Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/22138AB0CDA811EFB1314C63762E951A.roa
File: 22138AB0CDA811EFB1314C63762E951A.roa (raw, json)
Hash identifier: JUCOUa0yJ/OnruB9IFaoRZ54pG0NNBs2QlaxPYqWiN8=
Subject key identifier: 65:94:C3:9D:29:1D:DC:0A:D2:00:DD:89:81:F6:F1:29:40:93:2B:B8
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010139
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/22138AB0CDA811EFB1314C63762E951A.roa
Signing time: Wed 08 Jan 2025 10:05:48 +0000
ROA not before: Wed 08 Jan 2025 10:05:45 +0000
ROA not after: Sat 13 Dec 2025 10:05:45 +0000
asID: 984
IP address blocks: 156.255.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65849 (0x10139)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 10:05:45 2025 GMT
Not After : Dec 13 10:05:45 2025 GMT
Subject: CN=677e4dfc-9784
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:38:ff:57:d7:07:d9:c4:f2:1e:d1:f6:bc:93:
c3:2a:d2:c7:41:f1:62:93:94:cd:65:d7:32:5c:29:
92:48:55:3e:40:c9:39:07:b0:d5:96:26:b9:97:d1:
be:10:33:07:21:1c:93:c3:81:65:1e:5b:68:0a:32:
24:98:6c:a6:16:9b:31:4b:e2:01:60:f6:46:42:8b:
a2:a3:e0:01:74:07:d2:31:e7:7d:48:fd:26:19:aa:
4b:6c:c1:62:73:19:26:56:07:41:7c:b1:de:3a:37:
5d:bf:89:a6:53:11:1a:5b:d8:1d:60:32:09:fe:e9:
37:8c:59:a2:08:8b:d9:3c:32:eb:e5:e7:65:3d:60:
f4:51:55:d1:60:80:5d:64:02:4c:62:86:01:c9:5c:
ee:4d:a9:6a:2e:55:08:fc:fc:23:58:af:14:ef:bb:
14:0d:ba:77:29:48:d6:89:ce:e3:fb:73:2d:fa:85:
01:71:20:1b:ff:79:7a:6d:1b:ba:f0:cb:49:77:d4:
fc:53:51:88:58:9b:d4:a9:3d:f7:25:53:ad:43:3e:
22:bf:3f:7d:de:c2:85:98:b3:11:8e:4e:a8:d2:05:
f5:67:41:1f:35:44:19:7b:e6:0e:43:e2:7d:82:1a:
92:0b:f2:60:49:df:cb:36:22:60:ac:8f:49:c3:72:
31:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:94:C3:9D:29:1D:DC:0A:D2:00:DD:89:81:F6:F1:29:40:93:2B:B8
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/22138AB0CDA811EFB1314C63762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.255.15.0/24
Signature Algorithm: sha256WithRSAEncryption
18:f4:9a:f9:2a:39:3b:d1:f3:d3:a6:6e:47:c7:fb:5b:df:9f:
35:97:47:07:4d:14:94:eb:64:88:ee:19:f7:9d:af:f1:40:5e:
c4:cb:2b:ea:41:9b:df:5a:e5:8b:0b:5a:97:1b:76:8e:4c:3d:
82:e4:d9:58:ed:0d:87:7c:b6:9c:af:c7:67:20:6e:c6:28:2c:
70:a2:6c:60:98:ae:58:1b:e3:9b:26:3b:d3:ac:56:d7:f0:01:
f6:c2:62:08:f3:20:39:6d:2b:0c:83:0f:de:f0:88:35:3b:1c:
a7:89:6c:e4:52:ee:45:b9:f7:28:bc:00:5b:1c:82:3d:1d:17:
1f:ee:12:a1:c4:9c:80:40:a9:1f:8c:9a:44:6c:74:e0:01:d8:
98:7b:8f:cd:01:a6:96:67:15:da:cf:ef:97:e0:f7:24:fa:55:
c0:0a:13:c9:6b:b1:7f:be:b4:ce:d6:71:40:5b:c1:52:f9:13:
ce:6d:4f:6f:7b:31:43:05:3a:76:cf:01:95:f0:50:1c:b1:7d:
09:f6:ff:93:52:8d:31:d2:b3:8b:c6:f6:12:28:e9:a4:e2:50:
51:e5:fa:c7:2c:b6:d3:0f:71:cc:06:17:2f:60:c2:87:f4:fb:
d5:a2:cf:c3:19:43:65:e1:41:fb:a3:5f:2d:63:3a:1b:ae:b6:
71:a3:0a:2b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQE5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MTAwNTQ1WhcNMjUxMjEzMTAwNTQ1WjAYMRYw
FAYDVQQDEw02NzdlNGRmYy05Nzg0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtTj/V9cH2cTyHtH2vJPDKtLHQfFik5TNZdcyXCmSSFU+QMk5B7DVlia5
l9G+EDMHIRyTw4FlHltoCjIkmGymFpsxS+IBYPZGQouio+ABdAfSMed9SP0mGapL
bMFicxkmVgdBfLHeOjddv4mmUxEaW9gdYDIJ/uk3jFmiCIvZPDLr5edlPWD0UVXR
YIBdZAJMYoYByVzuTalqLlUI/PwjWK8U77sUDbp3KUjWic7j+3Mt+oUBcSAb/3l6
bRu68MtJd9T8U1GIWJvUqT33JVOtQz4ivz993sKFmLMRjk6o0gX1Z0EfNUQZe+YO
Q+J9ghqSC/JgSd/LNiJgrI9Jw3Ix2QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGWU
w50pHdwK0gDdiYH28SlAkyu4MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yMjEzOEFCMENEQTgxMUVGQjEzMTRDNjM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP8PMA0GCSqGSIb3DQEBCwUA
A4IBAQAY9Jr5Kjk70fPTpm5Hx/tb3581l0cHTRSU62SI7hn3na/xQF7EyyvqQZvf
WuWLC1qXG3aOTD2C5NlY7Q2HfLacr8dnIG7GKCxwomxgmK5YG+ObJjvTrFbX8AH2
wmII8yA5bSsMgw/e8Ig1OxyniWzkUu5FufcovABbHII9HRcf7hKhxJyAQKkfjJpE
bHTgAdiYe4/NAaaWZxXaz++X4Pck+lXAChPJa7F/vrTO1nFAW8FS+RPObU9vezFD
BTp2zwGV8FAcsX0J9v+TUo0x0rOLxvYSKOmk4lBR5frHLLbTD3HMBhcvYMKH9PvV
os/DGUNl4UH7o18tYzobrrZxowor
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:50:05 2025 by rpki-client