Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1EB5866EC32311EFBA087568762E951A.roa
File: 1EB5866EC32311EFBA087568762E951A.roa (raw, json)
Hash identifier: jCYg11I/bgqh0JUEj/cn12JBp/PUFenezJCnZMsszEA=
Subject key identifier: DF:C7:CE:34:FF:36:68:1E:F9:87:66:67:C1:AF:AC:F7:36:37:FB:86
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EA44
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1EB5866EC32311EFBA087568762E951A.roa
Signing time: Thu 26 Dec 2024 00:48:28 +0000
ROA not before: Thu 26 Dec 2024 00:00:24 +0000
ROA not after: Sat 01 Mar 2025 00:00:24 +0000
asID: 984
IP address blocks: 156.242.64.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59972 (0xea44)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 00:00:24 2024 GMT
Not After : Mar 1 00:00:24 2025 GMT
Subject: CN=676ca7dc-43a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:5c:50:4a:13:61:52:d5:da:73:63:89:77:d8:
65:b1:af:6d:b8:75:42:16:49:0c:4d:ec:00:11:38:
39:7c:46:30:54:e4:11:9d:cb:56:b5:c1:2c:41:35:
52:81:a6:da:d7:35:f0:1c:d7:f1:d0:27:34:3c:01:
ed:f0:5a:1a:71:db:88:78:71:00:7c:28:35:e5:f8:
60:06:aa:5f:df:59:36:3a:2a:ba:3d:c5:bd:78:90:
8f:b6:89:97:3e:05:61:b8:9c:8f:00:82:a5:f7:fd:
0d:04:75:ff:78:ce:d1:ce:38:7d:3c:48:4f:aa:40:
29:8f:db:b8:87:98:2a:96:3b:86:bb:4c:20:45:2b:
80:49:8f:30:04:65:48:79:87:2f:1d:d8:f7:af:68:
a5:92:b6:8e:44:0b:6a:45:d7:8b:6a:a8:cd:66:d3:
a0:d0:30:84:9e:c7:a7:c6:c5:91:91:8b:72:d1:d9:
6b:f5:25:18:35:c7:09:0c:2f:b1:b2:49:7f:73:3e:
0a:86:a6:23:d1:af:e3:16:e3:33:e1:0b:ac:99:6c:
ea:b5:b3:c0:96:3c:88:59:19:29:f4:5c:a8:0a:9e:
a5:d1:4f:a6:35:79:2d:0e:06:76:b6:08:23:e7:4f:
af:5e:e9:96:7b:8e:e5:ba:87:ca:c7:8f:b3:c9:d8:
44:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:C7:CE:34:FF:36:68:1E:F9:87:66:67:C1:AF:AC:F7:36:37:FB:86
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1EB5866EC32311EFBA087568762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.242.64.0/18
Signature Algorithm: sha256WithRSAEncryption
b2:31:ad:d6:fd:2e:41:a3:76:65:39:5e:9f:3e:ef:55:d3:34:
1f:d6:06:34:fd:04:5c:7e:03:54:bf:1d:0a:56:74:f5:c8:97:
8a:07:03:40:ec:89:8c:e6:e7:07:d0:96:2b:da:d1:46:c1:aa:
76:31:1b:a1:d1:bb:0f:1d:ca:be:7f:93:e2:40:28:e3:e3:42:
a3:b4:71:27:43:db:6e:74:6d:c6:89:19:cc:da:c3:79:6f:5d:
96:5d:04:82:0d:aa:20:77:fe:6e:92:4f:83:ed:7d:52:00:21:
d9:a6:0a:80:8e:35:4f:a1:5b:22:a3:46:4e:a4:1b:05:d8:25:
d8:24:37:c5:c6:b5:df:0b:84:94:08:39:2a:98:ca:bb:c1:ca:
6e:7c:e0:9b:fc:7f:ab:45:5b:9d:51:b2:48:86:63:c1:78:6d:
0e:52:94:12:44:ce:cf:48:7c:7b:72:ce:ac:7f:0f:5f:0e:7e:
79:69:0e:c3:2f:0f:e6:23:b6:7b:be:03:12:73:11:d1:b8:d4:
7e:1c:af:45:a3:15:4c:72:25:0c:e0:70:33:ff:69:1c:c2:15:
e7:1c:30:c8:8f:56:2e:e7:2b:e7:81:9e:1b:84:a1:86:11:72:
28:57:3b:9d:50:2b:53:17:66:ce:c0:3f:b8:e2:ad:2b:a9:de:
b2:ee:13:53
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOpEMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDAwMDI0WhcNMjUwMzAxMDAwMDI0WjAYMRYw
FAYDVQQDEw02NzZjYTdkYy00M2EwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxlxQShNhUtXac2OJd9hlsa9tuHVCFkkMTewAETg5fEYwVOQRnctWtcEs
QTVSgaba1zXwHNfx0Cc0PAHt8FoacduIeHEAfCg15fhgBqpf31k2Oiq6PcW9eJCP
tomXPgVhuJyPAIKl9/0NBHX/eM7Rzjh9PEhPqkApj9u4h5gqljuGu0wgRSuASY8w
BGVIeYcvHdj3r2ilkraORAtqRdeLaqjNZtOg0DCEnsenxsWRkYty0dlr9SUYNccJ
DC+xskl/cz4KhqYj0a/jFuMz4QusmWzqtbPAljyIWRkp9FyoCp6l0U+mNXktDgZ2
tggj50+vXumWe47luofKx4+zydhE5wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFN/H
zjT/Nmge+YdmZ8GvrPc2N/uGMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xRUI1ODY2RUMzMjMxMUVGQkEwODc1Njg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGnPJAMA0GCSqGSIb3DQEBCwUA
A4IBAQCyMa3W/S5Bo3ZlOV6fPu9V0zQf1gY0/QRcfgNUvx0KVnT1yJeKBwNA7ImM
5ucH0JYr2tFGwap2MRuh0bsPHcq+f5PiQCjj40KjtHEnQ9tudG3GiRnM2sN5b12W
XQSCDaogd/5ukk+D7X1SACHZpgqAjjVPoVsio0ZOpBsF2CXYJDfFxrXfC4SUCDkq
mMq7wcpufOCb/H+rRVudUbJIhmPBeG0OUpQSRM7PSHx7cs6sfw9fDn55aQ7DLw/m
I7Z7vgMScxHRuNR+HK9FoxVMciUM4HAz/2kcwhXnHDDIj1Yu5yvngZ4bhKGGEXIo
VzudUCtTF2bOwD+44q0rqd6y7hNT
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:44:46 2025 by rpki-client