Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0ED5F7EECF2E11EF90A4C599762E951A.roa
File: 0ED5F7EECF2E11EF90A4C599762E951A.roa (raw, json)
Hash identifier: GsIMbrKfySFgFoXuC0fsuvdhukVcyFTqt9RPXwgxnM4=
Subject key identifier: FA:7D:6A:9D:C3:E1:8C:BB:05:E1:6A:CE:E8:1D:4B:E9:A1:96:A1:66
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010521
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0ED5F7EECF2E11EF90A4C599762E951A.roa
Signing time: Fri 10 Jan 2025 08:37:00 +0000
ROA not before: Fri 10 Jan 2025 08:36:56 +0000
ROA not after: Sat 22 Mar 2025 08:36:56 +0000
asID: 142286
IP address blocks: 156.226.24.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66849 (0x10521)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 10 08:36:56 2025 GMT
Not After : Mar 22 08:36:56 2025 GMT
Subject: CN=6780dc2b-070f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:f0:18:66:77:7d:1d:ac:d4:a7:c6:7c:e0:63:
83:08:2b:e1:c4:e1:61:0d:e4:52:8d:be:01:ef:25:
89:5d:5a:6f:fc:99:5a:6f:c1:80:b4:a3:e9:70:ac:
54:d6:28:09:5e:65:a8:04:9c:7d:db:f1:5d:5a:6b:
40:30:60:29:45:bf:24:66:70:d0:a1:22:76:d9:2b:
4e:5a:aa:bb:b8:ed:9e:2a:ec:ed:33:0f:58:c1:c0:
52:e4:83:81:fb:c8:6f:33:7e:21:89:39:cb:47:28:
92:0a:4f:89:4e:6c:e4:6c:2e:9a:da:73:a9:7e:a7:
c7:9c:b0:b2:f2:36:69:90:0c:6c:63:25:87:db:80:
9d:ba:7e:c8:8b:ca:64:b5:b2:08:e4:0e:df:fa:57:
03:f1:5d:75:7c:7e:53:20:f9:9e:c6:55:b4:4b:55:
a5:18:77:b4:85:dd:60:a1:cc:01:5a:9e:69:5c:58:
27:5f:04:09:bc:c2:90:d3:1a:aa:02:76:b4:9d:ff:
61:66:b4:5c:c9:ca:07:12:8c:cd:a3:23:e6:ce:80:
94:d2:94:9c:39:7c:88:6d:ec:c4:19:c8:a2:8e:af:
61:1f:23:ca:cc:2f:5a:93:42:fe:84:6e:16:f5:6e:
0b:0d:f6:54:7f:bb:eb:74:00:84:75:ca:ef:ca:d7:
92:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:7D:6A:9D:C3:E1:8C:BB:05:E1:6A:CE:E8:1D:4B:E9:A1:96:A1:66
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0ED5F7EECF2E11EF90A4C599762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.226.24.0/21
Signature Algorithm: sha256WithRSAEncryption
99:06:ab:1d:23:83:0c:48:64:45:c5:60:01:a9:53:58:46:8e:
70:95:ce:c5:04:c6:6a:d6:1c:3f:31:0a:27:9b:35:6d:ac:90:
dd:c5:8e:e4:f2:3b:eb:79:fe:9a:da:90:4f:4f:ca:d2:33:7c:
25:15:93:19:dd:c1:e8:29:84:7c:d9:06:ab:f6:ac:fe:83:04:
66:9b:3e:58:89:78:a6:ee:b0:62:70:70:9f:ee:e3:1a:c1:36:
d1:7c:52:36:6b:03:be:59:e1:ad:1d:07:09:4b:f4:10:4e:4c:
20:b4:e5:fd:d1:d4:3a:8a:91:93:10:0d:3d:47:d0:9a:e0:14:
2b:26:8b:13:55:41:45:aa:50:c6:3a:be:5b:29:91:6d:04:42:
36:16:e8:43:e1:80:54:e8:00:4a:c3:fb:ef:50:cb:99:ba:f0:
00:a7:21:d3:bd:3e:5c:82:f0:7c:67:00:80:28:c8:eb:d5:ae:
14:8d:e1:39:cd:fc:d6:16:b0:2b:57:58:8d:a4:98:cd:3a:4a:
81:d5:81:ee:a3:4b:2f:cd:5e:f3:ea:7b:1b:b9:d2:09:6f:9a:
ec:6a:f9:e5:e4:4a:ce:dd:78:5f:fb:51:a5:f6:15:4c:44:aa:
f3:ac:cd:7f:52:b9:28:d4:f4:35:6f:81:e9:3a:d8:a3:93:5e:
9f:db:c3:8d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQUhMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTEwMDgzNjU2WhcNMjUwMzIyMDgzNjU2WjAYMRYw
FAYDVQQDEw02NzgwZGMyYi0wNzBmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1/AYZnd9HazUp8Z84GODCCvhxOFhDeRSjb4B7yWJXVpv/Jlab8GAtKPp
cKxU1igJXmWoBJx92/FdWmtAMGApRb8kZnDQoSJ22StOWqq7uO2eKuztMw9YwcBS
5IOB+8hvM34hiTnLRyiSCk+JTmzkbC6a2nOpfqfHnLCy8jZpkAxsYyWH24Cdun7I
i8pktbII5A7f+lcD8V11fH5TIPmexlW0S1WlGHe0hd1gocwBWp5pXFgnXwQJvMKQ
0xqqAna0nf9hZrRcycoHEozNoyPmzoCU0pScOXyIbezEGciijq9hHyPKzC9ak0L+
hG4W9W4LDfZUf7vrdACEdcrvyteShwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPp9
ap3D4Yy7BeFqzugdS+mhlqFmMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wRUQ1RjdFRUNGMkUxMUVGOTBBNEM1OTk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnOIYMA0GCSqGSIb3DQEBCwUA
A4IBAQCZBqsdI4MMSGRFxWABqVNYRo5wlc7FBMZq1hw/MQonmzVtrJDdxY7k8jvr
ef6a2pBPT8rSM3wlFZMZ3cHoKYR82Qar9qz+gwRmmz5YiXim7rBicHCf7uMawTbR
fFI2awO+WeGtHQcJS/QQTkwgtOX90dQ6ipGTEA09R9Ca4BQrJosTVUFFqlDGOr5b
KZFtBEI2FuhD4YBU6ABKw/vvUMuZuvAApyHTvT5cgvB8ZwCAKMjr1a4UjeE5zfzW
FrArV1iNpJjNOkqB1YHuo0svzV7z6nsbudIJb5rsavnl5ErO3Xhf+1Gl9hVMRKrz
rM1/Urko1PQ1b4HpOtijk16f28ON
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:56:35 2025 by rpki-client