Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1B31510AC96111EF81A5439F762E951A.roa
File: 1B31510AC96111EF81A5439F762E951A.roa (raw, json)
Hash identifier: iPQRN5Icgh+GnlVyDgfYoxgDfsWeA2gpjzhtxQlJJRc=
Subject key identifier: A3:B2:90:7B:23:AB:F6:85:1B:62:62:C1:ED:E1:97:36:17:37:22:E8
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F460
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1B31510AC96111EF81A5439F762E951A.roa
Signing time: Thu 02 Jan 2025 23:27:18 +0000
ROA not before: Thu 02 Jan 2025 23:27:14 +0000
ROA not after: Mon 13 Dec 2027 23:27:14 +0000
asID: 17561
IP address blocks: 156.226.226.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62560 (0xf460)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 2 23:27:14 2025 GMT
Not After : Dec 13 23:27:14 2027 GMT
Subject: CN=677720d6-5736
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:0e:08:f4:10:d2:10:65:33:0f:76:64:c7:82:
1b:75:02:91:be:1e:f1:f8:4b:91:4a:77:65:3e:0f:
d3:28:f1:e6:8b:49:9a:b4:14:fc:71:60:9f:03:a0:
9f:81:f1:95:2d:98:84:0c:85:8d:dc:3c:d2:75:c6:
f6:4f:e4:5d:8a:74:47:35:9b:21:9d:4f:e8:53:f4:
2c:d1:96:b4:c3:de:08:a1:fa:11:e7:0e:ba:54:8f:
ce:ac:9b:d1:c0:6d:9d:2b:f1:91:ae:fb:cb:7d:57:
2f:30:c4:91:06:c9:d9:d6:d6:c7:e1:d0:c0:ad:81:
1a:e6:0a:8b:4d:b5:b8:30:6c:40:90:90:ce:d6:5f:
b1:67:d3:df:f0:7a:01:78:a8:c7:43:2e:d1:cd:02:
c5:44:17:82:3b:ad:33:17:f9:19:27:2e:31:37:d6:
60:e6:ce:ee:b2:47:57:a1:ba:d7:42:7d:9f:f5:b2:
f8:08:9b:b0:07:bf:13:e3:5e:8b:28:d4:00:79:20:
88:14:8c:40:9a:64:a5:3e:cc:a3:10:d4:3a:99:68:
28:93:59:7e:2b:59:b4:c5:d2:2f:fa:82:af:8b:25:
3f:91:fd:5e:10:25:31:a9:b1:6b:53:e5:ad:06:e8:
c1:17:c5:64:f9:03:52:4e:62:5c:a6:8c:c3:28:9b:
39:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:B2:90:7B:23:AB:F6:85:1B:62:62:C1:ED:E1:97:36:17:37:22:E8
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1B31510AC96111EF81A5439F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.226.226.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:3e:26:c0:8c:5e:52:5f:d6:f0:5e:a1:2d:4f:b5:ef:68:3b:
24:51:8d:52:0d:3e:a2:b0:42:80:9c:13:6b:29:89:d5:84:17:
0d:89:f8:cb:43:3f:60:f3:cc:08:42:eb:6d:9f:c3:39:ab:2f:
a3:40:a1:9c:bc:60:b9:37:f2:ef:25:13:33:fb:56:d2:36:14:
0e:87:d7:46:d2:17:6e:d4:9a:a7:f3:e7:18:1d:7b:f7:c1:ac:
88:7b:79:58:2e:ef:2e:44:f0:4c:85:21:29:b6:5d:09:00:82:
38:37:4b:1f:86:bd:1d:41:db:1f:8f:a4:41:a8:92:e6:99:96:
c7:92:15:47:b4:29:29:42:29:b9:79:2a:0a:e0:e7:43:de:50:
e3:54:c5:26:ba:b1:37:68:20:4d:0e:9a:4c:85:64:00:b7:db:
cc:74:28:58:30:49:e7:7d:76:db:f7:81:4a:da:e8:87:0d:09:
c4:d5:79:6e:80:4b:18:3e:71:ca:78:00:ed:22:00:bd:b2:9e:
6f:19:44:07:39:db:f0:d2:c3:65:5e:1e:67:89:48:f9:2b:e3:
1b:df:31:d4:47:24:b7:ac:71:82:5c:aa:93:7f:77:24:af:a4:
56:61:12:38:eb:32:b4:b6:68:5e:ca:fc:62:26:51:51:f4:30:
69:8c:a2:fd
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPRgMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAyMjMyNzE0WhcNMjcxMjEzMjMyNzE0WjAYMRYw
FAYDVQQDEw02Nzc3MjBkNi01NzM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5Q4I9BDSEGUzD3Zkx4IbdQKRvh7x+EuRSndlPg/TKPHmi0matBT8cWCf
A6CfgfGVLZiEDIWN3DzSdcb2T+RdinRHNZshnU/oU/Qs0Za0w94IofoR5w66VI/O
rJvRwG2dK/GRrvvLfVcvMMSRBsnZ1tbH4dDArYEa5gqLTbW4MGxAkJDO1l+xZ9Pf
8HoBeKjHQy7RzQLFRBeCO60zF/kZJy4xN9Zg5s7uskdXobrXQn2f9bL4CJuwB78T
416LKNQAeSCIFIxAmmSlPsyjENQ6mWgok1l+K1m0xdIv+oKviyU/kf1eECUxqbFr
U+WtBujBF8Vk+QNSTmJcpozDKJs5RwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKOy
kHsjq/aFG2Jiwe3hlzYXNyLoMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xQjMxNTEwQUM5NjExMUVGODFBNTQzOUY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOLiMA0GCSqGSIb3DQEBCwUA
A4IBAQCkPibAjF5SX9bwXqEtT7XvaDskUY1SDT6isEKAnBNrKYnVhBcNifjLQz9g
88wIQuttn8M5qy+jQKGcvGC5N/LvJRMz+1bSNhQOh9dG0hdu1Jqn8+cYHXv3wayI
e3lYLu8uRPBMhSEptl0JAII4N0sfhr0dQdsfj6RBqJLmmZbHkhVHtCkpQim5eSoK
4OdD3lDjVMUmurE3aCBNDppMhWQAt9vMdChYMEnnfXbb94FK2uiHDQnE1XlugEsY
PnHKeADtIgC9sp5vGUQHOdvw0sNlXh5niUj5K+Mb3zHURyS3rHGCXKqTf3ckr6RW
YRI46zK0tmheyvxiJlFR9DBpjKL9
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:51:00 2025 by rpki-client