Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/116F10F8C33A11EF8F30658C762E951A.roa
File: 116F10F8C33A11EF8F30658C762E951A.roa (raw, json)
Hash identifier: sFHwKM3qsCliwGzpD1pvtd2g3MldUZixFlupIUcfGco=
Subject key identifier: CA:FF:88:B5:71:B2:AD:7C:DE:3A:F2:04:2D:DC:EF:CA:BC:5A:0C:55
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EB79
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/116F10F8C33A11EF8F30658C762E951A.roa
Signing time: Thu 26 Dec 2024 03:32:44 +0000
ROA not before: Thu 26 Dec 2024 03:32:40 +0000
ROA not after: Fri 10 Dec 2027 03:32:40 +0000
asID: 17561
IP address blocks: 156.244.184.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60281 (0xeb79)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 03:32:40 2024 GMT
Not After : Dec 10 03:32:40 2027 GMT
Subject: CN=676cce5c-59dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:23:4c:42:c5:49:70:6a:2c:45:4b:03:70:eb:
3b:ee:79:af:7f:b7:4d:66:56:0c:8f:c1:6a:2d:f8:
07:d2:8c:45:9c:3f:35:e3:ec:38:8e:af:c6:e2:75:
a0:c5:be:7d:fc:f9:f8:cf:99:8d:54:d0:c3:2a:da:
b4:e9:e4:5d:c8:0d:c5:64:c9:7b:77:62:b2:e9:99:
80:3c:4b:de:41:c6:96:d1:cc:d2:5b:2a:39:9d:bd:
1a:ce:9f:ef:66:a0:bf:31:f8:b9:00:8a:a5:a2:c1:
54:a6:95:fc:48:97:98:73:59:ce:49:f3:7f:0f:c9:
50:bb:11:3d:63:2a:83:c7:03:cd:8a:d6:c6:a2:f1:
10:f3:69:53:77:2d:30:47:2b:bf:a4:db:d4:a4:df:
a4:56:8f:47:25:25:43:11:64:6b:d7:95:48:3b:92:
7f:79:9b:97:57:73:3d:e0:af:8e:ec:43:a1:27:32:
6b:f8:63:49:96:82:89:af:a9:06:ba:88:45:48:56:
79:8c:9b:31:d9:9f:ac:b9:7f:f8:99:39:bd:d5:cc:
89:8c:f9:94:86:f2:88:fd:90:19:a8:fd:7b:40:6a:
16:f9:25:84:31:58:56:12:72:c0:07:23:3c:47:8f:
36:3e:87:9a:04:4c:82:8b:46:cb:40:e3:15:13:29:
98:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:FF:88:B5:71:B2:AD:7C:DE:3A:F2:04:2D:DC:EF:CA:BC:5A:0C:55
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/116F10F8C33A11EF8F30658C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.244.184.0/24
Signature Algorithm: sha256WithRSAEncryption
17:d7:43:05:28:9f:06:85:75:bd:98:b1:c4:b6:fc:0d:35:35:
c1:27:23:30:23:b0:77:15:50:98:44:ed:80:d9:bd:d6:b4:96:
51:c0:ea:cc:2e:72:24:0f:dd:0a:25:f8:b4:a0:bf:5d:dc:ff:
cf:22:07:0e:7e:61:c2:3c:66:c4:d2:56:b5:3e:ec:05:cf:54:
4d:d7:18:3f:64:a6:aa:99:f6:65:70:cc:60:61:1a:72:22:bf:
be:4f:88:f1:51:70:7c:10:83:df:af:20:f5:0e:e9:87:18:55:
b1:37:13:1b:4a:b1:8c:1b:18:ca:da:19:82:4b:30:c6:16:cf:
4a:11:2e:de:f4:2f:75:26:94:3c:67:69:d8:e8:1a:15:7c:24:
ab:d6:97:dc:68:b2:0f:1d:cf:ad:b9:eb:a2:2f:0e:ad:63:b5:
e8:ea:30:0b:d0:8a:d1:bf:9a:6d:a5:89:3f:8c:ec:d5:3e:a3:
7b:e0:36:82:12:89:99:8a:dd:c0:2b:5b:46:f5:4e:1c:40:86:
c2:d1:03:c2:8f:ae:92:a6:8c:50:3c:eb:5b:bf:c9:b3:ca:48:
24:34:a7:9d:a3:f5:73:87:7f:09:d7:18:fc:49:9e:76:98:71:
d2:d9:09:03:e7:10:25:23:cd:27:37:08:0d:20:67:7d:83:ac:
2c:c8:2b:a3
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOt5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDMzMjQwWhcNMjcxMjEwMDMzMjQwWjAYMRYw
FAYDVQQDEw02NzZjY2U1Yy01OWRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxCNMQsVJcGosRUsDcOs77nmvf7dNZlYMj8FqLfgH0oxFnD814+w4jq/G
4nWgxb59/Pn4z5mNVNDDKtq06eRdyA3FZMl7d2Ky6ZmAPEveQcaW0czSWyo5nb0a
zp/vZqC/Mfi5AIqlosFUppX8SJeYc1nOSfN/D8lQuxE9YyqDxwPNitbGovEQ82lT
dy0wRyu/pNvUpN+kVo9HJSVDEWRr15VIO5J/eZuXV3M94K+O7EOhJzJr+GNJloKJ
r6kGuohFSFZ5jJsx2Z+suX/4mTm91cyJjPmUhvKI/ZAZqP17QGoW+SWEMVhWEnLA
ByM8R482PoeaBEyCi0bLQOMVEymYawIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMr/
iLVxsq183jryBC3c78q8WgxVMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xMTZGMTBGOEMzM0ExMUVGOEYzMDY1OEM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPS4MA0GCSqGSIb3DQEBCwUA
A4IBAQAX10MFKJ8GhXW9mLHEtvwNNTXBJyMwI7B3FVCYRO2A2b3WtJZRwOrMLnIk
D90KJfi0oL9d3P/PIgcOfmHCPGbE0la1PuwFz1RN1xg/ZKaqmfZlcMxgYRpyIr++
T4jxUXB8EIPfryD1DumHGFWxNxMbSrGMGxjK2hmCSzDGFs9KES7e9C91JpQ8Z2nY
6BoVfCSr1pfcaLIPHc+tueuiLw6tY7Xo6jAL0IrRv5ptpYk/jOzVPqN74DaCEomZ
it3AK1tG9U4cQIbC0QPCj66SpoxQPOtbv8mzykgkNKedo/Vzh38J1xj8SZ52mHHS
2QkD5xAlI80nNwgNIGd9g6wsyCuj
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:41:38 2025 by rpki-client