Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/290C76F2C33E11EF8FAB9AA8762E951A.roa
File: 290C76F2C33E11EF8FAB9AA8762E951A.roa (raw, json)
Hash identifier: RKp0rziJF/fAvDbdYz67FkD2lLk7A6KrtijH3Cw6dVA=
Subject key identifier: 55:53:23:02:10:E2:7F:0B:B3:9C:3B:EA:FC:FE:D8:1A:44:A7:0D:F6
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EBA9
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/290C76F2C33E11EF8FAB9AA8762E951A.roa
Signing time: Thu 26 Dec 2024 04:02:02 +0000
ROA not before: Thu 26 Dec 2024 04:01:58 +0000
ROA not after: Fri 10 Dec 2027 04:01:58 +0000
asID: 17561
IP address blocks: 156.244.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60329 (0xeba9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 04:01:58 2024 GMT
Not After : Dec 10 04:01:58 2027 GMT
Subject: CN=676cd539-086d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:21:18:73:d5:0d:28:14:fb:89:ad:c0:ff:74:
d1:af:6a:f0:f2:2a:ca:d2:3d:13:80:4b:6d:15:de:
18:86:4b:ed:8d:cc:e1:3c:1c:d2:9f:92:22:38:73:
0f:bb:49:a2:6c:4f:28:1a:e0:0c:91:12:3b:40:0b:
fe:31:7c:53:5d:58:25:f5:37:a5:b5:13:d0:e0:47:
00:7f:4f:32:ab:2e:23:18:72:23:ce:97:e9:25:56:
36:0f:6d:54:64:10:42:02:39:b0:81:9d:4b:17:36:
8a:c1:a3:02:00:c6:09:f9:df:38:64:37:35:1d:36:
d5:b2:36:27:cb:cb:14:80:fa:90:cc:bd:f9:2e:b2:
05:a1:4e:57:9f:3a:5b:9f:5b:ab:8c:51:40:97:8c:
b4:56:aa:48:dc:6f:cb:60:a3:1e:81:fe:0a:7e:f0:
36:b9:3c:03:98:97:92:df:85:ee:3f:29:7f:20:95:
45:2b:3d:35:cd:65:7b:1c:a4:a2:f0:5c:3f:58:5c:
14:c6:cc:fd:f3:8f:29:e6:e0:fd:fe:f4:f2:df:e1:
72:74:82:cf:47:05:0b:02:97:42:0e:a3:c9:95:88:
aa:9a:3e:52:a1:98:f3:70:ec:51:50:7c:71:74:9d:
46:09:9d:9c:3b:7c:96:d4:5e:86:6a:ca:3f:21:8e:
a5:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:53:23:02:10:E2:7F:0B:B3:9C:3B:EA:FC:FE:D8:1A:44:A7:0D:F6
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/290C76F2C33E11EF8FAB9AA8762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.244.208.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:42:a4:b3:f8:3e:bc:e3:c8:db:74:6b:e2:8a:d5:26:8b:cc:
e5:91:09:2f:e5:f5:2c:e9:15:d3:01:35:8f:e8:6a:83:30:13:
8b:20:93:09:db:13:0a:62:ff:f3:ee:49:e1:c1:97:a8:6e:1a:
83:3b:98:fc:25:cc:c4:18:ac:d8:4d:da:7d:ab:85:7f:f7:53:
25:ef:0b:a3:e0:76:5e:f5:da:6e:fe:14:fb:35:c2:b6:ed:d4:
e9:75:51:6c:20:37:ef:98:35:a9:68:02:4b:2d:1a:60:66:5f:
54:bb:b2:1d:5e:39:e4:a9:44:9d:70:a2:e0:61:7b:02:e5:58:
71:89:a2:7a:e3:52:81:f7:d7:65:7c:86:30:28:5e:39:1b:5b:
ed:42:4f:75:3e:1b:f2:6e:05:38:e2:b2:8b:94:ca:a0:de:56:
63:ac:24:83:cf:32:3a:db:4d:fb:bf:99:e7:f8:1e:28:f0:96:
58:79:67:2d:99:f7:b1:eb:9c:33:03:4c:c9:f6:64:67:83:ab:
15:d1:b0:49:c3:f7:d9:24:3e:98:a0:33:16:87:2c:a5:16:85:
b9:44:a1:3b:3e:90:90:cb:49:8d:f6:29:9b:3d:84:bb:f8:b3:
2e:11:14:24:43:b4:03:9b:77:fe:08:3b:dd:18:df:57:3e:8c:
fb:ee:c2:98
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOupMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDQwMTU4WhcNMjcxMjEwMDQwMTU4WjAYMRYw
FAYDVQQDEw02NzZjZDUzOS0wODZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnCEYc9UNKBT7ia3A/3TRr2rw8irK0j0TgEttFd4YhkvtjczhPBzSn5Ii
OHMPu0mibE8oGuAMkRI7QAv+MXxTXVgl9TeltRPQ4EcAf08yqy4jGHIjzpfpJVY2
D21UZBBCAjmwgZ1LFzaKwaMCAMYJ+d84ZDc1HTbVsjYny8sUgPqQzL35LrIFoU5X
nzpbn1urjFFAl4y0VqpI3G/LYKMegf4KfvA2uTwDmJeS34XuPyl/IJVFKz01zWV7
HKSi8Fw/WFwUxsz9848p5uD9/vTy3+FydILPRwULApdCDqPJlYiqmj5SoZjzcOxR
UHxxdJ1GCZ2cO3yW1F6Gaso/IY6l7QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFVT
IwIQ4n8Ls5w76vz+2BpEpw32MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yOTBDNzZGMkMzM0UxMUVGOEZBQjlBQTg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPTQMA0GCSqGSIb3DQEBCwUA
A4IBAQA7QqSz+D6848jbdGviitUmi8zlkQkv5fUs6RXTATWP6GqDMBOLIJMJ2xMK
Yv/z7knhwZeobhqDO5j8JczEGKzYTdp9q4V/91Ml7wuj4HZe9dpu/hT7NcK27dTp
dVFsIDfvmDWpaAJLLRpgZl9Uu7IdXjnkqUSdcKLgYXsC5VhxiaJ641KB99dlfIYw
KF45G1vtQk91PhvybgU44rKLlMqg3lZjrCSDzzI62037v5nn+B4o8JZYeWctmfex
65wzA0zJ9mRng6sV0bBJw/fZJD6YoDMWhyylFoW5RKE7PpCQy0mN9imbPYS7+LMu
ERQkQ7QDm3f+CDvdGN9XPoz77sKY
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:55:46 2025 by rpki-client