Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1AF209DAC35A11EFAB4BB359762E951A.roa
File: 1AF209DAC35A11EFAB4BB359762E951A.roa (raw, json)
Hash identifier: k+dHv7ijmEP6VgzQ4V12g9OoAVmvaCUMC0lQ35+MOu8=
Subject key identifier: EF:2B:2B:22:F2:E6:A2:CB:95:A8:15:CB:13:EF:62:0D:F7:53:8B:E1
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EC57
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1AF209DAC35A11EFAB4BB359762E951A.roa
Signing time: Thu 26 Dec 2024 07:22:04 +0000
ROA not before: Thu 26 Dec 2024 07:22:00 +0000
ROA not after: Sun 23 Feb 2025 07:22:00 +0000
asID: 63139
IP address blocks: 156.229.42.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60503 (0xec57)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 07:22:00 2024 GMT
Not After : Feb 23 07:22:00 2025 GMT
Subject: CN=676d041c-18e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:72:3c:fe:14:53:b0:44:19:d7:05:5e:ae:24:
84:a4:53:76:6b:0f:28:fc:46:3b:e7:15:07:29:fb:
56:48:12:e9:b6:5c:e7:b8:0a:da:b3:3a:2e:22:f2:
0b:5e:2e:c5:a0:51:64:ea:a6:9e:ed:79:13:03:42:
70:97:d5:8f:13:d4:82:c5:14:16:c3:79:31:85:02:
61:d4:fa:b3:0d:4a:df:71:ff:0f:ba:b0:83:3b:8c:
a2:3b:02:8f:23:bd:f0:04:ad:2e:36:cb:6d:06:ff:
7d:5b:15:ed:5f:68:49:9c:ae:c9:76:b6:a7:09:94:
a6:d7:6f:a0:64:17:87:d4:73:4e:35:87:85:4e:97:
64:e4:43:1f:bd:43:9e:88:d1:3c:c8:7e:fb:62:42:
a5:22:c3:01:a7:03:59:b3:57:9f:4b:68:e1:9c:d1:
3c:6f:04:ec:27:31:14:8a:a1:ad:30:d7:ef:b1:16:
77:4e:00:91:51:07:e7:5a:6a:84:6c:31:71:88:45:
d3:8a:a1:09:fa:9b:99:0c:2c:e4:f2:58:c8:8d:7b:
43:c0:36:41:dd:86:40:1e:41:73:3f:5a:4f:5d:d4:
2a:1b:ea:8e:0b:b9:aa:43:2e:b6:33:90:d0:9b:97:
12:cc:a3:00:d5:90:9f:8b:82:a9:7f:28:d6:1b:27:
68:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:2B:2B:22:F2:E6:A2:CB:95:A8:15:CB:13:EF:62:0D:F7:53:8B:E1
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1AF209DAC35A11EFAB4BB359762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.42.0/23
Signature Algorithm: sha256WithRSAEncryption
09:4f:a5:17:db:b1:b4:7b:d7:0b:c5:7c:f0:60:6b:f6:b5:57:
59:b3:97:a1:e6:6a:a1:cf:c6:0a:89:c1:ab:a4:94:7a:44:59:
c1:28:67:02:e4:35:73:86:cb:89:36:21:82:58:84:f9:e2:f9:
6c:ad:dc:5b:be:79:f6:13:85:4d:5f:38:ff:ec:cb:fd:87:0f:
4a:0d:af:9d:cb:f9:9f:c9:12:6e:6a:f1:f4:54:85:72:c8:7b:
97:29:18:ea:a8:2a:17:78:7e:d0:24:97:72:74:82:ba:63:16:
a0:f9:94:8f:86:f9:64:d9:bc:c0:dc:dd:f2:5f:15:b2:81:39:
a7:c2:5c:4c:4f:dd:53:f3:9e:42:9f:7b:ce:3a:c5:1e:9e:41:
c7:eb:73:ef:94:26:ec:61:66:15:45:09:6e:05:a1:c3:b2:98:
20:7d:cb:98:d4:94:12:45:9d:12:6d:db:98:8a:7e:19:65:21:
88:04:77:9b:04:95:43:05:72:c9:fd:6c:7b:f2:66:37:c9:6d:
c1:0e:61:64:b5:10:60:29:34:16:4e:4d:0c:aa:ee:53:b9:31:
2b:5d:19:52:94:c8:77:37:fb:e3:62:f6:f9:8c:19:ae:33:83:
8a:63:92:1a:db:6d:09:17:90:e3:84:6c:87:8f:24:22:7c:6f:
0f:46:4a:17
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOxXMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDcyMjAwWhcNMjUwMjIzMDcyMjAwWjAYMRYw
FAYDVQQDEw02NzZkMDQxYy0xOGUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnnI8/hRTsEQZ1wVeriSEpFN2aw8o/EY75xUHKftWSBLptlznuAraszou
IvILXi7FoFFk6qae7XkTA0Jwl9WPE9SCxRQWw3kxhQJh1PqzDUrfcf8PurCDO4yi
OwKPI73wBK0uNsttBv99WxXtX2hJnK7JdranCZSm12+gZBeH1HNONYeFTpdk5EMf
vUOeiNE8yH77YkKlIsMBpwNZs1efS2jhnNE8bwTsJzEUiqGtMNfvsRZ3TgCRUQfn
WmqEbDFxiEXTiqEJ+puZDCzk8ljIjXtDwDZB3YZAHkFzP1pPXdQqG+qOC7mqQy62
M5DQm5cSzKMA1ZCfi4KpfyjWGydorwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFO8r
KyLy5qLLlagVyxPvYg33U4vhMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xQUYyMDlEQUMzNUExMUVGQUI0QkIzNTk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnOUqMA0GCSqGSIb3DQEBCwUA
A4IBAQAJT6UX27G0e9cLxXzwYGv2tVdZs5eh5mqhz8YKicGrpJR6RFnBKGcC5DVz
hsuJNiGCWIT54vlsrdxbvnn2E4VNXzj/7Mv9hw9KDa+dy/mfyRJuavH0VIVyyHuX
KRjqqCoXeH7QJJdydIK6Yxag+ZSPhvlk2bzA3N3yXxWygTmnwlxMT91T855Cn3vO
OsUenkHH63PvlCbsYWYVRQluBaHDspggfcuY1JQSRZ0SbduYin4ZZSGIBHebBJVD
BXLJ/Wx78mY3yW3BDmFktRBgKTQWTk0Mqu5TuTErXRlSlMh3N/vjYvb5jBmuM4OK
Y5Ia220JF5DjhGyHjyQifG8PRkoX
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:44:32 2025 by rpki-client