Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1D9E760CCD8011EF99965066762E951A.roa
File: 1D9E760CCD8011EF99965066762E951A.roa (raw, json)
Hash identifier: gP8aP3ON6ptbce9UnBCJ64I1fvkCFsODFNwmnxQaIT0=
Subject key identifier: 16:40:19:7D:A7:AB:87:52:AC:34:82:F6:0E:18:3F:EF:EF:58:36:2A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FFFD
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1D9E760CCD8011EF99965066762E951A.roa
Signing time: Wed 08 Jan 2025 05:19:21 +0000
ROA not before: Wed 08 Jan 2025 05:19:17 +0000
ROA not after: Mon 13 Dec 2027 05:19:17 +0000
asID: 17561
IP address blocks: 156.251.124.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65533 (0xfffd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 05:19:17 2025 GMT
Not After : Dec 13 05:19:17 2027 GMT
Subject: CN=677e0ad9-bc26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:80:ae:28:60:78:65:78:a9:98:ac:1a:9a:44:
d2:b1:dc:d2:91:76:94:96:a7:60:ea:c9:6a:2e:10:
78:07:fa:57:54:e6:ea:38:b3:76:4b:db:74:13:b7:
c9:0a:b0:71:4c:a8:be:6a:3e:9c:93:a1:0e:88:32:
3d:c5:a5:f8:e1:de:f8:1e:26:79:7b:1b:06:37:2b:
dd:8c:81:e5:62:0e:d1:70:67:59:d9:0d:c6:8f:4d:
3c:c2:c1:4a:0b:bb:0f:57:16:3b:5b:0e:c7:70:eb:
84:ef:7c:4a:eb:99:4f:be:18:0a:84:ab:e8:58:85:
5d:47:d9:8a:16:90:86:f9:31:ef:ac:d3:01:35:28:
46:8c:41:0c:a7:57:59:2e:b0:44:06:07:e2:2d:0b:
c5:a5:2c:45:8a:4a:84:88:87:c7:0c:cb:36:f8:65:
79:74:e2:48:da:3a:0c:b2:00:3b:7d:cd:ad:ca:7b:
f2:68:10:bf:dc:33:de:85:7a:07:bf:c0:6d:16:0f:
cc:c7:b7:6a:c6:3d:be:28:bb:16:96:14:a9:85:63:
8b:fb:fc:d9:8f:aa:da:ce:fd:ee:15:c8:d9:b9:a9:
e4:b1:45:ec:69:be:d3:a7:38:38:a1:24:1e:0a:f9:
35:2a:ea:c9:d2:39:0e:fe:ea:30:e8:38:67:e6:31:
09:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:40:19:7D:A7:AB:87:52:AC:34:82:F6:0E:18:3F:EF:EF:58:36:2A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1D9E760CCD8011EF99965066762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.251.124.0/24
Signature Algorithm: sha256WithRSAEncryption
92:0f:9a:6f:5d:cd:f3:34:46:3f:80:c3:1f:64:8a:00:e0:7b:
ea:a9:56:75:2f:58:8a:f7:a6:dd:80:80:7c:14:1a:58:7d:ae:
44:6a:93:d1:f4:b7:84:bf:62:36:a0:21:96:99:87:f8:f9:a5:
6a:e1:e7:54:03:9c:bd:cf:25:7c:5d:8d:34:0e:1f:83:a1:fb:
90:7e:d5:b3:95:d0:79:90:25:f7:5e:c3:83:15:72:ea:57:43:
8a:12:2b:b4:1a:15:ea:2f:4e:35:d9:02:87:cf:61:2b:68:a7:
84:34:3b:cb:ad:ea:0b:7e:cb:5d:5c:2d:c2:f9:e0:a7:c2:ed:
7e:7f:91:d1:ac:cb:00:71:b8:8e:bc:35:4f:ee:a2:13:ff:12:
93:77:61:12:f7:1a:0f:33:68:73:22:61:9c:88:9b:5e:95:71:
43:77:f2:2f:11:6b:c3:3a:e5:62:4b:93:5b:f8:05:11:b5:b6:
58:ef:07:5a:08:58:9b:a5:3f:a9:e4:63:cb:54:a2:8b:36:d4:
ce:7b:6e:83:0c:ad:dc:55:34:d5:4a:8d:63:84:60:2d:08:e9:
76:58:25:f8:ad:d0:3e:1f:50:e3:de:e6:78:58:21:1d:59:47:
41:90:a4:6b:91:f6:04:2b:70:a1:59:95:08:43:df:45:de:51:
40:44:3c:18
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP/9MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDUxOTE3WhcNMjcxMjEzMDUxOTE3WjAYMRYw
FAYDVQQDEw02NzdlMGFkOS1iYzI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsICuKGB4ZXipmKwamkTSsdzSkXaUlqdg6slqLhB4B/pXVObqOLN2S9t0
E7fJCrBxTKi+aj6ck6EOiDI9xaX44d74HiZ5exsGNyvdjIHlYg7RcGdZ2Q3Gj008
wsFKC7sPVxY7Ww7HcOuE73xK65lPvhgKhKvoWIVdR9mKFpCG+THvrNMBNShGjEEM
p1dZLrBEBgfiLQvFpSxFikqEiIfHDMs2+GV5dOJI2joMsgA7fc2tynvyaBC/3DPe
hXoHv8BtFg/Mx7dqxj2+KLsWlhSphWOL+/zZj6razv3uFcjZuanksUXsab7Tpzg4
oSQeCvk1KurJ0jkO/uow6Dhn5jEJAQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBZA
GX2nq4dSrDSC9g4YP+/vWDYqMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xRDlFNzYwQ0NEODAxMUVGOTk5NjUwNjY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPt8MA0GCSqGSIb3DQEBCwUA
A4IBAQCSD5pvXc3zNEY/gMMfZIoA4HvqqVZ1L1iK96bdgIB8FBpYfa5EapPR9LeE
v2I2oCGWmYf4+aVq4edUA5y9zyV8XY00Dh+DofuQftWzldB5kCX3XsODFXLqV0OK
Eiu0GhXqL0412QKHz2EraKeENDvLreoLfstdXC3C+eCnwu1+f5HRrMsAcbiOvDVP
7qIT/xKTd2ES9xoPM2hzImGciJtelXFDd/IvEWvDOuViS5Nb+AURtbZY7wdaCFib
pT+p5GPLVKKLNtTOe26DDK3cVTTVSo1jhGAtCOl2WCX4rdA+H1Dj3uZ4WCEdWUdB
kKRrkfYEK3ChWZUIQ99F3lFARDwY
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:54:18 2025 by rpki-client