Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FCCAF680A33111EF969F5B4C762E951A.roa
File: FCCAF680A33111EF969F5B4C762E951A.roa (raw, json)
Hash identifier: ljNLtjT/aga7aV92BBtFZezWna5P6mvustuJTFGdbN8=
Subject key identifier: D2:1B:23:9A:3F:B0:13:81:71:4B:49:16:78:4E:7F:44:EC:40:D9:5D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D2F7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FCCAF680A33111EF969F5B4C762E951A.roa
Signing time: Fri 15 Nov 2024 09:14:16 +0000
ROA not before: Fri 15 Nov 2024 09:14:13 +0000
ROA not after: Sat 17 Oct 2026 09:14:13 +0000
asID: 137443
IP address blocks: 156.226.16.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 54007 (0xd2f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 15 09:14:13 2024 GMT
Not After : Oct 17 09:14:13 2026 GMT
Subject: CN=673710e8-9dcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ec:d7:76:a1:42:a0:5b:15:46:d7:81:14:3d:
94:97:89:31:44:88:56:be:56:45:30:a1:17:cb:6d:
ab:07:97:53:44:cf:99:30:90:4d:2e:d7:50:4c:31:
d1:75:32:43:03:ff:39:88:28:c8:4d:9f:f1:62:7a:
01:dd:6e:13:bf:8d:0a:fb:6c:e2:92:ea:11:3a:07:
9a:41:6b:2e:c0:6b:f0:3c:b6:1d:59:fa:61:67:9f:
97:d9:57:2c:b3:fa:d2:bc:79:0d:12:97:02:32:70:
c6:91:51:32:62:f1:d8:47:b4:a5:a6:aa:86:d4:b1:
68:6e:41:83:93:d3:14:13:c4:98:f5:98:15:6c:f4:
73:22:7d:8c:a4:02:2b:50:0d:da:6c:bd:3e:5c:61:
ea:f3:a7:52:8e:1f:dc:44:34:62:b2:3e:79:28:82:
08:49:ce:f7:45:ab:3c:73:01:75:6c:ba:d0:6e:52:
6a:27:78:b8:ea:22:36:6c:ba:8c:8e:5e:11:ab:f5:
a5:fa:97:f3:8d:d4:f0:6a:89:7f:f2:78:bd:6f:ab:
01:f6:e6:2b:b5:a2:f2:e1:23:fa:ca:1d:92:92:24:
08:d1:4c:f8:f8:ed:1d:72:8f:1a:5e:a9:6a:44:8d:
aa:58:f9:e9:c1:64:2e:20:be:3e:c5:77:31:5e:6d:
66:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:1B:23:9A:3F:B0:13:81:71:4B:49:16:78:4E:7F:44:EC:40:D9:5D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FCCAF680A33111EF969F5B4C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.226.16.0/21
Signature Algorithm: sha256WithRSAEncryption
32:59:af:56:ff:aa:1c:94:1e:c0:35:20:65:5f:1d:72:f5:5c:
77:b6:5e:22:b4:ea:7a:dd:4f:4f:c3:18:65:86:60:a2:ab:f1:
df:a1:18:bf:4b:3c:9c:41:e8:78:55:1f:28:f5:4f:d7:91:6f:
89:94:56:9e:1c:37:65:c5:f5:38:21:8d:a6:2e:58:c6:d7:a3:
82:52:14:eb:79:65:52:8c:bd:98:bb:69:43:9a:d2:e9:31:f0:
b2:b7:22:4f:c3:13:68:70:7c:fe:be:38:42:6a:2e:1c:b4:ea:
4e:a4:8f:57:c6:dc:05:17:ed:06:eb:2e:63:7a:b2:32:6a:e6:
b3:69:11:9e:cb:48:22:9c:93:b1:3d:2c:31:e5:68:fe:b1:4b:
ee:38:df:93:04:b9:98:4a:18:db:05:2e:01:52:8c:bf:d6:8a:
3d:02:f1:03:b0:fb:22:41:de:4b:aa:82:34:fa:7d:4d:3c:35:
41:10:6e:d2:4d:f9:12:49:1b:bf:93:62:eb:6a:e8:c2:dd:cf:
ba:60:06:b1:d3:f1:77:4a:b4:20:45:e7:74:cf:c7:76:fe:7c:
03:a2:55:4f:a8:63:63:d9:ba:f9:e6:35:47:33:cd:0c:44:f4:
73:82:34:e7:ec:0b:ce:13:db:7d:77:ff:97:6e:dc:17:5e:16:
f0:cc:36:f8
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANL3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTE1MDkxNDEzWhcNMjYxMDE3MDkxNDEzWjAYMRYw
FAYDVQQDEw02NzM3MTBlOC05ZGNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtuzXdqFCoFsVRteBFD2Ul4kxRIhWvlZFMKEXy22rB5dTRM+ZMJBNLtdQ
TDHRdTJDA/85iCjITZ/xYnoB3W4Tv40K+2zikuoROgeaQWsuwGvwPLYdWfphZ5+X
2Vcss/rSvHkNEpcCMnDGkVEyYvHYR7SlpqqG1LFobkGDk9MUE8SY9ZgVbPRzIn2M
pAIrUA3abL0+XGHq86dSjh/cRDRisj55KIIISc73Ras8cwF1bLrQblJqJ3i46iI2
bLqMjl4Rq/Wl+pfzjdTwaol/8ni9b6sB9uYrtaLy4SP6yh2SkiQI0Uz4+O0dco8a
XqlqRI2qWPnpwWQuIL4+xXcxXm1mPwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNIb
I5o/sBOBcUtJFnhOf0TsQNldMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GQ0NBRjY4MEEzMzExMUVGOTY5RjVCNEM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnOIQMA0GCSqGSIb3DQEBCwUA
A4IBAQAyWa9W/6oclB7ANSBlXx1y9Vx3tl4itOp63U9PwxhlhmCiq/HfoRi/Szyc
Qeh4VR8o9U/XkW+JlFaeHDdlxfU4IY2mLljG16OCUhTreWVSjL2Yu2lDmtLpMfCy
tyJPwxNocHz+vjhCai4ctOpOpI9XxtwFF+0G6y5jerIyauazaRGey0ginJOxPSwx
5Wj+sUvuON+TBLmYShjbBS4BUoy/1oo9AvEDsPsiQd5LqoI0+n1NPDVBEG7STfkS
SRu/k2LraujC3c+6YAax0/F3SrQgRed0z8d2/nwDolVPqGNj2br55jVHM80MRPRz
gjTn7AvOE9t9d/+XbtwXXhbwzDb4
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:56 2024 by rpki-client on console-fra.rpki-client.org