Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0F64D0BAB5FA11EFA171A889762E951A.roa
File: 0F64D0BAB5FA11EFA171A889762E951A.roa (raw, json)
Hash identifier: PPMMlMsnzC5f2MGcVL8Ym32kQ0AyOoqJfWnPXda6ar0=
Subject key identifier: 58:E8:0E:18:63:19:B8:2D:F4:76:2F:C8:20:04:77:E3:67:82:E3:09
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E144
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0F64D0BAB5FA11EFA171A889762E951A.roa
Signing time: Mon 09 Dec 2024 06:51:48 +0000
ROA not before: Mon 09 Dec 2024 06:51:44 +0000
ROA not after: Thu 06 Feb 2025 06:51:44 +0000
asID: 149014
IP address blocks: 156.236.116.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 06 Feb 2025 06:51:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57668 (0xe144)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 9 06:51:44 2024 GMT
Not After : Feb 6 06:51:44 2025 GMT
Subject: CN=67569384-6d3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:45:8d:22:4f:b7:ca:41:1e:5d:0c:5d:b0:94:
82:cb:64:96:09:06:ba:34:c5:c9:57:27:31:0e:f2:
7f:a5:fa:50:82:97:d2:9d:54:4a:d2:dc:d2:a1:66:
45:da:65:b8:4b:93:bb:77:c5:45:24:3e:ac:95:d8:
81:59:f4:9a:60:cf:9e:f1:3a:7f:0b:b4:49:36:94:
90:c8:78:79:62:72:67:56:93:61:87:34:79:54:e6:
b1:e9:53:ca:91:6e:dd:c5:27:39:5e:c0:c7:fc:39:
61:a1:83:23:d1:dd:65:66:ff:87:0a:43:e6:60:12:
80:9a:8d:7a:6c:b7:52:f8:f7:3d:cd:4f:e0:f7:05:
b6:81:5b:c6:83:cf:a1:06:4a:5f:ca:41:e7:f4:f6:
7b:b6:16:20:e9:67:22:52:32:d3:18:a3:59:3f:ed:
21:fe:c6:dc:35:14:ad:97:6e:31:0b:37:ab:73:8e:
57:55:f4:3e:df:08:c6:ac:1d:41:4f:bf:f7:e7:72:
85:77:75:f9:3d:52:41:6c:a5:05:f6:f3:8d:ff:d1:
ae:58:6b:19:19:3c:e8:07:36:90:7f:d2:b9:2f:0d:
82:b6:36:8f:85:93:cd:93:6e:c3:0e:a2:44:60:88:
99:4f:f8:ad:07:6f:44:09:66:e0:ce:a7:41:6a:52:
8a:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:E8:0E:18:63:19:B8:2D:F4:76:2F:C8:20:04:77:E3:67:82:E3:09
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0F64D0BAB5FA11EFA171A889762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.236.116.0/22
Signature Algorithm: sha256WithRSAEncryption
63:89:1e:3c:b8:88:16:9b:ad:56:11:69:e8:16:d2:ef:49:2f:
12:03:47:a6:d5:d6:10:e6:85:4f:73:0f:53:d8:78:3f:84:1c:
67:10:2e:d3:10:de:ac:74:99:ef:df:8b:35:04:af:26:01:50:
65:05:a9:1a:52:80:20:3e:9a:78:03:ee:c3:69:f0:ba:d0:20:
35:62:59:62:a1:2c:38:54:0f:be:e1:38:ca:93:30:84:75:1f:
3e:90:77:cd:cb:b4:ef:d2:b6:c9:34:c7:83:94:54:ed:a7:51:
20:8a:47:8f:a6:f5:c6:da:39:96:a5:8c:cc:71:07:7f:6c:3a:
1f:8c:ae:b8:5d:cf:7d:b6:be:cc:95:8e:d3:be:16:7e:d9:79:
d5:9c:f0:48:df:32:a3:9f:bc:be:eb:14:c6:44:c8:ae:11:6d:
2a:d4:e0:03:8b:8b:f8:79:18:56:02:b4:f4:c4:e8:04:0e:e9:
14:6b:2e:a0:48:5e:3b:90:6e:1c:22:f3:44:bf:95:01:9d:64:
ad:f4:07:81:f2:fb:27:71:16:19:37:1b:37:df:8c:a7:68:44:
49:1f:e8:d5:e6:a6:71:63:94:6e:e1:67:0f:3d:bd:64:c1:0c:
72:30:48:0f:07:6c:48:66:aa:b3:6e:50:ce:bf:56:13:89:d2:
d7:d3:93:59
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOFEMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjA5MDY1MTQ0WhcNMjUwMjA2MDY1MTQ0WjAYMRYw
FAYDVQQDEw02NzU2OTM4NC02ZDNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyEWNIk+3ykEeXQxdsJSCy2SWCQa6NMXJVycxDvJ/pfpQgpfSnVRK0tzS
oWZF2mW4S5O7d8VFJD6sldiBWfSaYM+e8Tp/C7RJNpSQyHh5YnJnVpNhhzR5VOax
6VPKkW7dxSc5XsDH/DlhoYMj0d1lZv+HCkPmYBKAmo16bLdS+Pc9zU/g9wW2gVvG
g8+hBkpfykHn9PZ7thYg6WciUjLTGKNZP+0h/sbcNRStl24xCzerc45XVfQ+3wjG
rB1BT7/353KFd3X5PVJBbKUF9vON/9GuWGsZGTzoBzaQf9K5Lw2CtjaPhZPNk27D
DqJEYIiZT/itB29ECWbgzqdBalKKgQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFjo
DhhjGbgt9HYvyCAEd+NnguMJMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wRjY0RDBCQUI1RkExMUVGQTE3MUE4ODk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnOx0MA0GCSqGSIb3DQEBCwUA
A4IBAQBjiR48uIgWm61WEWnoFtLvSS8SA0em1dYQ5oVPcw9T2Hg/hBxnEC7TEN6s
dJnv34s1BK8mAVBlBakaUoAgPpp4A+7DafC60CA1YllioSw4VA++4TjKkzCEdR8+
kHfNy7Tv0rbJNMeDlFTtp1EgikePpvXG2jmWpYzMcQd/bDofjK64Xc99tr7MlY7T
vhZ+2XnVnPBI3zKjn7y+6xTGRMiuEW0q1OADi4v4eRhWArT0xOgEDukUay6gSF47
kG4cIvNEv5UBnWSt9AeB8vsncRYZNxs334ynaERJH+jV5qZxY5Ru4WcPPb1kwQxy
MEgPB2xIZqqzblDOv1YTidLX05NZ
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:47:39 2025 by rpki-client