Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1138CE24CD9B11EF93C3078F762E951A.roa
File: 1138CE24CD9B11EF93C3078F762E951A.roa (raw, json)
Hash identifier: t6ZiMhTooIIjOjNuKmHbh3OLlgIKJLaVDzy7uxQUhWY=
Subject key identifier: F8:73:28:01:47:E5:20:64:59:6D:B4:C0:A8:3A:6E:4D:F0:7F:28:8C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010083
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1138CE24CD9B11EF93C3078F762E951A.roa
Signing time: Wed 08 Jan 2025 08:32:16 +0000
ROA not before: Wed 08 Jan 2025 08:32:13 +0000
ROA not after: Thu 16 Dec 2027 08:32:13 +0000
asID: 17561
IP address blocks: 156.249.85.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65667 (0x10083)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 08:32:13 2025 GMT
Not After : Dec 16 08:32:13 2027 GMT
Subject: CN=677e3810-399c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:91:e2:f1:91:10:c9:66:2e:2b:d4:87:95:4b:
a7:f4:df:71:99:a1:fa:38:24:00:7c:f4:12:92:0b:
76:22:58:45:4a:42:7d:57:f5:dd:19:5f:bd:d4:c5:
92:f9:42:8c:7d:fc:15:2f:c2:a0:45:10:28:13:f7:
ac:e6:ad:bd:bd:7e:c0:ba:bf:9a:da:72:75:1b:48:
52:f7:3e:c5:5f:7a:50:f6:1f:e8:59:75:4f:43:0b:
b0:90:15:a1:62:d0:84:f2:84:68:e4:2f:88:60:26:
12:61:dd:7b:8c:dd:9b:b4:56:ad:69:77:59:84:47:
b1:a6:2e:76:2e:7a:48:c6:03:34:48:ac:97:cd:d6:
60:76:b5:6f:a7:0d:36:85:5e:49:ac:f8:e5:98:0b:
21:b8:6b:9c:a0:11:81:63:b9:6f:84:91:f9:0e:fd:
22:ec:71:c6:28:a4:c7:49:82:b4:6c:32:b7:c7:f4:
17:83:69:8b:a3:03:f1:e3:8c:9e:93:c1:c6:04:10:
0d:39:f6:6f:ea:83:a3:54:7a:1b:f5:e8:ad:e3:44:
7b:9d:5f:e2:64:9d:36:8a:0e:c6:cb:bb:2a:32:26:
bb:ad:19:14:4e:d2:ef:a8:85:46:ff:47:73:bb:5c:
e8:eb:67:02:72:9b:36:7a:6a:6c:1c:99:96:3f:86:
21:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:73:28:01:47:E5:20:64:59:6D:B4:C0:A8:3A:6E:4D:F0:7F:28:8C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1138CE24CD9B11EF93C3078F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.249.85.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:26:30:75:5a:f9:90:75:35:31:8e:bc:3f:42:ae:05:60:81:
a4:ef:5c:c7:6c:ea:7c:0f:a3:af:36:b0:4c:cc:ad:f7:2f:53:
f6:83:45:e2:99:36:56:ed:07:fa:1d:4a:59:27:f6:ee:48:80:
21:d7:4b:61:61:48:68:bd:b7:06:d8:ba:73:3f:5b:7d:4f:0c:
49:87:d2:07:41:a6:59:3e:35:6e:93:e6:72:7c:ac:77:e8:c9:
8b:ff:c4:a9:52:d8:54:53:a9:b2:ff:a5:1d:77:fa:a4:f4:c5:
1f:de:89:64:f8:79:51:e5:55:50:ea:be:11:e8:43:19:f7:e0:
1b:e5:0a:8f:39:30:fc:34:70:f2:33:d1:4f:75:d5:c7:19:0d:
95:53:83:c3:a2:3b:05:91:29:c8:36:21:b4:ea:73:cc:2b:3d:
50:7c:f1:dd:b4:69:c6:ea:bd:f9:08:d9:a7:63:f5:03:46:b3:
9f:ed:2a:1f:ae:68:39:69:a5:00:7e:55:67:d4:58:5d:c2:af:
8e:b9:37:ab:c8:c4:d9:81:ea:5d:00:2f:3c:04:f8:58:8b:69:
3e:17:d2:c0:51:c5:dd:3a:53:58:0c:f3:92:0a:55:0b:95:47:
c9:77:b6:17:a2:1b:74:f6:20:8a:ac:96:89:e8:09:4a:b2:2e:
f7:6e:c6:6a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQCDMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDgzMjEzWhcNMjcxMjE2MDgzMjEzWjAYMRYw
FAYDVQQDEw02NzdlMzgxMC0zOTljMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA9JHi8ZEQyWYuK9SHlUun9N9xmaH6OCQAfPQSkgt2IlhFSkJ9V/XdGV+9
1MWS+UKMffwVL8KgRRAoE/es5q29vX7Aur+a2nJ1G0hS9z7FX3pQ9h/oWXVPQwuw
kBWhYtCE8oRo5C+IYCYSYd17jN2btFataXdZhEexpi52LnpIxgM0SKyXzdZgdrVv
pw02hV5JrPjlmAshuGucoBGBY7lvhJH5Dv0i7HHGKKTHSYK0bDK3x/QXg2mLowPx
44yek8HGBBANOfZv6oOjVHob9eit40R7nV/iZJ02ig7Gy7sqMia7rRkUTtLvqIVG
/0dzu1zo62cCcps2empsHJmWP4YhqwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPhz
KAFH5SBkWW20wKg6bk3wfyiMMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xMTM4Q0UyNENEOUIxMUVGOTNDMzA3OEY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPlVMA0GCSqGSIb3DQEBCwUA
A4IBAQB6JjB1WvmQdTUxjrw/Qq4FYIGk71zHbOp8D6OvNrBMzK33L1P2g0XimTZW
7Qf6HUpZJ/buSIAh10thYUhovbcG2LpzP1t9TwxJh9IHQaZZPjVuk+ZyfKx36MmL
/8SpUthUU6my/6Udd/qk9MUf3olk+HlR5VVQ6r4R6EMZ9+Ab5QqPOTD8NHDyM9FP
ddXHGQ2VU4PDojsFkSnINiG06nPMKz1QfPHdtGnG6r35CNmnY/UDRrOf7Sofrmg5
aaUAflVn1Fhdwq+OuTeryMTZgepdAC88BPhYi2k+F9LAUcXdOlNYDPOSClULlUfJ
d7YXoht09iCKrJaJ6AlKsi73bsZq
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:57:23 2025 by rpki-client