Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1B06276ECC9011EF901FB250762E951A.roa
File: 1B06276ECC9011EF901FB250762E951A.roa (raw, json)
Hash identifier: RxAlvdPRHx3odWY4aLSCtfsnAlOb8VBi6VRFTx+Gl9U=
Subject key identifier: 1E:FE:F3:90:87:79:BC:FB:DF:CA:27:15:F6:E1:D1:88:0E:8C:D6:E1
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F901
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1B06276ECC9011EF901FB250762E951A.roa
Signing time: Tue 07 Jan 2025 00:41:17 +0000
ROA not before: Tue 07 Jan 2025 00:00:14 +0000
ROA not after: Mon 13 Dec 2027 00:00:14 +0000
asID: 17561
IP address blocks: 156.226.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63745 (0xf901)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 00:00:14 2025 GMT
Not After : Dec 13 00:00:14 2027 GMT
Subject: CN=677c782d-a867
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:c5:af:f7:bc:8a:70:4a:57:c1:88:54:9c:fc:
f9:bb:6e:21:4d:f9:17:02:2b:38:c7:43:54:aa:c5:
6e:be:a0:97:47:48:3f:4c:8e:ce:2c:c6:06:bb:6f:
ff:dc:31:0b:a0:4d:af:5f:2b:98:ed:0c:77:d3:8c:
dd:ea:60:7d:19:88:25:37:ca:dc:ec:51:ae:29:52:
31:2a:70:c8:ce:80:b5:4c:d7:c6:4d:61:15:5a:cd:
1d:1c:fa:54:81:93:38:3a:8f:ef:b3:d5:ba:16:61:
02:2f:9c:37:96:49:93:2c:a0:9a:14:65:48:da:6c:
fd:19:1e:20:5d:f4:af:aa:18:16:4c:fe:ef:e5:98:
a0:8a:44:5f:58:97:ce:83:de:a5:10:d8:ec:8e:ec:
f9:2d:37:95:5a:09:1b:d3:d5:13:08:45:08:27:2a:
03:d8:44:bb:3e:2a:2c:96:0d:42:fd:ee:59:21:78:
83:53:4d:f1:55:19:f8:86:f9:69:93:4a:26:6d:d2:
cf:70:3a:d0:fe:95:42:ae:ba:52:cc:6f:85:99:2b:
33:c6:9e:04:51:ce:7f:3d:ce:41:ff:53:95:65:e2:
70:f6:4f:9f:cc:02:db:fe:37:83:79:bc:31:9d:9b:
32:5e:e6:1c:1e:01:8b:07:05:e7:a9:1a:4f:f9:59:
2c:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:FE:F3:90:87:79:BC:FB:DF:CA:27:15:F6:E1:D1:88:0E:8C:D6:E1
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1B06276ECC9011EF901FB250762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.226.247.0/24
Signature Algorithm: sha256WithRSAEncryption
76:7d:ad:9d:ab:a1:47:33:94:65:1d:85:b1:4d:5c:f5:dc:bb:
7c:d0:97:4d:05:f3:ce:8f:ed:22:a3:94:67:6e:09:36:a8:4a:
82:8c:85:11:90:ef:7b:d0:80:21:65:ef:75:83:f4:7a:cf:66:
3d:f0:c2:ab:67:09:bb:b6:68:61:d7:ad:47:6b:f5:00:31:f2:
99:02:0d:22:40:9e:66:a1:91:4e:6a:47:dd:3d:9a:c6:93:cb:
76:a9:53:8c:a9:a4:8a:fe:33:45:d4:69:1b:5f:a7:fa:01:22:
a9:c3:2c:ce:ae:b7:81:4c:cd:06:75:f8:e2:ca:00:5a:c3:cf:
11:7f:e9:54:bb:40:fd:1a:dd:e1:e7:d5:6a:94:33:76:76:5f:
bc:ea:10:39:67:24:23:c8:49:b3:2d:98:9e:cc:bc:de:52:27:
63:62:34:2e:9b:13:e1:b3:f4:3e:5a:40:41:b2:6e:ff:12:1e:
6f:81:0f:40:69:97:44:f1:9f:9e:76:d3:34:dc:06:b2:b3:0c:
4a:67:85:45:f4:e6:20:57:fb:bc:4b:af:5f:41:5e:7e:25:ea:
19:ca:32:61:39:06:da:a2:8f:89:ec:6c:42:45:7c:41:a2:0d:
a4:bd:45:f1:7a:cf:4e:b2:f7:1a:b6:c9:0a:ba:93:fd:bf:e2:
1e:eb:5b:39
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPkBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDAwMDE0WhcNMjcxMjEzMDAwMDE0WjAYMRYw
FAYDVQQDEw02NzdjNzgyZC1hODY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3MWv97yKcEpXwYhUnPz5u24hTfkXAis4x0NUqsVuvqCXR0g/TI7OLMYG
u2//3DELoE2vXyuY7Qx304zd6mB9GYglN8rc7FGuKVIxKnDIzoC1TNfGTWEVWs0d
HPpUgZM4Oo/vs9W6FmECL5w3lkmTLKCaFGVI2mz9GR4gXfSvqhgWTP7v5ZigikRf
WJfOg96lENjsjuz5LTeVWgkb09UTCEUIJyoD2ES7Pioslg1C/e5ZIXiDU03xVRn4
hvlpk0ombdLPcDrQ/pVCrrpSzG+FmSszxp4EUc5/Pc5B/1OVZeJw9k+fzALb/jeD
ebwxnZsyXuYcHgGLBwXnqRpP+VksrQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFB7+
85CHebz738onFfbh0YgOjNbhMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xQjA2Mjc2RUNDOTAxMUVGOTAxRkIyNTA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOL3MA0GCSqGSIb3DQEBCwUA
A4IBAQB2fa2dq6FHM5RlHYWxTVz13Lt80JdNBfPOj+0io5Rnbgk2qEqCjIURkO97
0IAhZe91g/R6z2Y98MKrZwm7tmhh161Ha/UAMfKZAg0iQJ5moZFOakfdPZrGk8t2
qVOMqaSK/jNF1GkbX6f6ASKpwyzOrreBTM0GdfjiygBaw88Rf+lUu0D9Gt3h59Vq
lDN2dl+86hA5ZyQjyEmzLZiezLzeUidjYjQumxPhs/Q+WkBBsm7/Eh5vgQ9AaZdE
8Z+edtM03AayswxKZ4VF9OYgV/u8S69fQV5+JeoZyjJhOQbaoo+J7GxCRXxBog2k
vUXxes9OsvcatskKupP9v+Ie61s5
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:45:54 2025 by rpki-client