Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/21E75A7EC33C11EF924EB39B762E951A.roa
File: 21E75A7EC33C11EF924EB39B762E951A.roa (raw, json)
Hash identifier: IRjpSz/Cq2nfRBgf2hYUWyru8VRplOfv7G6uhrwV8rk=
Subject key identifier: C1:C4:88:F5:6B:42:1C:F5:28:EB:A2:09:13:6B:12:A8:7C:B8:DF:AB
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EB91
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/21E75A7EC33C11EF924EB39B762E951A.roa
Signing time: Thu 26 Dec 2024 03:47:31 +0000
ROA not before: Thu 26 Dec 2024 03:47:27 +0000
ROA not after: Fri 10 Dec 2027 03:47:27 +0000
asID: 17561
IP address blocks: 156.244.196.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60305 (0xeb91)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 03:47:27 2024 GMT
Not After : Dec 10 03:47:27 2027 GMT
Subject: CN=676cd1d2-0242
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:ee:2c:fe:a4:91:71:9c:30:86:1a:ce:fe:cb:
d0:67:93:ea:ea:2c:87:05:43:86:09:bd:da:3e:dc:
ff:ef:4b:aa:11:46:2d:b5:fc:1f:d1:85:42:94:bb:
df:10:80:4b:81:1b:92:1b:aa:b7:8e:66:b1:de:21:
ba:a7:b8:2d:bd:57:ac:57:36:eb:5b:a6:26:50:8d:
77:03:eb:de:ef:99:2e:13:85:b9:34:58:ce:29:41:
55:46:8f:e2:3f:50:68:29:2d:39:43:3b:c1:e2:b6:
05:a1:9a:75:3b:85:f0:1c:87:e3:3b:27:d5:85:cf:
48:e5:a1:09:13:fe:b9:16:4b:d3:3f:f3:a7:25:4f:
3c:4a:df:eb:f6:12:01:89:9b:22:25:81:3f:e2:94:
53:37:64:0d:b9:72:93:b2:ee:ec:c5:f9:5e:16:69:
da:47:1e:b1:9c:76:6c:25:4c:23:d5:57:18:00:d3:
4b:82:8f:de:64:c8:e5:7e:df:ad:50:0a:ea:82:e9:
6b:08:c5:88:4e:6e:e2:d6:bc:56:82:17:d1:48:4d:
93:47:3a:26:95:d3:ac:ea:aa:23:44:83:a5:c3:2d:
1f:86:83:f8:b1:f8:1b:a1:ec:94:2d:6d:95:eb:d0:
69:3d:70:7d:99:7e:73:14:b9:6f:04:3f:54:b4:4a:
97:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:C4:88:F5:6B:42:1C:F5:28:EB:A2:09:13:6B:12:A8:7C:B8:DF:AB
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/21E75A7EC33C11EF924EB39B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.244.196.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:b2:af:58:6a:98:67:3d:b7:21:52:c5:b6:74:b8:8c:9c:3f:
ab:e7:c8:fc:29:78:e1:d1:1b:6b:ab:25:61:3d:a0:d6:fb:75:
df:17:74:fa:49:c1:43:f1:2e:4c:58:f4:f1:7a:66:2d:6b:26:
45:d0:b2:e6:66:e3:80:81:81:24:bd:ef:11:74:ad:e9:d1:9a:
1f:f8:d4:c9:8d:a8:70:15:4b:55:50:07:de:1f:3e:a4:21:14:
a5:7b:77:66:4c:65:45:5c:c3:02:f4:88:64:46:03:4f:35:cb:
b8:0b:76:96:3f:9d:14:58:c4:99:08:80:0e:e4:2f:64:dd:19:
00:8b:d8:e9:ea:12:79:9c:40:2d:45:20:8d:25:b2:60:75:cc:
4b:1d:6b:a5:a8:d8:e9:af:5f:41:3e:cc:7c:8b:90:0a:4a:c0:
2d:e0:84:d6:8a:e1:41:2d:17:6c:10:04:f7:01:98:30:1a:68:
c6:98:5b:34:cc:74:75:09:4b:a8:66:02:ba:cf:53:95:6f:82:
c5:1a:ab:70:3e:a3:63:e9:d6:94:a1:5c:f2:ec:d6:cb:d0:34:
f2:b5:3a:65:a0:e6:84:1a:f3:6d:99:62:3d:ee:fd:88:f6:29:
72:bf:7b:1d:15:50:76:cf:1e:49:80:dd:01:7f:21:46:ff:96:
bb:bc:7e:d7
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOuRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDM0NzI3WhcNMjcxMjEwMDM0NzI3WjAYMRYw
FAYDVQQDEw02NzZjZDFkMi0wMjQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxe4s/qSRcZwwhhrO/svQZ5Pq6iyHBUOGCb3aPtz/70uqEUYttfwf0YVC
lLvfEIBLgRuSG6q3jmax3iG6p7gtvVesVzbrW6YmUI13A+ve75kuE4W5NFjOKUFV
Ro/iP1BoKS05QzvB4rYFoZp1O4XwHIfjOyfVhc9I5aEJE/65FkvTP/OnJU88St/r
9hIBiZsiJYE/4pRTN2QNuXKTsu7sxfleFmnaRx6xnHZsJUwj1VcYANNLgo/eZMjl
ft+tUArqgulrCMWITm7i1rxWghfRSE2TRzomldOs6qojRIOlwy0fhoP4sfgboeyU
LW2V69BpPXB9mX5zFLlvBD9UtEqXqwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMHE
iPVrQhz1KOuiCRNrEqh8uN+rMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yMUU3NUE3RUMzM0MxMUVGOTI0RUIzOUI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPTEMA0GCSqGSIb3DQEBCwUA
A4IBAQCosq9YaphnPbchUsW2dLiMnD+r58j8KXjh0RtrqyVhPaDW+3XfF3T6ScFD
8S5MWPTxemYtayZF0LLmZuOAgYEkve8RdK3p0Zof+NTJjahwFUtVUAfeHz6kIRSl
e3dmTGVFXMMC9IhkRgNPNcu4C3aWP50UWMSZCIAO5C9k3RkAi9jp6hJ5nEAtRSCN
JbJgdcxLHWulqNjpr19BPsx8i5AKSsAt4ITWiuFBLRdsEAT3AZgwGmjGmFs0zHR1
CUuoZgK6z1OVb4LFGqtwPqNj6daUoVzy7NbL0DTytTploOaEGvNtmWI97v2I9ily
v3sdFVB2zx5JgN0BfyFG/5a7vH7X
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:59:30 2025 by rpki-client