Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FB8E510887C611EFA4B289B7762E951A.roa
File: FB8E510887C611EFA4B289B7762E951A.roa (raw, json)
Hash identifier: sdbjFQkm1L5Jj6dWAFsSe4YX0Wla3ueRVqxgiRziqkM=
Subject key identifier: A0:4B:BB:39:09:D3:A7:CD:D5:F0:5D:34:82:36:07:78:83:A2:53:CB
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: C3C7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FB8E510887C611EFA4B289B7762E951A.roa
Signing time: Fri 11 Oct 2024 11:50:17 +0000
ROA not before: Fri 11 Oct 2024 11:50:13 +0000
ROA not after: Sun 12 Oct 2025 11:50:13 +0000
asID: 136907
IP address blocks: 156.249.32.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 50119 (0xc3c7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Oct 11 11:50:13 2024 GMT
Not After : Oct 12 11:50:13 2025 GMT
Subject: CN=670910f8-f1cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ff:69:9a:f5:f7:c0:b4:75:c4:cd:5a:b3:11:
a5:b3:bb:c3:33:38:0d:5b:fd:a7:86:ac:c0:ad:48:
d1:5c:d2:6c:05:66:8e:1a:01:95:0e:13:43:17:7e:
0b:af:c3:ad:bb:f7:8d:b3:68:81:98:c6:38:12:02:
77:97:bb:b3:5c:29:70:5a:d0:f4:b3:bb:f7:d4:d2:
4c:a5:0b:13:11:86:41:0e:56:55:d7:19:5e:fd:d3:
69:b2:f2:fc:f7:41:99:64:09:67:94:dc:c9:16:b8:
d7:90:d7:c9:bb:77:84:14:0b:e8:a3:bb:6b:36:67:
8c:c7:bd:ec:2c:1d:23:f3:09:8d:e8:88:b9:de:55:
57:27:98:b7:a7:03:45:1f:58:f8:ea:a8:4a:08:93:
8b:d6:fb:98:5c:7c:63:2a:15:25:6a:58:d1:d6:99:
8c:99:a2:f0:67:22:c7:41:4a:fe:b1:0d:a7:ec:22:
58:19:e1:8f:57:67:cf:b1:db:bc:5a:9c:01:db:85:
68:3c:ce:f5:fe:7c:62:05:20:13:2c:34:d3:7c:b1:
7e:f1:09:4e:a3:be:01:3e:8a:dd:3c:4d:a7:88:0e:
96:d5:78:82:d6:6c:f2:46:96:f0:b3:c0:84:d4:a4:
de:8a:9d:65:7e:67:5a:92:6f:3f:7b:00:57:ff:a6:
db:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:4B:BB:39:09:D3:A7:CD:D5:F0:5D:34:82:36:07:78:83:A2:53:CB
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FB8E510887C611EFA4B289B7762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.249.32.0/20
Signature Algorithm: sha256WithRSAEncryption
9b:d3:2e:0a:14:36:e9:a3:c0:40:78:0a:93:48:62:5e:d9:83:
12:08:95:56:38:25:f2:b3:3a:b2:22:1d:2d:ca:4c:01:4b:71:
37:4f:a8:a0:90:b0:0f:e2:c7:c8:2b:85:2e:25:d2:11:98:75:
30:15:3d:0b:ad:1f:b1:87:81:fc:d0:ee:55:77:0a:be:4b:af:
57:ca:61:bc:f6:53:94:62:dd:0b:d8:62:db:20:f7:82:78:b1:
6b:41:ce:22:49:04:9a:b4:9e:e4:ef:1a:54:9d:09:9f:cd:16:
aa:ac:a8:da:83:62:eb:9a:dc:21:e4:72:81:95:05:0a:bc:77:
d4:7f:84:9f:bf:d6:97:0e:64:dc:52:86:5d:e7:f3:dc:84:9f:
2a:b3:70:8f:64:b2:66:8e:0b:3d:24:37:82:25:3f:9d:3b:76:
4c:75:65:06:d6:62:1a:07:6a:3c:e0:2c:0f:ce:c8:76:09:e2:
1c:fc:a3:d1:90:b9:af:2d:88:72:3b:45:d3:46:b1:66:d2:08:
62:f8:b1:53:de:05:9b:5a:91:27:56:c7:ec:3a:73:c4:49:ed:
51:10:6f:d1:c2:63:21:95:2d:99:d9:e7:9f:3c:95:71:91:aa:
a5:33:68:ab:d5:ec:77:d2:bc:7c:9d:25:55:d7:56:2a:c6:d3:
87:37:e3:83
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAMPHMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMDExMTE1MDEzWhcNMjUxMDEyMTE1MDEzWjAYMRYw
FAYDVQQDEw02NzA5MTBmOC1mMWNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuv9pmvX3wLR1xM1asxGls7vDMzgNW/2nhqzArUjRXNJsBWaOGgGVDhND
F34Lr8Otu/eNs2iBmMY4EgJ3l7uzXClwWtD0s7v31NJMpQsTEYZBDlZV1xle/dNp
svL890GZZAlnlNzJFrjXkNfJu3eEFAvoo7trNmeMx73sLB0j8wmN6Ii53lVXJ5i3
pwNFH1j46qhKCJOL1vuYXHxjKhUlaljR1pmMmaLwZyLHQUr+sQ2n7CJYGeGPV2fP
sdu8WpwB24VoPM71/nxiBSATLDTTfLF+8QlOo74BPordPE2niA6W1XiC1mzyRpbw
s8CE1KTeip1lfmdakm8/ewBX/6bb5QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKBL
uzkJ06fN1fBdNII2B3iDolPLMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GQjhFNTEwODg3QzYxMUVGQTRCMjg5Qjc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnPkgMA0GCSqGSIb3DQEBCwUA
A4IBAQCb0y4KFDbpo8BAeAqTSGJe2YMSCJVWOCXyszqyIh0tykwBS3E3T6igkLAP
4sfIK4UuJdIRmHUwFT0LrR+xh4H80O5Vdwq+S69XymG89lOUYt0L2GLbIPeCeLFr
Qc4iSQSatJ7k7xpUnQmfzRaqrKjag2Lrmtwh5HKBlQUKvHfUf4Sfv9aXDmTcUoZd
5/PchJ8qs3CPZLJmjgs9JDeCJT+dO3ZMdWUG1mIaB2o84CwPzsh2CeIc/KPRkLmv
LYhyO0XTRrFm0ghi+LFT3gWbWpEnVsfsOnPESe1REG/RwmMhlS2Z2eefPJVxkaql
M2ir1ex30rx8nSVV11YqxtOHN+OD
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:55 2024 by rpki-client on console-fra.rpki-client.org