Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/10D6A10EC99511EFA3B0D17E762E951A.roa
File: 10D6A10EC99511EFA3B0D17E762E951A.roa (raw, json)
Hash identifier: GL03gQ5KlPg3OBEm54GZ0RK70I+hyeDJLI9BXXBInio=
Subject key identifier: F4:C0:45:7A:5F:CE:C2:4C:3A:9E:D4:94:75:A7:F4:2C:97:15:C8:85
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F609
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/10D6A10EC99511EFA3B0D17E762E951A.roa
Signing time: Fri 03 Jan 2025 05:39:14 +0000
ROA not before: Fri 03 Jan 2025 05:39:10 +0000
ROA not after: Mon 13 Dec 2027 05:39:10 +0000
asID: 17561
IP address blocks: 156.233.137.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62985 (0xf609)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 05:39:10 2025 GMT
Not After : Dec 13 05:39:10 2027 GMT
Subject: CN=67777802-90bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:0d:5d:e0:a6:38:4f:61:52:25:ef:71:8d:1c:
21:92:8e:7c:16:64:01:db:40:70:fa:01:58:f3:c7:
09:93:0d:e0:7c:85:f3:9b:94:ea:fb:7e:8c:e6:fe:
72:33:2b:b0:2f:0f:b2:5e:60:6e:4f:8f:d0:d3:a9:
b9:a4:f8:f8:a7:a4:04:82:de:13:e0:87:e7:a4:83:
9b:a9:9d:ea:b8:38:52:a1:a3:61:2d:d5:fc:7a:b4:
1a:11:84:30:8e:46:e9:38:10:40:21:f2:0e:14:66:
47:95:f7:3a:22:f0:01:e8:74:e3:86:c4:0e:eb:b9:
a0:c9:d9:28:31:6c:ae:b8:d5:d3:ab:56:9a:0a:ab:
7a:f0:bf:6c:2c:ca:9b:8d:46:db:9d:c4:46:3a:26:
5a:c9:04:34:ed:fc:7c:e9:e9:f7:9a:a5:f1:37:7f:
99:46:a4:af:36:18:57:1f:81:96:e3:c3:47:df:fa:
7c:30:79:6a:17:35:67:e4:44:12:3c:c4:f7:c0:98:
61:3d:a1:eb:0b:54:fd:6e:80:8e:de:33:a5:67:11:
10:68:a8:07:25:fd:0b:f7:e9:93:fa:d1:6b:58:db:
c5:20:6f:d5:7a:c8:78:b9:3b:bf:47:2f:da:fb:c3:
e4:04:75:77:d5:42:08:ef:28:d7:31:a0:c7:f4:a3:
9b:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:C0:45:7A:5F:CE:C2:4C:3A:9E:D4:94:75:A7:F4:2C:97:15:C8:85
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/10D6A10EC99511EFA3B0D17E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.137.0/24
Signature Algorithm: sha256WithRSAEncryption
76:a6:cc:e0:3a:0c:e9:63:63:47:10:d5:c2:b9:3b:32:e5:85:
f6:9b:ce:ab:dd:2a:1b:1d:95:0b:d2:2b:20:f7:be:8b:f3:b7:
24:92:73:81:54:3a:b1:0f:4c:93:8c:e1:1d:eb:20:11:e5:8c:
c5:e9:2e:1e:72:38:44:82:c8:49:2e:95:88:bb:35:46:e7:de:
1b:88:56:60:3a:54:23:2b:29:4d:da:6a:64:24:83:3c:71:9d:
66:57:40:19:c0:08:05:27:1d:4a:ff:bc:09:58:ff:f5:92:93:
4e:d9:1c:58:22:19:2e:34:40:f0:ec:fb:76:f8:8e:d7:51:97:
35:1a:52:e0:a6:9c:89:33:c5:bb:50:19:42:d5:13:c4:75:27:
87:82:b1:ac:41:23:37:9b:a1:c9:bf:0f:f1:7d:7b:24:2b:5d:
02:24:7f:b9:d5:68:20:60:ed:7a:b2:32:e5:4e:d8:5b:f3:5e:
14:b5:c1:26:55:16:8b:51:af:a9:70:64:d7:e3:bc:f3:ff:66:
36:0e:20:ff:ab:1f:8d:c3:3e:80:04:2a:03:31:53:d3:0b:09:
29:25:5d:9d:58:ce:b4:52:db:48:05:27:b8:7c:a6:06:ab:69:
58:26:7a:f5:6b:2b:d8:21:01:a9:53:38:b0:80:38:e1:55:bb:
7b:21:26:86
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPYJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDUzOTEwWhcNMjcxMjEzMDUzOTEwWjAYMRYw
FAYDVQQDEw02Nzc3NzgwMi05MGJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsw1d4KY4T2FSJe9xjRwhko58FmQB20Bw+gFY88cJkw3gfIXzm5Tq+36M
5v5yMyuwLw+yXmBuT4/Q06m5pPj4p6QEgt4T4IfnpIObqZ3quDhSoaNhLdX8erQa
EYQwjkbpOBBAIfIOFGZHlfc6IvAB6HTjhsQO67mgydkoMWyuuNXTq1aaCqt68L9s
LMqbjUbbncRGOiZayQQ07fx86en3mqXxN3+ZRqSvNhhXH4GW48NH3/p8MHlqFzVn
5EQSPMT3wJhhPaHrC1T9boCO3jOlZxEQaKgHJf0L9+mT+tFrWNvFIG/Vesh4uTu/
Ry/a+8PkBHV31UII7yjXMaDH9KOb8QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPTA
RXpfzsJMOp7UlHWn9CyXFciFMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xMEQ2QTEwRUM5OTUxMUVGQTNCMEQxN0U3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOmJMA0GCSqGSIb3DQEBCwUA
A4IBAQB2pszgOgzpY2NHENXCuTsy5YX2m86r3SobHZUL0isg976L87ckknOBVDqx
D0yTjOEd6yAR5YzF6S4ecjhEgshJLpWIuzVG594biFZgOlQjKylN2mpkJIM8cZ1m
V0AZwAgFJx1K/7wJWP/1kpNO2RxYIhkuNEDw7Pt2+I7XUZc1GlLgppyJM8W7UBlC
1RPEdSeHgrGsQSM3m6HJvw/xfXskK10CJH+51WggYO16sjLlTthb814UtcEmVRaL
Ua+pcGTX47zz/2Y2DiD/qx+Nwz6ABCoDMVPTCwkpJV2dWM60UttIBSe4fKYGq2lY
Jnr1ayvYIQGpUziwgDjhVbt7ISaG
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:38:00 2025 by rpki-client