Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1040B08ACD1511EFA3589EAD762E951A.roa
File: 1040B08ACD1511EFA3589EAD762E951A.roa (raw, json)
Hash identifier: TVo5C5Liqw29PoXm3Nm+bQrj3Sc5DU62ow9aS9BfzJw=
Subject key identifier: 6D:EB:96:2D:0A:6A:66:F7:5D:D4:08:93:3D:21:14:64:A1:9D:F4:20
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FD13
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1040B08ACD1511EFA3589EAD762E951A.roa
Signing time: Tue 07 Jan 2025 16:33:02 +0000
ROA not before: Tue 07 Jan 2025 16:32:59 +0000
ROA not after: Mon 13 Dec 2027 16:32:59 +0000
asID: 17561
IP address blocks: 156.241.13.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64787 (0xfd13)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 16:32:59 2025 GMT
Not After : Dec 13 16:32:59 2027 GMT
Subject: CN=677d573e-b37f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:74:e5:26:c2:ae:75:d4:ee:cb:91:92:4e:7c:
76:f3:64:14:a5:1c:56:4b:d9:04:2a:35:30:34:0d:
ba:db:8d:fe:97:0f:39:ae:9a:9a:d6:0e:78:8d:18:
73:fe:65:7c:ab:0a:ff:9b:02:70:0e:31:5b:2b:c4:
d2:18:e9:bf:0b:82:64:0f:41:18:4c:5a:77:13:49:
ed:bd:9b:a9:9f:a5:f5:47:91:da:61:9a:1c:26:da:
cf:c7:a6:85:39:cf:aa:3e:06:85:60:7a:5e:dd:08:
2f:49:cc:b9:66:13:e9:58:29:b6:4f:ae:cb:6a:2e:
0f:2f:07:6d:18:99:2d:b0:ce:84:aa:50:93:ec:40:
de:89:34:f8:50:27:33:5a:52:85:e2:9a:8e:28:69:
ff:5c:6f:be:70:c5:62:aa:65:37:0d:78:fd:07:a4:
93:27:6f:6e:3c:21:d3:5d:ae:7d:f4:e9:21:8b:24:
b8:04:03:23:df:7c:15:23:ea:2d:15:42:d0:d5:d4:
7a:48:93:a2:90:92:c1:3e:52:a4:34:1a:29:04:de:
15:74:41:cb:40:72:a3:ee:68:11:02:9f:f6:0d:b0:
e2:da:01:f9:ca:54:54:f5:22:39:d6:66:6f:c1:a4:
0f:ad:eb:d4:41:b6:ac:a3:e3:c1:0b:8e:be:1a:90:
37:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:EB:96:2D:0A:6A:66:F7:5D:D4:08:93:3D:21:14:64:A1:9D:F4:20
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1040B08ACD1511EFA3589EAD762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.241.13.0/24
Signature Algorithm: sha256WithRSAEncryption
75:54:f2:5a:bc:e9:10:9b:28:12:be:78:04:6d:84:40:3d:9c:
b1:2d:e4:dd:5f:0b:f7:a1:3b:92:25:0e:fd:41:a1:0f:6f:45:
c9:09:2a:2f:e7:6c:89:2a:6c:29:7c:6b:d5:28:a6:31:43:d1:
c0:42:50:ed:29:58:ea:ba:28:a6:c2:c6:a9:60:4c:4e:78:94:
05:90:db:4f:49:42:8a:e3:db:c1:a6:e0:27:61:60:96:9b:0b:
0e:96:e3:a9:e0:bb:9a:5a:80:0e:cc:6f:a9:01:91:36:7b:35:
f3:8a:6d:ab:fb:2b:d4:f7:30:92:e2:25:79:39:4f:c2:f7:21:
a7:ef:b3:39:7f:29:23:e4:3c:3d:5c:3e:df:17:16:4f:61:fa:
ff:aa:73:d8:75:c6:17:d0:df:40:c2:31:39:04:1f:2d:39:bc:
33:cf:87:a6:88:6b:63:db:58:db:71:64:48:14:61:46:46:8f:
c2:02:b2:a5:d9:12:6c:e2:a9:40:0b:44:0e:1e:e9:3c:45:83:
45:83:da:56:8f:3b:61:11:66:d4:96:c1:e2:1d:6a:91:55:5e:
f3:97:bd:4a:0d:f6:dc:68:52:9c:e9:d9:13:7d:f5:80:1b:54:
b5:65:d0:cf:a3:12:de:23:f7:5a:b3:0e:37:87:f5:91:54:b0:
fb:7c:af:cc
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP0TMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTYzMjU5WhcNMjcxMjEzMTYzMjU5WjAYMRYw
FAYDVQQDEw02NzdkNTczZS1iMzdmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsnTlJsKuddTuy5GSTnx282QUpRxWS9kEKjUwNA26243+lw85rpqa1g54
jRhz/mV8qwr/mwJwDjFbK8TSGOm/C4JkD0EYTFp3E0ntvZupn6X1R5HaYZocJtrP
x6aFOc+qPgaFYHpe3QgvScy5ZhPpWCm2T67Lai4PLwdtGJktsM6EqlCT7EDeiTT4
UCczWlKF4pqOKGn/XG++cMViqmU3DXj9B6STJ29uPCHTXa599OkhiyS4BAMj33wV
I+otFULQ1dR6SJOikJLBPlKkNBopBN4VdEHLQHKj7mgRAp/2DbDi2gH5ylRU9SI5
1mZvwaQPrevUQbaso+PBC46+GpA3awIDAQABo4ICojCCAp4wHQYDVR0OBBYEFG3r
li0Kamb3XdQIkz0hFGShnfQgMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xMDQwQjA4QUNEMTUxMUVGQTM1ODlFQUQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPENMA0GCSqGSIb3DQEBCwUA
A4IBAQB1VPJavOkQmygSvngEbYRAPZyxLeTdXwv3oTuSJQ79QaEPb0XJCSov52yJ
KmwpfGvVKKYxQ9HAQlDtKVjquiimwsapYExOeJQFkNtPSUKK49vBpuAnYWCWmwsO
luOp4LuaWoAOzG+pAZE2ezXzim2r+yvU9zCS4iV5OU/C9yGn77M5fykj5Dw9XD7f
FxZPYfr/qnPYdcYX0N9AwjE5BB8tObwzz4emiGtj21jbcWRIFGFGRo/CArKl2RJs
4qlAC0QOHuk8RYNFg9pWjzthEWbUlsHiHWqRVV7zl71KDfbcaFKc6dkTffWAG1S1
ZdDPoxLeI/dasw43h/WRVLD7fK/M
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:45:48 2025 by rpki-client