Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2496BF3ACDAA11EF98632270762E951A.roa
File: 2496BF3ACDAA11EF98632270762E951A.roa (raw, json)
Hash identifier: X1ZEAbEQThnGLFlBEmSeUQghJ66VYZ7Kv/VJMMzLC7o=
Subject key identifier: 87:56:23:21:96:ED:8F:33:92:6E:29:D2:B9:41:06:CA:0C:A9:D8:04
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010149
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2496BF3ACDAA11EF98632270762E951A.roa
Signing time: Wed 08 Jan 2025 10:20:11 +0000
ROA not before: Wed 08 Jan 2025 10:20:08 +0000
ROA not after: Mon 13 Dec 2027 10:20:08 +0000
asID: 17561
IP address blocks: 156.255.39.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65865 (0x10149)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 10:20:08 2025 GMT
Not After : Dec 13 10:20:08 2027 GMT
Subject: CN=677e515b-c0a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:b6:71:b9:72:6e:42:34:f5:65:31:21:43:c1:
74:5b:e4:8b:71:30:08:8e:fe:4f:ed:3d:c8:58:29:
b4:91:b4:4a:4f:bd:e5:59:1e:c3:6f:0b:57:43:21:
db:7e:47:64:80:a7:bd:32:8d:ce:f9:18:0a:a2:2b:
86:4e:16:de:ad:81:f6:38:57:c8:6b:42:7f:37:3f:
58:bd:ba:73:78:43:6a:b6:e9:2f:99:24:27:83:a8:
28:0e:6d:b7:89:5d:15:82:b3:6d:9e:97:cc:0e:5f:
08:d2:c0:0c:9a:51:74:74:cf:9f:0c:3d:7f:31:87:
7c:90:13:f1:5f:e6:d4:b0:82:04:27:21:aa:22:5d:
9e:16:ce:f5:c5:cc:4f:87:df:4d:c9:61:90:d6:4b:
a6:94:fe:36:31:6c:73:93:57:b3:5c:a9:15:d9:68:
48:e7:c2:92:9a:c4:ae:d1:78:e7:5c:6c:5e:e5:40:
bc:45:5c:9c:84:3c:f0:15:14:3d:5a:58:1b:bc:e4:
44:f5:75:7f:6d:27:f2:75:39:25:a4:fe:1f:d7:5a:
b4:47:e6:7f:b9:09:02:a3:64:7f:4d:fe:af:f8:9c:
93:b6:d1:68:6e:cd:38:e7:02:92:c2:0d:1b:15:49:
11:cb:b3:f4:c2:ba:32:f2:5a:8a:80:55:67:f6:44:
7f:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:56:23:21:96:ED:8F:33:92:6E:29:D2:B9:41:06:CA:0C:A9:D8:04
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2496BF3ACDAA11EF98632270762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.255.39.0/24
Signature Algorithm: sha256WithRSAEncryption
98:9e:e7:a6:75:b8:97:85:c2:ee:0d:f3:6c:66:4a:b4:bc:09:
ab:e2:56:11:57:be:28:a9:e7:3d:3d:82:f8:fb:5c:50:15:13:
26:b5:ec:f5:67:68:6b:28:8d:22:52:38:9a:79:d4:01:7b:78:
55:61:d6:03:f1:c1:60:ca:da:47:98:13:ca:27:36:63:ad:db:
8f:9e:27:ac:bc:aa:11:22:c9:0f:17:91:5e:78:0a:c6:e1:dc:
b2:bf:0a:06:46:fe:5f:3e:f5:fd:6e:93:84:c0:cf:c1:8d:49:
2e:cc:c2:19:b5:d3:3a:a2:84:65:e3:94:a9:24:73:63:7a:10:
e8:01:72:d3:fc:82:a9:49:7a:30:e3:02:95:69:1b:df:f6:12:
ba:66:a1:73:d6:8f:74:18:b0:2e:2a:90:13:f6:38:6a:9b:8c:
dc:2d:57:cc:6f:35:98:c1:df:0c:62:18:86:9b:08:76:f0:49:
69:0b:15:ea:6e:9f:96:8a:e5:86:c0:ad:d9:17:26:99:16:fb:
1b:dc:0d:f2:31:76:14:21:e3:60:c6:d1:4d:98:92:c1:35:d7:
ca:00:73:4c:ca:28:19:08:96:95:48:89:df:7e:9b:04:d2:f5:
ff:b0:dd:b0:f7:69:b0:2b:46:94:b2:71:f1:69:2c:ca:dc:f8:
6a:9e:7c:67
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQFJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MTAyMDA4WhcNMjcxMjEzMTAyMDA4WjAYMRYw
FAYDVQQDEw02NzdlNTE1Yi1jMGEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv7ZxuXJuQjT1ZTEhQ8F0W+SLcTAIjv5P7T3IWCm0kbRKT73lWR7DbwtX
QyHbfkdkgKe9Mo3O+RgKoiuGThberYH2OFfIa0J/Nz9YvbpzeENqtukvmSQng6go
Dm23iV0VgrNtnpfMDl8I0sAMmlF0dM+fDD1/MYd8kBPxX+bUsIIEJyGqIl2eFs71
xcxPh99NyWGQ1kumlP42MWxzk1ezXKkV2WhI58KSmsSu0XjnXGxe5UC8RVychDzw
FRQ9WlgbvORE9XV/bSfydTklpP4f11q0R+Z/uQkCo2R/Tf6v+JyTttFobs045wKS
wg0bFUkRy7P0wroy8lqKgFVn9kR/+QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIdW
IyGW7Y8zkm4p0rlBBsoMqdgEMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yNDk2QkYzQUNEQUExMUVGOTg2MzIyNzA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP8nMA0GCSqGSIb3DQEBCwUA
A4IBAQCYnuemdbiXhcLuDfNsZkq0vAmr4lYRV74oqec9PYL4+1xQFRMmtez1Z2hr
KI0iUjiaedQBe3hVYdYD8cFgytpHmBPKJzZjrduPniesvKoRIskPF5FeeArG4dyy
vwoGRv5fPvX9bpOEwM/BjUkuzMIZtdM6ooRl45SpJHNjehDoAXLT/IKpSXow4wKV
aRvf9hK6ZqFz1o90GLAuKpAT9jhqm4zcLVfMbzWYwd8MYhiGmwh28ElpCxXqbp+W
iuWGwK3ZFyaZFvsb3A3yMXYUIeNgxtFNmJLBNdfKAHNMyigZCJaVSInffpsE0vX/
sN2w92mwK0aUsnHxaSzK3Phqnnxn
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:53:26 2025 by rpki-client