Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/24A8B396C33411EF87EA8967762E951A.roa
File: 24A8B396C33411EF87EA8967762E951A.roa (raw, json)
Hash identifier: j+k6aucrJvFTSfc8WLHBefXPDLTdD1Iaq/UCYASMNVA=
Subject key identifier: AC:E6:7D:4B:E4:73:C7:F8:D1:35:EC:59:3E:C7:FF:7D:1D:19:36:22
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EB33
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/24A8B396C33411EF87EA8967762E951A.roa
Signing time: Thu 26 Dec 2024 02:50:19 +0000
ROA not before: Thu 26 Dec 2024 02:50:16 +0000
ROA not after: Fri 10 Dec 2027 02:50:16 +0000
asID: 17561
IP address blocks: 156.244.149.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60211 (0xeb33)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 02:50:16 2024 GMT
Not After : Dec 10 02:50:16 2027 GMT
Subject: CN=676cc46b-1bbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:43:2d:8f:f4:4e:71:d7:bc:35:e5:6b:f6:23:
6d:66:1a:c6:ca:68:c0:35:da:43:9e:84:26:97:89:
db:47:18:d4:e7:16:e6:99:e8:89:08:17:ba:37:68:
31:03:4e:5e:91:d2:2a:13:94:66:6b:61:21:ce:0e:
d9:ff:94:b8:a1:96:72:2e:b3:59:2e:a8:0e:e3:41:
09:d0:1c:7a:90:88:a7:69:13:15:72:10:0b:16:21:
d2:ea:72:ba:89:27:2f:24:f2:c7:4d:a6:15:b0:b1:
df:70:fb:2c:9a:69:b2:26:24:1b:c3:3e:0f:b4:4f:
5e:1a:84:e3:4f:82:6b:10:44:1d:1f:62:73:a4:bc:
1d:cf:ce:2e:13:71:a2:85:ec:a8:25:19:19:27:1d:
fb:a1:36:34:87:f3:03:05:13:bb:db:de:6a:ef:03:
a5:f9:5a:eb:f6:00:12:32:a4:c8:89:a7:81:48:af:
82:8e:70:3c:1b:e6:5c:ea:95:8e:64:7d:1a:dd:02:
be:c5:a6:64:cd:09:28:73:4a:3b:ce:8a:d9:06:23:
16:6b:17:80:bf:78:16:1e:d1:0b:92:4d:18:01:e8:
d1:40:33:29:e7:05:e1:2b:9d:96:85:8c:36:b0:ce:
2a:03:d6:c1:b3:9f:85:5a:d5:14:a7:50:c3:11:a9:
6a:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:E6:7D:4B:E4:73:C7:F8:D1:35:EC:59:3E:C7:FF:7D:1D:19:36:22
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/24A8B396C33411EF87EA8967762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.244.149.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:94:71:36:a0:73:79:e8:da:0d:b3:f1:51:da:e6:69:64:65:
e6:c6:e0:c9:58:24:d6:48:ca:a5:c2:70:a3:59:fb:6c:a1:5c:
fd:1a:c9:3b:ad:14:ca:67:c2:00:f9:6d:f7:c2:7d:80:76:c1:
7a:6a:c8:20:e3:3a:42:da:96:5b:8a:5d:90:96:bf:47:fa:bf:
f4:89:44:a9:95:8f:c3:c1:10:a1:12:22:f5:ba:d7:42:fe:39:
ed:16:55:a3:b8:e4:22:a2:c5:70:57:2e:b8:50:79:cc:a7:b5:
bf:0c:60:67:9a:02:6f:58:5a:77:44:23:15:7f:35:f5:63:a0:
52:bd:d2:e7:48:c9:96:04:6c:10:e4:8a:25:a4:6d:09:c3:23:
31:ed:47:a1:0d:95:df:4a:53:6b:03:12:36:09:01:80:24:91:
a6:5f:16:1c:3c:69:fa:d0:35:85:3e:d2:6c:15:4b:c3:0c:d2:
ad:fa:2b:0d:99:3e:99:91:4f:a6:4a:d5:88:f2:84:c8:d5:ac:
9a:60:70:2e:c3:5e:80:d5:d4:b2:72:55:42:2c:c3:56:7a:14:
a8:f2:72:10:6c:6e:ff:dc:d4:5f:9e:fa:60:a3:9b:dc:e8:70:
b8:24:7b:e2:fd:57:f2:65:75:90:db:a5:90:a6:41:6c:4e:30:
b3:2c:a0:34
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOszMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDI1MDE2WhcNMjcxMjEwMDI1MDE2WjAYMRYw
FAYDVQQDEw02NzZjYzQ2Yi0xYmJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvEMtj/ROcde8NeVr9iNtZhrGymjANdpDnoQml4nbRxjU5xbmmeiJCBe6
N2gxA05ekdIqE5Rma2Ehzg7Z/5S4oZZyLrNZLqgO40EJ0Bx6kIinaRMVchALFiHS
6nK6iScvJPLHTaYVsLHfcPssmmmyJiQbwz4PtE9eGoTjT4JrEEQdH2JzpLwdz84u
E3GiheyoJRkZJx37oTY0h/MDBRO7295q7wOl+Vrr9gASMqTIiaeBSK+CjnA8G+Zc
6pWOZH0a3QK+xaZkzQkoc0o7zorZBiMWaxeAv3gWHtELkk0YAejRQDMp5wXhK52W
hYw2sM4qA9bBs5+FWtUUp1DDEalqXwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKzm
fUvkc8f40TXsWT7H/30dGTYiMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yNEE4QjM5NkMzMzQxMUVGODdFQTg5Njc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPSVMA0GCSqGSIb3DQEBCwUA
A4IBAQB/lHE2oHN56NoNs/FR2uZpZGXmxuDJWCTWSMqlwnCjWftsoVz9Gsk7rRTK
Z8IA+W33wn2AdsF6asgg4zpC2pZbil2Qlr9H+r/0iUSplY/DwRChEiL1utdC/jnt
FlWjuOQiosVwVy64UHnMp7W/DGBnmgJvWFp3RCMVfzX1Y6BSvdLnSMmWBGwQ5Iol
pG0JwyMx7UehDZXfSlNrAxI2CQGAJJGmXxYcPGn60DWFPtJsFUvDDNKt+isNmT6Z
kU+mStWI8oTI1ayaYHAuw16A1dSyclVCLMNWehSo8nIQbG7/3NRfnvpgo5vc6HC4
JHvi/VfyZXWQ26WQpkFsTjCzLKA0
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:42:28 2025 by rpki-client