Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FA3E11FE76A911EFABAFBB71762E951A.roa
File: FA3E11FE76A911EFABAFBB71762E951A.roa (raw, json)
Hash identifier: fZWO4QCdKwk1ztW/lcOWrCJ4mRD5uuS5Sm/Lhd77WVc=
Subject key identifier: A6:F0:E8:DD:9D:60:A0:4E:9B:C9:25:53:74:B8:1D:C9:B1:C8:4E:85
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: B8D4
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FA3E11FE76A911EFABAFBB71762E951A.roa
Signing time: Thu 19 Sep 2024 17:09:49 +0000
ROA not before: Thu 19 Sep 2024 17:09:46 +0000
ROA not after: Fri 20 Dec 2024 17:09:46 +0000
asID: 16437
IP address blocks: 156.236.80.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 47316 (0xb8d4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 19 17:09:46 2024 GMT
Not After : Dec 20 17:09:46 2024 GMT
Subject: CN=66ec5add-6e0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:3f:8d:b8:57:8f:4e:8d:e3:fc:fb:19:d3:a4:
70:86:8b:da:de:23:99:e3:21:11:79:86:0d:65:fe:
04:36:ac:d4:ef:3d:bf:d7:c1:bb:3a:f4:2e:4b:98:
04:56:db:27:98:0e:42:ae:85:7a:0d:5a:ff:9f:35:
84:9d:23:3e:2b:88:eb:24:07:a9:b2:a7:68:ef:a1:
84:89:a4:05:77:29:ca:41:07:f7:26:e6:cd:de:12:
69:b9:fa:ae:80:b7:20:3d:2e:18:5b:99:33:8b:dc:
af:bb:47:95:f9:f7:54:c0:35:ef:8c:43:13:41:41:
5c:ef:39:1a:50:ba:bf:09:58:bf:7d:1d:57:78:d3:
75:b1:81:75:37:7f:7d:1b:92:9c:b4:7c:9e:a8:d0:
b8:a1:77:9a:b7:04:96:9a:3c:86:e8:51:b8:18:dd:
47:9a:37:b4:8b:c5:ce:98:18:e2:84:84:70:dc:a6:
96:7c:3b:a6:d0:8f:7c:40:52:a2:18:20:4c:10:fe:
46:8b:c8:2d:04:4e:7c:10:fb:9a:2f:36:6b:95:5e:
c0:ac:22:d2:05:fa:91:73:db:3e:99:e7:df:c7:96:
6b:cb:f7:f9:89:82:da:c3:b0:54:2a:02:27:e6:25:
0f:9b:60:58:38:a2:c7:77:fe:af:6b:40:1d:22:05:
82:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:F0:E8:DD:9D:60:A0:4E:9B:C9:25:53:74:B8:1D:C9:B1:C8:4E:85
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FA3E11FE76A911EFABAFBB71762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.236.80.0/22
Signature Algorithm: sha256WithRSAEncryption
92:0d:50:ec:d2:5a:e8:f4:5f:72:be:a0:fb:db:07:ab:40:85:
ce:26:9d:b3:8a:08:e1:59:28:55:88:cc:c8:e5:3a:5c:7a:88:
ab:67:8b:55:52:34:69:f1:10:b6:ed:e5:42:3f:c1:b1:a9:c0:
f4:b5:b8:b0:9a:49:39:14:98:e6:1e:c2:48:53:92:f4:b4:11:
0e:d7:19:19:36:05:fa:eb:3a:92:5c:ef:6c:2f:54:6d:99:b4:
fc:aa:5c:07:dd:de:fe:f8:fe:50:df:05:92:f2:40:be:0a:d4:
78:f5:91:4c:c3:5b:54:b0:b4:04:32:9f:9c:87:3b:b1:ba:70:
7b:66:5f:4f:7c:af:6e:23:f2:93:44:50:b7:b8:13:d5:15:d1:
cc:b9:05:33:3b:7c:57:cc:54:d1:1e:41:0a:a5:53:d9:ae:34:
b8:ec:df:27:7a:53:9c:94:6e:cc:b4:58:c8:97:bf:c7:6c:9d:
92:c3:39:1b:2a:56:6e:a7:40:3f:9b:ee:9e:6a:1c:3e:82:88:
39:35:1c:55:8b:ef:01:48:c9:f2:a8:33:82:4d:aa:ce:4e:5b:
f6:92:76:95:ed:15:a3:a7:0f:43:a2:c3:bb:53:02:e9:77:27:
1b:46:10:17:f6:46:86:ac:ca:4f:bc:26:66:9b:fc:30:d9:d6:
e5:e0:ae:5d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDALjUMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwOTE5MTcwOTQ2WhcNMjQxMjIwMTcwOTQ2WjAYMRYw
FAYDVQQDEw02NmVjNWFkZC02ZTBjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1T+NuFePTo3j/PsZ06Rwhova3iOZ4yEReYYNZf4ENqzU7z2/18G7OvQu
S5gEVtsnmA5CroV6DVr/nzWEnSM+K4jrJAepsqdo76GEiaQFdynKQQf3JubN3hJp
ufqugLcgPS4YW5kzi9yvu0eV+fdUwDXvjEMTQUFc7zkaULq/CVi/fR1XeNN1sYF1
N399G5KctHyeqNC4oXeatwSWmjyG6FG4GN1Hmje0i8XOmBjihIRw3KaWfDum0I98
QFKiGCBMEP5Gi8gtBE58EPuaLzZrlV7ArCLSBfqRc9s+meffx5Zry/f5iYLaw7BU
KgIn5iUPm2BYOKLHd/6va0AdIgWCeQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKbw
6N2dYKBOm8klU3S4HcmxyE6FMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GQTNFMTFGRTc2QTkxMUVGQUJBRkJCNzE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnOxQMA0GCSqGSIb3DQEBCwUA
A4IBAQCSDVDs0lro9F9yvqD72werQIXOJp2zigjhWShViMzI5TpceoirZ4tVUjRp
8RC27eVCP8GxqcD0tbiwmkk5FJjmHsJIU5L0tBEO1xkZNgX66zqSXO9sL1RtmbT8
qlwH3d7++P5Q3wWS8kC+CtR49ZFMw1tUsLQEMp+chzuxunB7Zl9PfK9uI/KTRFC3
uBPVFdHMuQUzO3xXzFTRHkEKpVPZrjS47N8nelOclG7MtFjIl7/HbJ2SwzkbKlZu
p0A/m+6eahw+gog5NRxVi+8BSMnyqDOCTarOTlv2knaV7RWjpw9DosO7UwLpdycb
RhAX9kaGrMpPvCZmm/ww2dbl4K5d
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:55 2024 by rpki-client on console-fra.rpki-client.org