Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/21435134CDA711EFA857C65C762E951A.roa
File: 21435134CDA711EFA857C65C762E951A.roa (raw, json)
Hash identifier: SqZxzLjrOzyTs/xuNV9O7OLCHmx+3xqLHEGjXBWz1Fc=
Subject key identifier: 44:A5:FB:8F:3D:46:2D:31:B2:63:EC:40:2C:B0:37:D7:C0:D0:76:94
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010131
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/21435134CDA711EFA857C65C762E951A.roa
Signing time: Wed 08 Jan 2025 09:58:37 +0000
ROA not before: Wed 08 Jan 2025 09:58:34 +0000
ROA not after: Mon 13 Dec 2027 09:58:34 +0000
asID: 17561
IP address blocks: 156.254.113.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65841 (0x10131)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 09:58:34 2025 GMT
Not After : Dec 13 09:58:34 2027 GMT
Subject: CN=677e4c4d-e023
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:e9:7e:ed:22:17:ff:b0:bc:8e:df:50:38:88:
75:f6:72:99:31:e5:dc:74:8a:d2:bf:a2:1d:15:52:
d7:11:38:a5:d2:cf:82:2c:11:83:93:3c:c6:a4:8d:
68:75:2c:73:2b:84:97:e0:5b:e2:1b:2b:b4:32:81:
7a:bd:c8:16:93:68:a4:d6:35:28:17:8a:01:1b:e8:
6b:1b:a2:78:35:f2:b3:4e:0d:21:a9:c8:f9:a4:d5:
d2:e9:3c:7e:c8:45:7e:55:78:0e:c2:81:d1:8e:dc:
3f:36:c7:3b:5a:c7:87:df:14:a2:4e:48:fe:ee:76:
f3:49:00:51:33:d2:04:c6:52:ed:9f:b0:87:00:fd:
9d:b5:a2:f6:8f:ee:9f:ce:c7:7c:c1:cf:d6:51:39:
fc:c0:cf:6a:81:bb:bc:a0:37:0f:b0:4c:8a:a8:6f:
7e:11:fb:40:63:f3:93:d4:dc:dc:70:e3:57:08:bc:
a3:54:ef:26:68:3d:a1:39:4a:07:de:ec:2c:cb:32:
fb:20:3e:5d:ca:17:ee:73:d6:94:a2:b4:eb:0a:6d:
8c:e5:2f:09:65:86:fb:17:a3:83:d6:1e:6d:2c:88:
bf:41:8a:d1:4a:9c:54:0a:8a:e5:d6:cd:cd:31:ff:
8c:9f:84:05:cf:18:7f:c9:46:08:ca:7b:0a:9d:16:
40:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:A5:FB:8F:3D:46:2D:31:B2:63:EC:40:2C:B0:37:D7:C0:D0:76:94
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/21435134CDA711EFA857C65C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.254.113.0/24
Signature Algorithm: sha256WithRSAEncryption
81:70:5b:ee:4b:39:76:4c:74:53:de:39:c2:9f:51:a6:5a:6f:
63:bc:46:30:c9:e4:a9:fe:4c:17:8b:22:98:9c:9b:b3:52:97:
2d:f4:b4:00:2d:e8:2a:f4:b6:ce:03:35:28:de:0d:73:fe:4a:
a1:f9:8b:da:8d:e2:f9:a6:e6:d5:cc:9d:d7:8c:31:e8:e5:21:
76:bf:4c:7f:6f:6e:80:66:f4:f5:73:b6:3e:c5:4e:98:c8:42:
b0:33:d4:19:b9:4c:9e:ec:8c:45:04:92:c2:a4:03:19:1f:1d:
a1:7a:22:df:22:5b:5c:90:14:c4:84:48:35:96:77:de:36:a6:
92:cf:c8:8e:00:b8:35:88:1f:1e:bc:54:f6:9e:3a:b1:17:e9:
a3:b1:ed:f9:1f:2c:dd:f6:3a:c2:b9:cf:5b:2c:21:b8:f0:5f:
66:1d:52:b3:65:8a:70:6a:3e:0f:a3:f8:81:fe:7c:48:a4:7b:
18:80:0d:18:28:aa:2a:28:17:0c:d6:62:36:f5:c9:5a:95:fb:
e0:a7:6b:7e:df:41:28:65:cb:2f:d1:6d:30:1b:f1:0b:a3:e0:
25:ea:40:14:45:11:38:dd:4a:26:5a:a5:9c:4a:6a:76:63:e1:
84:f6:7d:5f:9f:4d:d5:2e:58:fd:1d:64:96:48:4e:f9:84:14:
5a:b0:48:85
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQExMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDk1ODM0WhcNMjcxMjEzMDk1ODM0WjAYMRYw
FAYDVQQDEw02NzdlNGM0ZC1lMDIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoOl+7SIX/7C8jt9QOIh19nKZMeXcdIrSv6IdFVLXETil0s+CLBGDkzzG
pI1odSxzK4SX4FviGyu0MoF6vcgWk2ik1jUoF4oBG+hrG6J4NfKzTg0hqcj5pNXS
6Tx+yEV+VXgOwoHRjtw/Nsc7WseH3xSiTkj+7nbzSQBRM9IExlLtn7CHAP2dtaL2
j+6fzsd8wc/WUTn8wM9qgbu8oDcPsEyKqG9+EftAY/OT1NzccONXCLyjVO8maD2h
OUoH3uwsyzL7ID5dyhfuc9aUorTrCm2M5S8JZYb7F6OD1h5tLIi/QYrRSpxUCorl
1s3NMf+Mn4QFzxh/yUYIynsKnRZA/wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFESl
+489Ri0xsmPsQCywN9fA0HaUMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yMTQzNTEzNENEQTcxMUVGQTg1N0M2NUM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP5xMA0GCSqGSIb3DQEBCwUA
A4IBAQCBcFvuSzl2THRT3jnCn1GmWm9jvEYwyeSp/kwXiyKYnJuzUpct9LQALegq
9LbOAzUo3g1z/kqh+YvajeL5pubVzJ3XjDHo5SF2v0x/b26AZvT1c7Y+xU6YyEKw
M9QZuUye7IxFBJLCpAMZHx2heiLfIltckBTEhEg1lnfeNqaSz8iOALg1iB8evFT2
njqxF+mjse35Hyzd9jrCuc9bLCG48F9mHVKzZYpwaj4Po/iB/nxIpHsYgA0YKKoq
KBcM1mI29clalfvgp2t+30EoZcsv0W0wG/ELo+Al6kAURRE43UomWqWcSmp2Y+GE
9n1fn03VLlj9HWSWSE75hBRasEiF
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:58:10 2025 by rpki-client