Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/26B1083ECD7811EF886F56B3762E951A.roa
File: 26B1083ECD7811EF886F56B3762E951A.roa (raw, json)
Hash identifier: TiHWNBRse13paIvlrvuDHguXrwRXHXiBAJ6OgrjIif8=
Subject key identifier: 60:BE:05:9A:DA:51:75:41:C3:4E:F7:5B:FD:B4:4C:C0:46:E6:27:3F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FFC1
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/26B1083ECD7811EF886F56B3762E951A.roa
Signing time: Wed 08 Jan 2025 04:22:20 +0000
ROA not before: Wed 08 Jan 2025 04:22:16 +0000
ROA not after: Sat 13 Dec 2025 04:22:16 +0000
asID: 984
IP address blocks: 156.250.37.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65473 (0xffc1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 04:22:16 2025 GMT
Not After : Dec 13 04:22:16 2025 GMT
Subject: CN=677dfd7c-28ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:63:65:2e:e6:74:10:eb:81:b0:5f:04:a0:3d:
ed:29:5f:ab:a1:20:69:6b:64:a5:08:7b:cf:d9:2e:
72:02:20:5f:7e:c8:4c:f9:a1:ee:26:fd:ba:26:96:
37:fd:50:3b:39:c5:3e:84:99:27:5f:f8:9f:a2:97:
19:b7:82:4c:56:54:75:9d:54:02:a0:59:ef:d1:77:
02:61:38:f4:04:87:ac:5b:24:81:18:31:68:66:2c:
31:2f:a5:60:e1:c6:fe:df:34:0a:59:8d:be:37:86:
ea:fd:d5:98:d8:52:ed:9e:3f:a7:d2:90:81:fb:40:
dd:bc:e4:4b:d4:c5:3e:c1:82:60:ea:52:ec:92:4e:
19:df:63:70:db:87:7d:55:46:18:56:28:6f:b0:6e:
ef:1c:0b:bc:66:27:f6:ba:f5:c4:e4:19:58:74:47:
62:32:76:d4:8d:63:95:10:b7:61:cb:f1:5a:34:5a:
b3:1e:c3:08:95:5e:f4:96:85:64:08:e8:18:2d:7d:
9c:cd:65:3d:bb:19:ce:c1:51:1e:de:b4:1c:b0:8f:
7e:4e:1c:91:a6:be:f7:e4:b8:0d:34:5a:85:c3:a3:
47:40:24:9b:a6:c1:05:5b:67:35:33:7d:56:cd:82:
ca:74:cc:5c:82:ad:0a:77:cd:0d:3e:17:7e:48:c5:
3a:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:BE:05:9A:DA:51:75:41:C3:4E:F7:5B:FD:B4:4C:C0:46:E6:27:3F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/26B1083ECD7811EF886F56B3762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.250.37.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:bc:b7:ac:fb:a2:94:50:18:9c:f1:be:5d:d4:78:cb:91:43:
41:79:56:da:8a:99:27:79:d4:a5:18:a1:03:09:bb:03:ca:5b:
ed:fe:ae:bf:32:b7:9d:31:05:3f:eb:96:37:82:15:29:28:17:
85:31:89:d4:3e:46:90:07:21:5b:d2:19:38:b9:9c:e4:63:cd:
b5:85:6b:7b:6e:b4:d2:1d:f3:67:d4:0a:16:d0:53:d4:83:c5:
49:36:b8:b8:ce:2f:c4:08:91:86:64:be:59:67:57:95:d5:6a:
fc:7d:50:7b:82:87:7a:74:a0:a1:2e:99:fb:a1:11:93:3a:14:
3c:2c:ce:b1:19:74:eb:bc:05:77:58:95:7f:86:3a:b6:cc:c4:
25:ce:af:35:64:0b:66:8b:04:82:28:a5:60:60:ca:eb:42:98:
c6:a3:dc:5c:dc:7c:38:50:0c:b0:67:b3:49:ff:e0:fb:ef:39:
b3:13:1c:4a:62:25:16:59:ba:c0:91:8d:6a:86:8a:92:5b:53:
0c:06:08:c9:37:31:80:6d:d1:26:94:f6:3b:61:c6:ef:e1:5e:
be:a5:47:54:e2:d8:38:83:b9:91:c0:de:17:99:e0:a7:69:47:
a6:77:5b:bb:78:ee:c1:eb:9c:1d:7e:3b:1f:3b:9d:cd:82:6f:
24:b6:0f:61
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP/BMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDQyMjE2WhcNMjUxMjEzMDQyMjE2WjAYMRYw
FAYDVQQDEw02NzdkZmQ3Yy0yOGNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtGNlLuZ0EOuBsF8EoD3tKV+roSBpa2SlCHvP2S5yAiBffshM+aHuJv26
JpY3/VA7OcU+hJknX/ifopcZt4JMVlR1nVQCoFnv0XcCYTj0BIesWySBGDFoZiwx
L6Vg4cb+3zQKWY2+N4bq/dWY2FLtnj+n0pCB+0DdvORL1MU+wYJg6lLskk4Z32Nw
24d9VUYYVihvsG7vHAu8Zif2uvXE5BlYdEdiMnbUjWOVELdhy/FaNFqzHsMIlV70
loVkCOgYLX2czWU9uxnOwVEe3rQcsI9+ThyRpr735LgNNFqFw6NHQCSbpsEFW2c1
M31WzYLKdMxcgq0Kd80NPhd+SMU6gQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGC+
BZraUXVBw073W/20TMBG5ic/MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yNkIxMDgzRUNENzgxMUVGODg2RjU2QjM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPolMA0GCSqGSIb3DQEBCwUA
A4IBAQCbvLes+6KUUBic8b5d1HjLkUNBeVbaipknedSlGKEDCbsDylvt/q6/Mred
MQU/65Y3ghUpKBeFMYnUPkaQByFb0hk4uZzkY821hWt7brTSHfNn1AoW0FPUg8VJ
Nri4zi/ECJGGZL5ZZ1eV1Wr8fVB7god6dKChLpn7oRGTOhQ8LM6xGXTrvAV3WJV/
hjq2zMQlzq81ZAtmiwSCKKVgYMrrQpjGo9xc3Hw4UAywZ7NJ/+D77zmzExxKYiUW
WbrAkY1qhoqSW1MMBgjJNzGAbdEmlPY7Ycbv4V6+pUdU4tg4g7mRwN4XmeCnaUem
d1u7eO7B65wdfjsfO53Ngm8ktg9h
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:41:38 2025 by rpki-client