Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1DA78C44CEF511EFAB5730A7762E951A.roa
File: 1DA78C44CEF511EFAB5730A7762E951A.roa (raw, json)
Hash identifier: UFCqHgQl8zg06ITPoP3dXkyAnkBzmNMxXZ7vG2ib/cg=
Subject key identifier: A8:CB:7D:12:39:E9:F1:DB:BD:7B:51:49:17:29:BC:1E:72:C7:9A:51
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010489
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1DA78C44CEF511EFAB5730A7762E951A.roa
Signing time: Fri 10 Jan 2025 01:49:23 +0000
ROA not before: Fri 10 Jan 2025 01:49:20 +0000
ROA not after: Mon 14 Jul 2025 01:49:20 +0000
asID: 135419
IP address blocks: 156.232.106.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66697 (0x10489)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 10 01:49:20 2025 GMT
Not After : Jul 14 01:49:20 2025 GMT
Subject: CN=67807ca3-9e6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:7a:46:8c:cf:b0:b5:7a:cc:3f:cb:72:f7:ca:
df:46:85:87:6a:90:48:fe:ea:58:43:95:84:ce:13:
68:3a:4e:32:88:09:71:d4:92:e4:24:f9:2e:51:c4:
8c:2d:f6:ad:2a:08:7f:ca:6f:b1:d9:06:9a:e4:b3:
be:82:d5:32:e6:e8:f4:c8:76:40:84:fc:04:56:07:
82:7b:cb:ee:62:b6:fd:29:43:85:72:f7:5f:f5:a2:
6d:c6:78:82:04:a1:66:9b:27:46:3d:ac:52:1a:6a:
0c:89:70:df:ff:c0:73:a5:a2:79:83:40:02:0e:75:
75:d4:67:33:44:84:38:94:ec:e2:46:88:84:dd:50:
78:1e:b9:6b:69:d9:2f:c1:39:39:74:06:2a:58:ad:
83:5d:80:c5:8c:d1:1f:0d:98:e6:47:ce:8c:9f:9f:
78:e9:3f:77:86:88:17:f6:44:1b:3b:5c:05:bb:12:
9c:a7:d9:45:c6:2d:cf:ce:f9:a6:44:e4:07:ba:d9:
8d:ac:77:76:4f:d2:30:5c:49:c2:03:65:36:91:02:
04:b9:05:1a:bc:36:02:c5:bb:41:fc:dd:34:9b:e4:
f5:c3:9c:71:91:23:68:ea:89:12:fb:f2:17:3b:67:
9d:04:0d:78:ac:d2:82:f9:93:4c:a7:fa:32:b8:af:
d6:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:CB:7D:12:39:E9:F1:DB:BD:7B:51:49:17:29:BC:1E:72:C7:9A:51
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1DA78C44CEF511EFAB5730A7762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.232.106.0/24
Signature Algorithm: sha256WithRSAEncryption
93:26:7d:99:80:f4:55:60:b7:2b:ca:6b:3f:d7:25:5f:11:8a:
3b:91:45:cd:2b:a7:74:ad:28:5a:f3:c6:4d:c0:b6:b2:81:b8:
5b:86:17:ef:94:97:bb:b8:bb:8a:10:f1:54:93:0f:51:54:53:
21:76:64:75:36:50:70:71:07:6f:da:34:6f:70:62:fb:51:3a:
d0:cc:ec:8e:1b:57:f7:cd:fc:e8:d7:03:7a:7e:c0:d4:03:6f:
c7:86:e5:f4:38:2f:98:e2:85:5f:2a:14:a9:e2:cc:cd:62:6b:
5f:a4:28:2c:dc:0f:91:bf:6c:77:a2:e3:f6:fc:74:4f:76:83:
5e:88:0b:28:1d:19:43:f1:4a:5e:a8:f1:83:bf:5a:c3:47:6b:
fd:7a:ee:d9:77:7b:6a:2f:9a:8b:7a:4b:99:f4:48:e2:a5:7e:
fa:46:64:a8:10:a9:1e:ce:6d:7f:8c:5a:35:98:94:8c:78:b6:
4e:4b:00:ce:61:28:57:06:32:2c:39:e9:a0:21:4b:c3:07:13:
20:a5:83:c9:35:1d:a5:b7:38:b5:0d:20:91:a1:b6:40:c4:98:
16:78:b9:f3:68:23:f3:4d:65:80:f6:79:e5:09:12:d6:85:ff:
b6:97:e2:34:49:6d:b1:13:c5:b8:fe:6e:3c:aa:20:44:a4:13:
29:e3:f2:f1
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQSJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTEwMDE0OTIwWhcNMjUwNzE0MDE0OTIwWjAYMRYw
FAYDVQQDEw02NzgwN2NhMy05ZTZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0npGjM+wtXrMP8ty98rfRoWHapBI/upYQ5WEzhNoOk4yiAlx1JLkJPku
UcSMLfatKgh/ym+x2Qaa5LO+gtUy5uj0yHZAhPwEVgeCe8vuYrb9KUOFcvdf9aJt
xniCBKFmmydGPaxSGmoMiXDf/8BzpaJ5g0ACDnV11GczRIQ4lOziRoiE3VB4Hrlr
adkvwTk5dAYqWK2DXYDFjNEfDZjmR86Mn5946T93hogX9kQbO1wFuxKcp9lFxi3P
zvmmROQHutmNrHd2T9IwXEnCA2U2kQIEuQUavDYCxbtB/N00m+T1w5xxkSNo6okS
+/IXO2edBA14rNKC+ZNMp/oyuK/WowIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKjL
fRI56fHbvXtRSRcpvB5yx5pRMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xREE3OEM0NENFRjUxMUVGQUI1NzMwQTc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOhqMA0GCSqGSIb3DQEBCwUA
A4IBAQCTJn2ZgPRVYLcryms/1yVfEYo7kUXNK6d0rSha88ZNwLaygbhbhhfvlJe7
uLuKEPFUkw9RVFMhdmR1NlBwcQdv2jRvcGL7UTrQzOyOG1f3zfzo1wN6fsDUA2/H
huX0OC+Y4oVfKhSp4szNYmtfpCgs3A+Rv2x3ouP2/HRPdoNeiAsoHRlD8UpeqPGD
v1rDR2v9eu7Zd3tqL5qLekuZ9EjipX76RmSoEKkezm1/jFo1mJSMeLZOSwDOYShX
BjIsOemgIUvDBxMgpYPJNR2ltzi1DSCRobZAxJgWeLnzaCPzTWWA9nnlCRLWhf+2
l+I0SW2xE8W4/m48qiBEpBMp4/Lx
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:43:23 2025 by rpki-client