Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1B9794E8C27B11EF9A0B7C56762E951A.roa
File: 1B9794E8C27B11EF9A0B7C56762E951A.roa (raw, json)
Hash identifier: TF337U0OaMx3Exlk3WU7NK/NVKBWwuJz1k37WTV7TEo=
Subject key identifier: 49:86:1A:B8:83:AB:D8:69:72:19:38:B9:6C:5B:9B:49:5D:89:C1:65
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E89F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1B9794E8C27B11EF9A0B7C56762E951A.roa
Signing time: Wed 25 Dec 2024 04:45:47 +0000
ROA not before: Wed 25 Dec 2024 04:45:44 +0000
ROA not after: Wed 10 Dec 2025 04:45:44 +0000
asID: 984
IP address blocks: 156.227.161.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59551 (0xe89f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 25 04:45:44 2024 GMT
Not After : Dec 10 04:45:44 2025 GMT
Subject: CN=676b8dfb-683f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:4c:b6:4f:55:98:c3:b1:3f:8c:e9:fd:3e:79:
71:71:07:b1:eb:e7:86:41:0c:96:f1:6d:f9:ca:ff:
6e:75:f3:1f:e4:53:7e:91:1d:19:9a:7a:32:ae:e6:
31:4f:03:ce:08:80:72:96:e9:a0:ba:8f:54:a4:fe:
e9:d1:12:80:2c:f5:3f:4e:94:f5:95:a5:45:96:60:
00:8f:a0:9a:92:48:7d:d0:17:c7:35:d6:7d:de:7c:
ae:22:fb:91:ec:a8:62:c4:50:9e:56:0b:e7:46:08:
27:ca:e4:69:d6:46:fb:c6:87:71:a3:db:c8:8a:86:
0d:61:9b:e3:4d:f5:6e:c5:aa:30:fa:38:d8:ec:5c:
31:bb:94:b1:ed:d4:17:fb:8e:c1:87:ca:82:e7:27:
06:83:d5:84:e4:d0:05:09:a0:f9:ef:d1:48:d2:c8:
08:d9:b7:4a:8e:eb:65:82:50:82:a1:db:1f:44:22:
33:f5:f8:3d:68:60:9b:c3:a0:ad:6e:e7:ef:fc:cf:
e7:47:c7:e7:d8:6c:c3:a9:fc:17:1c:f1:53:4a:58:
5b:bd:73:3e:2f:56:75:9f:b1:16:f0:7e:07:04:29:
9b:62:06:38:32:c2:48:59:70:8a:0e:5f:f4:3b:8f:
0c:de:81:93:1b:29:0f:af:9b:01:97:3d:a0:d1:bf:
08:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:86:1A:B8:83:AB:D8:69:72:19:38:B9:6C:5B:9B:49:5D:89:C1:65
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1B9794E8C27B11EF9A0B7C56762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.161.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:e1:a5:bd:c9:ce:50:d1:25:5c:e1:40:d7:92:80:7a:2f:52:
39:53:0c:e7:40:88:ac:82:db:c5:f8:79:d0:bf:72:f5:c6:2e:
41:95:2a:ac:7a:30:d4:ad:20:58:15:71:1f:b8:02:2b:09:e3:
5b:5e:bf:09:8c:dc:f8:1b:d7:a6:99:71:e1:31:db:f2:ab:cd:
15:81:36:16:26:ff:1b:bd:3d:db:bf:1f:db:36:e5:60:b2:73:
47:a5:33:83:36:22:c0:55:2f:50:79:45:ab:d1:af:ad:f3:30:
c9:1d:ca:a1:90:01:64:6d:cb:ae:16:ce:11:1f:88:76:ad:95:
68:e8:bd:7a:3d:96:aa:0c:d6:62:57:67:dd:b9:14:85:d1:9e:
48:30:56:70:87:cb:0c:a0:4e:21:10:10:2d:36:5d:ba:29:b2:
f9:5d:61:da:4e:78:af:f9:e8:39:3e:95:b6:2b:c4:14:28:af:
5e:b5:98:78:8c:6f:d6:f2:2a:f5:47:36:36:ae:39:70:cf:d8:
89:8e:0e:6c:e2:61:07:03:8d:61:15:cb:0b:26:8e:2f:dc:be:
f2:0e:83:84:75:d8:9b:4c:b9:bc:19:96:ab:95:55:bb:b0:38:
df:a1:f5:7a:68:88:c9:c0:99:71:da:fe:ee:84:20:1b:27:41:
40:f8:d1:40
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOifMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI1MDQ0NTQ0WhcNMjUxMjEwMDQ0NTQ0WjAYMRYw
FAYDVQQDEw02NzZiOGRmYi02ODNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAr0y2T1WYw7E/jOn9PnlxcQex6+eGQQyW8W35yv9udfMf5FN+kR0Zmnoy
ruYxTwPOCIBylumguo9UpP7p0RKALPU/TpT1laVFlmAAj6Cakkh90BfHNdZ93nyu
IvuR7KhixFCeVgvnRggnyuRp1kb7xodxo9vIioYNYZvjTfVuxaow+jjY7Fwxu5Sx
7dQX+47Bh8qC5ycGg9WE5NAFCaD579FI0sgI2bdKjutlglCCodsfRCIz9fg9aGCb
w6Ctbufv/M/nR8fn2GzDqfwXHPFTSlhbvXM+L1Z1n7EW8H4HBCmbYgY4MsJIWXCK
Dl/0O48M3oGTGykPr5sBlz2g0b8IxwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEmG
GriDq9hpchk4uWxbm0ldicFlMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xQjk3OTRFOEMyN0IxMUVGOUEwQjdDNTY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOOhMA0GCSqGSIb3DQEBCwUA
A4IBAQBr4aW9yc5Q0SVc4UDXkoB6L1I5UwznQIisgtvF+HnQv3L1xi5BlSqsejDU
rSBYFXEfuAIrCeNbXr8JjNz4G9emmXHhMdvyq80VgTYWJv8bvT3bvx/bNuVgsnNH
pTODNiLAVS9QeUWr0a+t8zDJHcqhkAFkbcuuFs4RH4h2rZVo6L16PZaqDNZiV2fd
uRSF0Z5IMFZwh8sMoE4hEBAtNl26KbL5XWHaTniv+eg5PpW2K8QUKK9etZh4jG/W
8ir1RzY2rjlwz9iJjg5s4mEHA41hFcsLJo4v3L7yDoOEddibTLm8GZarlVW7sDjf
ofV6aIjJwJlx2v7uhCAbJ0FA+NFA
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:52:05 2025 by rpki-client