Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1F20A5BAC98211EF89D2BD87762E951A.roa
File: 1F20A5BAC98211EF89D2BD87762E951A.roa (raw, json)
Hash identifier: QMwX2V8thJDGr7PLGwMh3mTfT7Lacd4RewyBV36aIJ8=
Subject key identifier: 1C:42:8D:71:9E:85:48:A5:EA:BC:86:B4:57:81:56:92:AE:61:BD:D4
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F559
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1F20A5BAC98211EF89D2BD87762E951A.roa
Signing time: Fri 03 Jan 2025 03:23:38 +0000
ROA not before: Fri 03 Jan 2025 03:23:34 +0000
ROA not after: Mon 13 Dec 2027 03:23:34 +0000
asID: 17561
IP address blocks: 156.230.18.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62809 (0xf559)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 03:23:34 2025 GMT
Not After : Dec 13 03:23:34 2027 GMT
Subject: CN=6777583a-84c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:07:02:38:0f:d8:c3:48:80:33:ed:c1:0d:bb:
6c:a6:f9:53:d5:2f:4d:97:55:f9:ae:2f:5b:c4:60:
07:fd:af:e8:57:69:e9:06:c3:70:d3:30:b5:18:0a:
2c:c7:ec:dd:4e:9d:1f:80:62:73:0d:20:88:60:96:
32:5c:a5:71:fc:6a:ff:87:80:c2:fd:39:05:a9:63:
ac:c7:0f:a9:87:ef:f4:22:f6:f5:ef:68:1d:53:c0:
6e:14:4d:3a:cd:00:7d:b5:4d:13:4a:91:b4:12:34:
87:b3:6f:a9:d9:c0:42:ba:bd:cf:e4:0d:bf:07:e1:
aa:a2:e5:a5:5e:e0:5e:71:f7:5e:f4:8b:c6:e4:66:
f1:c5:4b:08:5c:1b:50:db:67:83:f3:b8:2e:b9:49:
40:3a:fc:b5:bb:07:7b:1f:f7:56:c5:8c:40:13:40:
9c:03:5a:db:01:3f:31:21:d4:3c:99:f5:68:ef:5b:
a4:06:7a:d4:48:26:67:7c:05:22:5f:4f:6d:49:70:
c1:73:c5:34:2f:57:c9:71:09:c2:67:eb:74:b3:84:
d5:98:6a:5d:3e:41:5e:81:d1:f1:98:d7:30:0d:d9:
f8:72:2e:c7:d4:41:ee:66:07:a9:31:56:d5:23:d6:
c5:2f:3a:47:05:5f:90:b9:b0:7e:7e:a6:27:74:d9:
53:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:42:8D:71:9E:85:48:A5:EA:BC:86:B4:57:81:56:92:AE:61:BD:D4
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1F20A5BAC98211EF89D2BD87762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.230.18.0/24
Signature Algorithm: sha256WithRSAEncryption
69:05:c8:d6:e5:58:4e:31:ce:89:8b:38:6c:a6:63:fe:03:dc:
98:6f:3d:a8:8d:50:c9:79:35:24:d2:3c:b4:72:d5:dd:a9:06:
47:23:92:ac:f2:19:22:85:44:1e:44:3e:6a:fa:00:26:bd:af:
84:ab:c8:ca:cd:f0:43:67:98:7b:57:51:27:50:4a:6b:b1:25:
fc:40:74:d7:7d:55:09:0c:96:b9:7c:fa:38:f4:37:7c:11:6a:
ef:9a:a3:d4:56:1b:68:22:99:52:15:30:b3:3b:06:54:07:13:
48:b1:11:3a:58:59:d7:a5:2d:75:f5:22:8d:2d:e8:23:3e:5f:
2b:0c:6f:f6:20:39:49:d3:36:ae:09:1e:d0:ee:cd:ae:d2:3f:
90:5c:fc:4e:06:1b:a1:ed:a2:9a:cf:c6:3c:42:1b:83:04:f3:
f4:e6:fe:2f:3a:eb:42:ac:c0:31:4e:9d:ab:3d:29:b7:e4:f4:
f7:6e:28:1d:c5:ef:5e:81:39:bb:35:53:37:2c:8f:b8:a0:af:
62:4c:dc:c2:4c:49:9f:b9:ad:dc:7b:ec:80:5c:6f:20:c8:ee:
0b:01:c6:eb:27:42:7c:e9:d7:7f:17:45:9d:8e:33:e1:91:2c:
5f:2f:15:29:c8:df:a3:04:ce:3b:41:5c:7d:78:a1:ca:d8:05:
72:c3:65:1b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPVZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDMyMzM0WhcNMjcxMjEzMDMyMzM0WjAYMRYw
FAYDVQQDEw02Nzc3NTgzYS04NGM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyQcCOA/Yw0iAM+3BDbtspvlT1S9Nl1X5ri9bxGAH/a/oV2npBsNw0zC1
GAosx+zdTp0fgGJzDSCIYJYyXKVx/Gr/h4DC/TkFqWOsxw+ph+/0Ivb172gdU8Bu
FE06zQB9tU0TSpG0EjSHs2+p2cBCur3P5A2/B+GqouWlXuBecfde9IvG5GbxxUsI
XBtQ22eD87guuUlAOvy1uwd7H/dWxYxAE0CcA1rbAT8xIdQ8mfVo71ukBnrUSCZn
fAUiX09tSXDBc8U0L1fJcQnCZ+t0s4TVmGpdPkFegdHxmNcwDdn4ci7H1EHuZgep
MVbVI9bFLzpHBV+QubB+fqYndNlTlQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBxC
jXGehUil6ryGtFeBVpKuYb3UMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xRjIwQTVCQUM5ODIxMUVGODlEMkJEODc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOYSMA0GCSqGSIb3DQEBCwUA
A4IBAQBpBcjW5VhOMc6JizhspmP+A9yYbz2ojVDJeTUk0jy0ctXdqQZHI5Ks8hki
hUQeRD5q+gAmva+Eq8jKzfBDZ5h7V1EnUEprsSX8QHTXfVUJDJa5fPo49Dd8EWrv
mqPUVhtoIplSFTCzOwZUBxNIsRE6WFnXpS119SKNLegjPl8rDG/2IDlJ0zauCR7Q
7s2u0j+QXPxOBhuh7aKaz8Y8QhuDBPP05v4vOutCrMAxTp2rPSm35PT3bigdxe9e
gTm7NVM3LI+4oK9iTNzCTEmfua3ce+yAXG8gyO4LAcbrJ0J86dd/F0WdjjPhkSxf
LxUpyN+jBM47QVx9eKHK2AVyw2Ub
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:58:33 2025 by rpki-client