Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/212B59E2B49F11EFA78B7E7B762E951A.roa
File: 212B59E2B49F11EFA78B7E7B762E951A.roa (raw, json)
Hash identifier: M4KD4ykuJrZnYe51TVqlQ7nrOcZuboorewIA7VvrlQg=
Subject key identifier: FB:8B:DE:CF:82:D0:1E:31:99:6A:6E:85:7C:F9:D6:9E:CF:F6:A7:F5
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E09E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/212B59E2B49F11EFA78B7E7B762E951A.roa
Signing time: Sat 07 Dec 2024 13:28:22 +0000
ROA not before: Sat 07 Dec 2024 13:28:18 +0000
ROA not after: Sun 09 Feb 2025 13:28:18 +0000
asID: 135097
IP address blocks: 156.226.64.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57502 (0xe09e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 7 13:28:18 2024 GMT
Not After : Feb 9 13:28:18 2025 GMT
Subject: CN=67544d76-2c42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:6f:a7:c4:6b:c5:47:26:e5:bb:a1:51:a6:6a:
3e:49:38:a9:c4:90:1e:61:d1:b6:5d:4a:a6:da:8b:
f4:aa:7a:0a:b6:25:de:fc:2a:cd:9d:49:dc:7b:22:
c9:24:04:ba:0f:80:ec:33:64:a6:0b:95:eb:b9:1d:
fc:10:4d:8d:9b:3c:ee:1e:d5:f4:5d:54:6b:36:cb:
e6:e8:c8:57:37:02:02:cb:3e:e6:7e:76:cf:59:41:
de:5d:be:15:5f:ab:c7:c3:99:e3:c9:3f:e9:c2:c8:
17:f0:3d:ee:1e:b5:ae:fa:b0:74:a6:b1:e9:0b:04:
5f:9f:d9:e0:9e:d1:7a:af:d5:e3:1e:7c:97:ed:26:
ad:b8:ea:c0:ab:80:e8:d8:5d:e3:02:26:2b:4c:73:
54:d9:75:17:67:c8:8d:24:30:32:e7:0c:9d:d1:cf:
21:37:21:05:72:df:2f:28:63:e9:f7:55:82:d2:47:
22:a0:ad:1b:63:ee:22:63:d2:47:eb:b3:70:ef:66:
ce:04:d8:44:a5:af:cc:fc:0f:c0:7b:9d:ce:db:dc:
c4:be:ba:f3:86:04:50:3f:f8:a7:60:f7:ea:3d:e7:
b1:58:01:6b:06:1f:bb:bb:b5:af:67:e6:bd:90:8c:
3c:70:d2:9b:16:12:75:43:07:5a:23:52:72:6a:65:
9a:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:8B:DE:CF:82:D0:1E:31:99:6A:6E:85:7C:F9:D6:9E:CF:F6:A7:F5
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/212B59E2B49F11EFA78B7E7B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.226.64.0/18
Signature Algorithm: sha256WithRSAEncryption
ae:b7:2e:99:0c:7c:5e:11:7d:8b:2a:2f:3f:88:99:47:c1:5e:
b3:17:01:91:b6:24:13:ca:6a:c7:f3:30:20:9a:5d:39:e6:eb:
f9:1e:14:34:b5:63:f8:c2:03:e2:6c:1e:5b:95:d3:77:18:cb:
b6:07:00:63:1a:b9:6b:af:51:2c:05:6a:4f:dc:00:16:36:61:
38:67:c7:9f:7b:4b:fe:27:56:62:4d:e9:af:53:99:19:f3:1b:
7e:a6:ef:95:3b:74:8e:7e:41:b6:bd:b7:b5:7b:13:38:0a:4f:
7e:2a:58:cd:c9:22:45:ad:d9:23:3b:e9:7a:33:10:12:b9:73:
dd:15:d8:35:45:88:c3:1a:c4:14:7e:ba:20:d4:12:87:31:66:
4d:e4:7c:dc:60:7a:66:1f:95:c1:26:7c:f1:ef:b7:90:fe:fd:
ba:b6:a1:0b:53:b8:9d:7f:72:60:32:79:60:4a:bf:96:cb:b5:
a5:18:5a:9b:91:e1:d6:2b:f6:04:56:ac:b0:3d:ce:f9:27:ff:
34:8f:1a:74:08:54:61:2f:1c:06:ec:35:76:bb:99:47:aa:c2:
28:52:0d:c2:c2:e1:cc:5e:6d:05:b3:d0:c4:fd:f7:6c:e7:5f:
ed:90:02:20:90:cf:08:af:7a:c9:64:b9:e8:8b:81:71:d6:74:
b4:37:af:af
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOCeMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjA3MTMyODE4WhcNMjUwMjA5MTMyODE4WjAYMRYw
FAYDVQQDEw02NzU0NGQ3Ni0yYzQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAz2+nxGvFRyblu6FRpmo+STipxJAeYdG2XUqm2ov0qnoKtiXe/CrNnUnc
eyLJJAS6D4DsM2SmC5XruR38EE2NmzzuHtX0XVRrNsvm6MhXNwICyz7mfnbPWUHe
Xb4VX6vHw5njyT/pwsgX8D3uHrWu+rB0prHpCwRfn9ngntF6r9XjHnyX7SatuOrA
q4Do2F3jAiYrTHNU2XUXZ8iNJDAy5wyd0c8hNyEFct8vKGPp91WC0kcioK0bY+4i
Y9JH67Nw72bOBNhEpa/M/A/Ae53O29zEvrrzhgRQP/inYPfqPeexWAFrBh+7u7Wv
Z+a9kIw8cNKbFhJ1QwdaI1JyamWaJwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPuL
3s+C0B4xmWpuhXz51p7P9qf1MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yMTJCNTlFMkI0OUYxMUVGQTc4QjdFN0I3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGnOJAMA0GCSqGSIb3DQEBCwUA
A4IBAQCuty6ZDHxeEX2LKi8/iJlHwV6zFwGRtiQTymrH8zAgml055uv5HhQ0tWP4
wgPibB5bldN3GMu2BwBjGrlrr1EsBWpP3AAWNmE4Z8efe0v+J1ZiTemvU5kZ8xt+
pu+VO3SOfkG2vbe1exM4Ck9+KljNySJFrdkjO+l6MxASuXPdFdg1RYjDGsQUfrog
1BKHMWZN5HzcYHpmH5XBJnzx77eQ/v26tqELU7idf3JgMnlgSr+Wy7WlGFqbkeHW
K/YEVqywPc75J/80jxp0CFRhLxwG7DV2u5lHqsIoUg3CwuHMXm0Fs9DE/fds51/t
kAIgkM8Ir3rJZLnoi4Fx1nS0N6+v
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:54:00 2025 by rpki-client