1C9C1C11EF82E83683762E951A.roa
Signing time: Wed 06 Nov 2024 08:56:11 +0000
ROA not before: Wed 06 Nov 2024 08:56:07 +0000
ROA not after: Wed 01 Jan 2025 08:56:07 +0000
asID: 149440
IP address blocks: 156.236.76.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 53020 (0xcf1c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 6 08:56:07 2024 GMT
Not After : Jan 1 08:56:07 2025 GMT
Subject: CN=672b2f2b-f2f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:81:3a:39:09:34:e2:36:be:7d:dd:4d:c6:ce:
08:a2:26:9e:f4:17:b4:11:b2:0a:e5:1b:57:78:be:
4a:6f:64:f6:87:40:a1:42:ca:b4:13:92:d0:a0:34:
c2:83:9a:81:06:39:e1:c8:e6:d6:cf:c9:02:03:3b:
13:5b:2a:e0:b0:c5:7d:c0:88:50:0d:e0:0e:9c:81:
cb:e4:bb:25:76:75:18:7e:43:1c:d9:56:7e:59:7d:
92:01:81:cc:f0:1f:74:78:07:e9:58:0e:6b:b5:bb:
5f:e3:fb:84:54:da:49:e7:bf:50:5d:08:67:4b:82:
3c:66:3d:fc:d5:0c:f4:08:7d:f8:1c:0a:c5:b0:3f:
94:8c:ac:a7:05:18:fd:25:47:89:9d:7f:e3:a0:c7:
53:70:fc:bc:d5:c2:bb:7e:71:84:2a:d8:d4:63:c4:
c6:75:ca:ed:00:d7:4f:6e:3d:f9:bd:2a:37:f6:8e:
56:cd:4a:df:df:0f:29:35:a6:79:b0:9e:f9:c5:5e:
29:7d:f9:05:71:b9:e8:7e:f7:d4:b5:83:08:f4:c4:
76:e0:6e:09:48:41:b0:a3:34:73:74:7c:ea:cb:9d:
48:ea:58:81:49:be:94:11:c1:33:ac:e0:3e:33:c2:
65:e5:40:c7:88:c7:73:22:87:14:01:6c:7c:5e:3f:
e5:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:92:6B:26:9D:FF:B2:A2:7E:6B:6C:82:23:E3:D2:51:7D:78:1E:89
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F8123E1C9C1C11EF82E83683762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.236.76.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:8f:1b:7a:ff:d5:87:e4:87:2b:09:ca:07:d6:02:20:e4:97:
3f:c1:e5:d8:81:0f:cb:ad:1a:4c:0e:93:61:8a:a8:44:92:b7:
db:7c:79:77:7a:2c:da:11:22:21:d0:3e:21:1c:63:44:d9:07:
e0:03:0c:f3:69:7e:85:7a:e0:11:a2:45:24:ad:d1:82:a6:e9:
c5:7f:2c:4b:0c:ed:c8:90:30:4c:e5:10:70:f0:3d:41:52:32:
2b:93:64:b1:a1:9e:a2:86:d3:3a:b3:fc:51:34:8a:fe:ff:c7:
27:eb:18:a7:db:85:43:11:6d:84:06:8b:eb:0d:76:e0:86:54:
c9:f2:16:03:e8:0a:36:4f:2e:65:f2:d1:ba:44:dd:e9:c5:8c:
5a:d9:0a:ca:c2:5f:47:0e:24:dc:a8:4d:53:6d:9d:78:fc:11:
a5:76:82:c9:cb:a5:d2:2f:da:fe:88:96:40:93:90:d8:50:82:
01:42:3c:62:9b:ee:7f:df:f8:36:47:f7:f6:bf:68:8d:d7:cf:
1d:ee:38:46:66:e7:a2:12:c4:64:29:ee:71:ed:30:ed:1c:ec:
97:43:e8:c3:1d:df:aa:8b:ca:41:81:2e:5e:e9:c0:fd:f9:97:
fc:49:31:fb:58:ce:22:24:7e:c9:98:ae:79:2f:08:84:e7:e7:
06:7e:69:5e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAM8cMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTA2MDg1NjA3WhcNMjUwMTAxMDg1NjA3WjAYMRYw
FAYDVQQDEw02NzJiMmYyYi1mMmYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA34E6OQk04ja+fd1Nxs4Ioiae9Be0EbIK5RtXeL5Kb2T2h0ChQsq0E5LQ
oDTCg5qBBjnhyObWz8kCAzsTWyrgsMV9wIhQDeAOnIHL5LsldnUYfkMc2VZ+WX2S
AYHM8B90eAfpWA5rtbtf4/uEVNpJ579QXQhnS4I8Zj381Qz0CH34HArFsD+UjKyn
BRj9JUeJnX/joMdTcPy81cK7fnGEKtjUY8TGdcrtANdPbj35vSo39o5WzUrf3w8p
NaZ5sJ75xV4pffkFcbnofvfUtYMI9MR24G4JSEGwozRzdHzqy51I6liBSb6UEcEz
rOA+M8Jl5UDHiMdzIocUAWx8Xj/lYQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKGS
ayad/7KifmtsgiPj0lF9eB6JMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GODEyM0UxQzlDMUMxMUVGODJFODM2ODM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOxMMA0GCSqGSIb3DQEBCwUA
A4IBAQBKjxt6/9WH5IcrCcoH1gIg5Jc/weXYgQ/LrRpMDpNhiqhEkrfbfHl3eiza
ESIh0D4hHGNE2QfgAwzzaX6FeuARokUkrdGCpunFfyxLDO3IkDBM5RBw8D1BUjIr
k2SxoZ6ihtM6s/xRNIr+/8cn6xin24VDEW2EBovrDXbghlTJ8hYD6Ao2Ty5l8tG6
RN3pxYxa2QrKwl9HDiTcqE1TbZ14/BGldoLJy6XSL9r+iJZAk5DYUIIBQjxim+5/
3/g2R/f2v2iN188d7jhGZueiEsRkKe5x7TDtHOyXQ+jDHd+qi8pBgS5e6cD9+Zf8
STH7WM4iJH7JmK55LwiE5+cGfmle
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:57 2024 by rpki-client on console-ams.rpki-client.org