Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1FE9F18ACCE911EFA1F1EC99762E951A.roa
File: 1FE9F18ACCE911EFA1F1EC99762E951A.roa (raw, json)
Hash identifier: D0PwMY5xhsdfjMCG+45yPDWGNaA2gUCn4L/cyqtSY/s=
Subject key identifier: 78:E4:09:42:B0:11:11:44:BE:E4:EB:B5:A2:B0:AE:20:9D:72:8E:3E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FBE9
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1FE9F18ACCE911EFA1F1EC99762E951A.roa
Signing time: Tue 07 Jan 2025 11:18:31 +0000
ROA not before: Tue 07 Jan 2025 11:18:27 +0000
ROA not after: Mon 13 Dec 2027 11:18:27 +0000
asID: 17561
IP address blocks: 156.235.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64489 (0xfbe9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 11:18:27 2025 GMT
Not After : Dec 13 11:18:27 2027 GMT
Subject: CN=677d0d87-f9bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:63:f6:d8:15:fe:8e:8e:d3:46:f6:24:2c:56:
0b:ae:73:3e:cd:32:46:33:48:f9:28:99:1f:3f:ff:
1f:aa:6e:f0:39:55:42:da:d9:13:90:7f:3b:48:a2:
97:43:fb:37:2e:e7:92:71:56:ea:85:03:e0:ce:a6:
9d:8f:77:21:56:0e:06:4a:9b:a9:8c:78:e1:8c:0e:
a9:cb:e0:60:8f:d5:08:04:91:44:f2:59:4b:02:82:
cd:a0:89:bd:0c:08:d7:2d:91:e2:b5:c9:5f:3f:c4:
5d:29:8b:93:88:7f:47:b9:2f:4a:33:d4:74:af:c0:
46:a9:cc:47:d6:e9:97:97:4f:16:8c:1f:22:e8:c5:
05:d4:c3:56:72:dd:55:97:f0:25:cf:71:58:64:3d:
c1:28:82:c7:1a:ac:fe:1c:cd:b6:51:9b:44:d8:8d:
8f:9f:a9:a2:dd:00:96:bd:01:6a:60:fa:c7:e2:ec:
09:c5:e5:27:f1:60:a9:f6:41:73:42:53:c3:c6:29:
60:95:54:10:bf:24:a5:46:65:48:33:41:91:e2:a8:
77:a8:65:30:31:37:e4:fa:64:69:1a:a1:44:a4:d2:
bb:c6:ea:2e:7d:09:2a:b4:b9:b0:11:7f:1e:3c:0e:
96:ec:64:df:f7:94:11:7a:b4:db:ba:fe:58:17:6b:
a4:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:E4:09:42:B0:11:11:44:BE:E4:EB:B5:A2:B0:AE:20:9D:72:8E:3E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1FE9F18ACCE911EFA1F1EC99762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.235.123.0/24
Signature Algorithm: sha256WithRSAEncryption
50:99:c5:a3:5c:79:bf:16:db:5f:f3:08:30:94:36:9e:d2:11:
c2:fb:51:8b:0b:15:15:72:6e:e3:60:50:19:b3:f6:44:8d:1c:
b5:17:49:a0:04:ae:6a:a2:41:7a:de:2b:a3:5b:1e:a4:e6:dd:
3f:b0:92:13:b4:e8:84:3c:a0:7d:e2:56:23:a8:8f:cf:97:93:
ac:59:5a:9d:c3:72:8d:49:cc:42:cd:33:13:11:e1:aa:f0:96:
01:96:16:76:57:88:3a:0b:2e:c7:68:e1:15:ec:64:3b:e6:05:
b2:2e:8f:00:c4:36:44:33:9e:d6:92:93:54:07:0a:cd:66:dc:
0f:7a:d2:85:8a:59:66:38:1e:66:44:cb:f3:b9:53:21:b6:5b:
eb:22:1f:ed:e0:15:75:a3:2d:ad:d3:f5:a6:28:7b:ec:96:ed:
e5:04:45:08:da:3a:4e:8d:b8:b4:bb:5d:a6:53:57:71:e0:22:
f9:4f:14:62:1f:ab:e1:ab:0b:2f:2f:b2:89:cc:d0:f8:3f:dd:
97:42:5c:74:78:35:16:87:c9:ec:cd:9b:04:c3:3f:e3:2c:19:
bf:98:65:71:95:74:ba:84:ff:e8:1e:71:25:e0:7d:06:cc:b7:
18:e9:b8:d3:27:e4:fd:c0:18:2e:98:d2:2d:3d:79:e7:a7:e5:
15:7b:3d:0a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPvpMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTExODI3WhcNMjcxMjEzMTExODI3WjAYMRYw
FAYDVQQDEw02NzdkMGQ4Ny1mOWJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAomP22BX+jo7TRvYkLFYLrnM+zTJGM0j5KJkfP/8fqm7wOVVC2tkTkH87
SKKXQ/s3LueScVbqhQPgzqadj3chVg4GSpupjHjhjA6py+Bgj9UIBJFE8llLAoLN
oIm9DAjXLZHitclfP8RdKYuTiH9HuS9KM9R0r8BGqcxH1umXl08WjB8i6MUF1MNW
ct1Vl/Alz3FYZD3BKILHGqz+HM22UZtE2I2Pn6mi3QCWvQFqYPrH4uwJxeUn8WCp
9kFzQlPDxilglVQQvySlRmVIM0GR4qh3qGUwMTfk+mRpGqFEpNK7xuoufQkqtLmw
EX8ePA6W7GTf95QRerTbuv5YF2uk1QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHjk
CUKwERFEvuTrtaKwriCdco4+MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xRkU5RjE4QUNDRTkxMUVGQTFGMUVDOTk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOt7MA0GCSqGSIb3DQEBCwUA
A4IBAQBQmcWjXHm/Fttf8wgwlDae0hHC+1GLCxUVcm7jYFAZs/ZEjRy1F0mgBK5q
okF63iujWx6k5t0/sJITtOiEPKB94lYjqI/Pl5OsWVqdw3KNScxCzTMTEeGq8JYB
lhZ2V4g6Cy7HaOEV7GQ75gWyLo8AxDZEM57WkpNUBwrNZtwPetKFillmOB5mRMvz
uVMhtlvrIh/t4BV1oy2t0/WmKHvslu3lBEUI2jpOjbi0u12mU1dx4CL5TxRiH6vh
qwsvL7KJzND4P92XQlx0eDUWh8nszZsEwz/jLBm/mGVxlXS6hP/oHnEl4H0GzLcY
6bjTJ+T9wBgumNItPXnnp+UVez0K
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:55:47 2025 by rpki-client