Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0511873ECD1F11EF8491B36B762E951A.roa
File: 0511873ECD1F11EF8491B36B762E951A.roa (raw, json)
Hash identifier: AtkJV4iwJW8xXqQ/6X/bLZR6mtOfX42i44aIGjGFAM4=
Subject key identifier: 3E:13:39:FE:FD:6C:72:5A:30:62:3A:6C:38:8D:5C:DA:14:38:70:7A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FD63
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0511873ECD1F11EF8491B36B762E951A.roa
Signing time: Tue 07 Jan 2025 17:44:18 +0000
ROA not before: Tue 07 Jan 2025 17:44:15 +0000
ROA not after: Mon 13 Dec 2027 17:44:15 +0000
asID: 17561
IP address blocks: 156.241.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64867 (0xfd63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 17:44:15 2025 GMT
Not After : Dec 13 17:44:15 2027 GMT
Subject: CN=677d67f2-e412
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d4:9c:88:62:c3:ab:bd:81:7f:ae:bf:42:8d:
66:f3:6e:54:fe:97:8b:b3:7a:c5:b4:37:5b:94:a6:
91:0a:d0:a9:96:7a:45:b4:cb:f9:94:07:9e:9f:96:
49:44:3c:db:30:b8:b6:57:3f:e6:0b:04:aa:9d:a1:
1e:6e:e9:b9:80:ef:6e:e1:9f:dc:bc:91:5e:d4:b6:
09:18:98:6b:fc:a3:60:1b:6e:2c:ed:5e:fe:90:1e:
b9:dc:50:92:1c:13:41:5e:dc:61:41:e7:7a:ba:f0:
2b:1e:7f:de:f0:39:d5:10:83:5a:17:98:15:5f:60:
61:ff:f5:e0:21:7e:6e:11:41:6a:ba:ab:96:cf:0d:
52:4e:06:60:a4:04:bd:69:75:6c:41:6f:1c:9c:fa:
a1:c5:8a:b5:0d:ae:8a:6b:d7:80:6b:74:b0:cc:45:
0a:0b:a6:54:ea:11:e4:70:06:c0:6c:bf:fb:6c:78:
8c:11:c5:4d:ef:60:67:79:be:7a:8d:1e:1a:06:b5:
72:fb:75:88:0c:da:ca:53:8b:82:62:67:18:fb:8f:
25:4d:7b:11:97:5f:b8:85:21:c5:0d:e2:31:be:53:
25:02:4b:a5:37:65:2e:ac:a4:28:ac:2e:3d:32:f3:
6e:af:0d:78:44:ba:e1:81:9b:1e:2f:8a:22:ee:f2:
8e:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:13:39:FE:FD:6C:72:5A:30:62:3A:6C:38:8D:5C:DA:14:38:70:7A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0511873ECD1F11EF8491B36B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.241.59.0/24
Signature Algorithm: sha256WithRSAEncryption
96:0f:c9:69:34:cf:a1:84:b1:e2:9f:f9:7d:70:d2:b9:ea:4c:
1d:89:3f:f7:0a:4a:03:ed:e9:dd:9a:67:78:39:ad:1d:78:51:
c7:ca:9d:a4:0e:75:84:fe:04:a9:10:01:68:a3:d4:51:20:cd:
f3:37:ce:49:08:cb:59:9c:8f:ec:b5:a0:ff:fe:61:23:3d:1a:
8a:c0:d7:2d:14:b6:cf:af:61:16:0d:f8:a5:54:a2:21:21:30:
95:3e:8d:ed:54:2a:8d:db:23:fe:06:16:26:47:0f:a4:8d:55:
f9:33:ef:12:38:c3:65:fc:db:04:48:ad:0a:9b:03:74:7e:6f:
b2:f8:81:3c:09:80:93:50:b6:33:20:24:18:81:d1:9b:d3:d0:
3a:49:7f:be:52:a5:c3:91:4c:9a:d8:14:3c:2f:96:b0:f1:b6:
19:aa:b8:fc:06:c1:5e:8f:9e:34:86:47:8a:c5:de:6d:fb:c6:
69:ac:c7:46:cc:15:2d:8a:33:37:89:6d:22:62:7a:25:e9:96:
a3:6f:aa:d2:86:58:96:b6:b8:87:15:de:17:5a:8b:00:3d:28:
9e:d4:33:ac:63:c4:10:36:be:4d:08:ad:fe:cc:91:40:4b:09:
ba:71:12:16:69:88:c2:66:71:f3:6e:43:0c:a3:d6:4e:cf:9a:
7a:44:1c:92
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP1jMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTc0NDE1WhcNMjcxMjEzMTc0NDE1WjAYMRYw
FAYDVQQDEw02NzdkNjdmMi1lNDEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuNSciGLDq72Bf66/Qo1m825U/peLs3rFtDdblKaRCtCplnpFtMv5lAee
n5ZJRDzbMLi2Vz/mCwSqnaEebum5gO9u4Z/cvJFe1LYJGJhr/KNgG24s7V7+kB65
3FCSHBNBXtxhQed6uvArHn/e8DnVEINaF5gVX2Bh//XgIX5uEUFququWzw1STgZg
pAS9aXVsQW8cnPqhxYq1Da6Ka9eAa3SwzEUKC6ZU6hHkcAbAbL/7bHiMEcVN72Bn
eb56jR4aBrVy+3WIDNrKU4uCYmcY+48lTXsRl1+4hSHFDeIxvlMlAkulN2UurKQo
rC49MvNurw14RLrhgZseL4oi7vKOcwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFD4T
Of79bHJaMGI6bDiNXNoUOHB6MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wNTExODczRUNEMUYxMUVGODQ5MUIzNkI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPE7MA0GCSqGSIb3DQEBCwUA
A4IBAQCWD8lpNM+hhLHin/l9cNK56kwdiT/3CkoD7endmmd4Oa0deFHHyp2kDnWE
/gSpEAFoo9RRIM3zN85JCMtZnI/staD//mEjPRqKwNctFLbPr2EWDfilVKIhITCV
Po3tVCqN2yP+BhYmRw+kjVX5M+8SOMNl/NsESK0KmwN0fm+y+IE8CYCTULYzICQY
gdGb09A6SX++UqXDkUya2BQ8L5aw8bYZqrj8BsFej540hkeKxd5t+8ZprMdGzBUt
ijM3iW0iYnol6Zajb6rShliWtriHFd4XWosAPSie1DOsY8QQNr5NCK3+zJFASwm6
cRIWaYjCZnHzbkMMo9ZOz5p6RByS
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:40:10 2025 by rpki-client