Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/108D46F4BD0F11EFB8F78395762E951A.roa
File: 108D46F4BD0F11EFB8F78395762E951A.roa (raw, json)
Hash identifier: U9Ewt32DkwjayTocSO92QocAJu1zb/8AiKc0nE6Ld5Q=
Subject key identifier: 54:90:B7:6E:47:00:44:9E:F6:B9:E1:4A:6B:2C:E5:AB:69:1A:1A:6D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E46C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/108D46F4BD0F11EFB8F78395762E951A.roa
Signing time: Wed 18 Dec 2024 07:09:47 +0000
ROA not before: Wed 18 Dec 2024 07:09:44 +0000
ROA not after: Sat 22 Mar 2025 07:09:44 +0000
asID: 16437
IP address blocks: 156.236.80.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58476 (0xe46c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 18 07:09:44 2024 GMT
Not After : Mar 22 07:09:44 2025 GMT
Subject: CN=6762753b-c36a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:86:b0:d6:90:49:b3:c9:55:05:e5:e7:bd:95:
9d:f0:11:08:96:8f:ef:59:47:e8:a1:6c:e1:52:da:
2a:c7:6b:d7:51:dc:22:23:ef:0a:8e:f6:de:34:c2:
d0:9b:27:23:fe:d0:70:6b:c9:9b:1d:9e:0a:cf:79:
e4:88:48:ce:e1:60:f0:ee:17:bb:d9:a3:34:6a:90:
f6:29:8a:a0:73:15:82:9b:b7:8a:3c:04:68:b4:1d:
20:08:55:54:60:dc:0a:68:8b:cf:72:ea:92:79:90:
fd:8a:b6:1a:af:a3:c8:d7:9e:22:9f:76:28:ea:0b:
b2:4c:91:8c:48:34:5f:a1:f9:7c:dd:de:a5:b0:c5:
0f:d0:8b:26:06:a5:b0:cf:ab:ba:37:be:50:02:3c:
a3:12:34:10:9f:f8:25:fe:61:f1:58:be:cc:2d:b3:
d0:48:b0:32:08:dd:a8:86:7d:dd:7c:7b:ff:cc:55:
e9:3c:7f:2c:ab:ea:c2:4e:23:14:ab:2a:f2:99:a4:
39:44:09:d1:31:b6:7c:6f:45:51:84:f6:3b:d1:c8:
ae:d5:17:a7:b9:60:b5:e3:f2:f2:45:31:b3:dd:cb:
97:a6:2b:4c:27:f6:97:84:0a:9c:b8:d5:27:5d:54:
db:8b:10:41:e9:5a:e0:85:1f:3d:c1:f0:2b:f7:94:
fc:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:90:B7:6E:47:00:44:9E:F6:B9:E1:4A:6B:2C:E5:AB:69:1A:1A:6D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/108D46F4BD0F11EFB8F78395762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.236.80.0/22
Signature Algorithm: sha256WithRSAEncryption
33:5f:fd:dc:f9:eb:f7:6f:70:75:ec:a2:61:40:1d:13:ec:1c:
de:cc:7e:6d:04:82:64:ae:93:6c:8d:ba:e5:8d:fa:01:5f:37:
9b:b3:ec:a8:5a:cd:52:30:c3:c8:50:1c:8b:a4:f1:90:0a:c9:
77:94:7a:d9:e9:1a:41:49:4c:05:c4:90:c0:cb:c7:ce:06:66:
24:e1:3e:d3:a8:10:ea:fd:8c:a1:f9:83:c3:51:83:f9:60:58:
17:91:d4:a5:a9:3b:ef:bb:a9:3c:cc:f8:17:9c:25:11:0f:ef:
bd:6b:fb:9d:09:02:7d:db:57:2d:2d:a6:eb:e9:b6:91:da:26:
c8:a8:22:51:24:0d:b8:6f:fd:26:29:af:5a:77:8f:67:4f:f6:
eb:d5:89:84:2d:2a:b4:7d:ff:58:5f:99:4f:81:e0:13:a6:12:
9c:db:d0:4b:1d:09:1d:59:fb:da:31:59:2b:28:21:81:da:7c:
59:e1:e6:31:94:b5:27:81:ea:12:0e:be:04:11:f6:ee:9a:78:
a2:35:b3:cd:65:b8:16:6f:9c:8a:88:e5:45:b5:56:db:6f:9a:
e8:8c:fa:c9:10:f6:65:3e:b4:80:e3:f5:67:fb:91:9b:fb:61:
46:94:39:a8:c0:e1:17:15:31:f2:af:19:9a:ca:76:aa:c7:2e:
43:32:0c:f1
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAORsMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjE4MDcwOTQ0WhcNMjUwMzIyMDcwOTQ0WjAYMRYw
FAYDVQQDEw02NzYyNzUzYi1jMzZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAt4aw1pBJs8lVBeXnvZWd8BEIlo/vWUfooWzhUtoqx2vXUdwiI+8Kjvbe
NMLQmycj/tBwa8mbHZ4Kz3nkiEjO4WDw7he72aM0apD2KYqgcxWCm7eKPARotB0g
CFVUYNwKaIvPcuqSeZD9irYar6PI154in3Yo6guyTJGMSDRfofl83d6lsMUP0Ism
BqWwz6u6N75QAjyjEjQQn/gl/mHxWL7MLbPQSLAyCN2ohn3dfHv/zFXpPH8sq+rC
TiMUqyrymaQ5RAnRMbZ8b0VRhPY70ciu1RenuWC14/LyRTGz3cuXpitMJ/aXhAqc
uNUnXVTbixBB6VrghR89wfAr95T88wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFSQ
t25HAESe9rnhSmss5atpGhptMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xMDhENDZGNEJEMEYxMUVGQjhGNzgzOTU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnOxQMA0GCSqGSIb3DQEBCwUA
A4IBAQAzX/3c+ev3b3B17KJhQB0T7BzezH5tBIJkrpNsjbrljfoBXzebs+yoWs1S
MMPIUByLpPGQCsl3lHrZ6RpBSUwFxJDAy8fOBmYk4T7TqBDq/Yyh+YPDUYP5YFgX
kdSlqTvvu6k8zPgXnCURD++9a/udCQJ921ctLabr6baR2ibIqCJRJA24b/0mKa9a
d49nT/br1YmELSq0ff9YX5lPgeATphKc29BLHQkdWfvaMVkrKCGB2nxZ4eYxlLUn
geoSDr4EEfbumniiNbPNZbgWb5yKiOVFtVbbb5rojPrJEPZlPrSA4/Vn+5Gb+2FG
lDmowOEXFTHyrxmaynaqxy5DMgzx
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:59:52 2025 by rpki-client