Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FB3CC974A33611EF8DDB2F6A762E951A.roa
File: FB3CC974A33611EF8DDB2F6A762E951A.roa (raw, json)
Hash identifier: JfQ6MkaLk5xmEGV8Vatc4vlbVCfYGcC0II5YQK/fxm8=
Subject key identifier: B1:C0:07:5B:FB:BB:6D:E5:58:7C:93:A5:2A:89:9E:89:74:3E:15:51
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D30D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FB3CC974A33611EF8DDB2F6A762E951A.roa
Signing time: Fri 15 Nov 2024 09:50:01 +0000
ROA not before: Fri 15 Nov 2024 09:49:57 +0000
ROA not after: Sat 23 Nov 2024 09:49:57 +0000
asID: 54467
IP address blocks: 156.247.48.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 54029 (0xd30d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 15 09:49:57 2024 GMT
Not After : Nov 23 09:49:57 2024 GMT
Subject: CN=67371949-58c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:ee:5b:51:7b:03:2b:a5:2e:39:bb:22:65:c7:
c3:98:a4:7b:6c:55:17:2e:82:66:06:a7:c6:58:3c:
02:6c:05:8a:86:77:d2:a9:a6:f8:59:9a:2c:93:15:
32:a1:2d:b9:23:01:a7:b3:9c:c1:10:62:58:99:4a:
ec:b4:80:98:0f:8b:70:b3:4e:97:f8:f2:ab:fd:9d:
7b:78:37:64:4e:18:d9:86:83:6d:c2:14:15:13:f3:
c3:58:3b:98:e5:16:0d:73:06:42:65:8c:0e:06:ed:
10:56:f7:fc:e0:69:f9:c9:e0:b0:a7:36:6b:c8:c9:
9e:36:8b:c8:9d:af:71:79:6d:25:d6:27:fe:39:54:
ed:5a:81:43:5d:8c:ce:21:d3:e1:21:aa:82:dc:c6:
2b:c5:77:55:fb:d4:b5:15:dd:ef:cb:e8:91:fc:d7:
e4:c4:30:6d:5f:7f:f2:f9:c0:8a:96:43:65:63:04:
f2:7b:e0:aa:c5:76:0b:98:d6:9a:44:45:91:ae:14:
b1:09:36:98:6f:b0:89:5a:6f:96:b6:f1:76:a4:4c:
65:54:88:dc:9f:39:9d:4d:a4:2e:6d:d6:96:c7:d2:
0c:2d:fe:42:b4:fb:06:c0:e4:74:1f:c3:a6:a0:ad:
f4:e2:a7:60:a6:93:ac:83:ae:d9:7d:e0:2a:c6:cf:
86:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:C0:07:5B:FB:BB:6D:E5:58:7C:93:A5:2A:89:9E:89:74:3E:15:51
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FB3CC974A33611EF8DDB2F6A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.247.48.0/23
Signature Algorithm: sha256WithRSAEncryption
7c:50:77:98:a6:e3:e7:fd:6c:1f:b1:35:cf:2e:d5:3b:25:29:
a1:cc:f1:78:3f:37:8e:0c:b9:ab:bf:b1:78:2f:8c:ea:f2:06:
2c:de:c9:05:3f:3f:a8:fc:a7:58:dc:31:46:ab:8e:e4:79:8c:
f1:b0:3b:d9:31:be:22:d7:77:a3:f8:20:56:0c:c0:28:4f:55:
dd:24:0d:94:7f:13:77:eb:5a:e6:5f:b2:6a:56:fa:b2:ee:b1:
8b:d3:a1:87:49:04:ce:76:c1:c2:e1:ec:e2:08:5e:3c:d0:91:
3f:b1:74:b7:d5:48:eb:5b:ab:b9:6b:4f:a2:4f:51:a2:58:86:
7d:78:01:42:06:d3:45:5b:18:db:4a:ae:84:a2:f9:ca:60:58:
b0:3f:c5:8c:3d:43:57:15:63:36:c8:6b:e8:7c:c5:8c:24:74:
ff:f7:e4:26:97:59:05:5f:56:04:46:d2:6e:e6:cc:60:da:48:
49:cf:6c:be:f8:db:0f:fa:b0:9b:55:80:fd:de:b9:3c:4f:9e:
d2:f4:75:49:69:17:2e:75:ac:88:c2:18:a9:84:ee:3e:40:89:
30:af:e2:cd:9a:76:9b:e0:fe:d3:13:b8:11:64:77:6b:15:fd:
e0:2a:18:70:bd:90:78:9c:2a:f2:9f:d8:cc:24:10:8c:b8:6c:
8b:d6:de:4f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANMNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTE1MDk0OTU3WhcNMjQxMTIzMDk0OTU3WjAYMRYw
FAYDVQQDEw02NzM3MTk0OS01OGM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyu5bUXsDK6UuObsiZcfDmKR7bFUXLoJmBqfGWDwCbAWKhnfSqab4WZos
kxUyoS25IwGns5zBEGJYmUrstICYD4tws06X+PKr/Z17eDdkThjZhoNtwhQVE/PD
WDuY5RYNcwZCZYwOBu0QVvf84Gn5yeCwpzZryMmeNovIna9xeW0l1if+OVTtWoFD
XYzOIdPhIaqC3MYrxXdV+9S1Fd3vy+iR/NfkxDBtX3/y+cCKlkNlYwTye+CqxXYL
mNaaREWRrhSxCTaYb7CJWm+WtvF2pExlVIjcnzmdTaQubdaWx9IMLf5CtPsGwOR0
H8OmoK304qdgppOsg67ZfeAqxs+GMQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLHA
B1v7u23lWHyTpSqJnol0PhVRMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GQjNDQzk3NEEzMzYxMUVGOEREQjJGNkE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnPcwMA0GCSqGSIb3DQEBCwUA
A4IBAQB8UHeYpuPn/WwfsTXPLtU7JSmhzPF4PzeODLmrv7F4L4zq8gYs3skFPz+o
/KdY3DFGq47keYzxsDvZMb4i13ej+CBWDMAoT1XdJA2UfxN361rmX7JqVvqy7rGL
06GHSQTOdsHC4eziCF480JE/sXS31UjrW6u5a0+iT1GiWIZ9eAFCBtNFWxjbSq6E
ovnKYFiwP8WMPUNXFWM2yGvofMWMJHT/9+Qml1kFX1YERtJu5sxg2khJz2y++NsP
+rCbVYD93rk8T57S9HVJaRcudayIwhiphO4+QIkwr+LNmnab4P7TE7gRZHdrFf3g
KhhwvZB4nCryn9jMJBCMuGyL1t5P
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:55 2024 by rpki-client on console-fra.rpki-client.org