Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/319CB7ECCCF711EFB635F570762E951A.roa
File: 319CB7ECCCF711EFB635F570762E951A.roa (raw, json)
Hash identifier: sGBx+6Fck8aHbPSkaog2NJ+3pL8n8MTK4HJqvTZvaBI=
Subject key identifier: AC:4D:E3:E4:97:44:F0:D1:FF:E4:71:FD:09:0B:A2:B3:23:83:FF:5C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FC21
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/319CB7ECCCF711EFB635F570762E951A.roa
Signing time: Tue 07 Jan 2025 12:59:13 +0000
ROA not before: Tue 07 Jan 2025 12:59:10 +0000
ROA not after: Mon 13 Dec 2027 12:59:10 +0000
asID: 17561
IP address blocks: 156.236.86.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64545 (0xfc21)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 12:59:10 2025 GMT
Not After : Dec 13 12:59:10 2027 GMT
Subject: CN=677d2521-5ba9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:fe:7c:16:19:9d:a2:c2:76:af:a5:c5:21:5a:
83:f7:23:1f:e4:05:f8:51:65:dd:b7:af:c9:de:27:
63:0f:7d:d3:6a:b4:e7:fb:36:cc:99:a3:5b:60:be:
25:1c:5d:9b:45:22:70:41:b0:f5:e8:36:8a:d1:78:
d2:ef:8a:8d:37:ee:d8:ab:54:ed:b5:99:53:7f:70:
f8:e3:54:83:11:59:da:d6:79:41:44:d6:6e:d3:c6:
31:3c:3b:2b:99:97:60:00:e7:98:97:c0:66:90:2d:
33:0b:6c:25:2f:0e:f1:94:62:d4:e1:57:b4:ba:5e:
67:10:c3:ea:92:fe:b3:50:d9:22:2e:96:95:07:03:
1a:fe:ca:49:cb:82:2b:4d:08:a8:0f:57:9b:37:68:
7c:a7:36:f6:a2:8d:11:c6:9a:a2:19:ca:50:0d:42:
aa:ec:32:ed:63:b6:f3:2a:e3:18:79:18:4d:8e:53:
b4:18:9e:7e:b7:99:9b:0e:61:20:86:44:50:16:ea:
bb:24:24:2f:a6:41:b1:71:93:5e:b7:af:13:82:9c:
1a:58:3a:d8:ca:0e:c5:a6:6c:f2:c0:3f:98:44:99:
8e:1d:07:12:dc:2a:e3:4c:39:d7:e2:82:5c:d0:91:
45:91:8a:f8:fe:36:f6:5c:fe:1e:c7:cb:56:3e:f0:
63:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:4D:E3:E4:97:44:F0:D1:FF:E4:71:FD:09:0B:A2:B3:23:83:FF:5C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/319CB7ECCCF711EFB635F570762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.236.86.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:d9:b4:2c:74:2a:0e:80:53:f4:ab:bb:35:63:9e:47:28:b5:
ef:69:3f:56:2a:b6:a6:bb:4a:b9:41:6e:9a:63:6d:cc:73:4e:
13:63:d4:11:52:77:ba:f6:df:d4:72:0c:9a:65:63:d6:de:f8:
77:1a:ae:5c:ea:23:b3:bd:2f:9d:b5:1f:80:be:5d:37:82:1d:
90:c8:59:f3:bb:ca:d8:e8:c1:64:94:b5:33:97:ee:42:bc:24:
c9:3d:8a:37:62:04:17:30:a2:84:b6:44:0f:f5:3d:ba:5d:d5:
65:fc:2d:29:3d:13:5b:4a:27:d5:f4:08:f4:35:21:ad:d0:dd:
c9:22:5d:c5:af:5c:1b:f5:29:b9:49:e7:db:80:64:d9:51:f5:
e3:1a:56:b6:bb:e8:4d:23:79:54:2d:97:8f:93:57:96:a1:60:
69:0e:a4:71:24:6b:8c:b9:59:6e:6d:92:56:6e:7e:31:88:64:
79:a7:dd:3d:ea:e2:dd:db:b3:b5:a4:e8:fb:d9:6e:d7:61:66:
d5:30:f2:d2:b6:9e:e9:d7:e1:85:b2:a1:3f:cd:31:e5:9c:a0:
20:3d:f2:ee:59:6b:56:1c:4e:85:51:4d:93:3e:57:4c:5a:fe:
aa:0e:94:0c:6e:0b:04:fc:11:f0:fa:a0:9f:13:78:f2:63:a6:
1b:8d:e6:93
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPwhMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTI1OTEwWhcNMjcxMjEzMTI1OTEwWjAYMRYw
FAYDVQQDEw02NzdkMjUyMS01YmE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0P58FhmdosJ2r6XFIVqD9yMf5AX4UWXdt6/J3idjD33TarTn+zbMmaNb
YL4lHF2bRSJwQbD16DaK0XjS74qNN+7Yq1TttZlTf3D441SDEVna1nlBRNZu08Yx
PDsrmZdgAOeYl8BmkC0zC2wlLw7xlGLU4Ve0ul5nEMPqkv6zUNkiLpaVBwMa/spJ
y4IrTQioD1ebN2h8pzb2oo0RxpqiGcpQDUKq7DLtY7bzKuMYeRhNjlO0GJ5+t5mb
DmEghkRQFuq7JCQvpkGxcZNet68TgpwaWDrYyg7FpmzywD+YRJmOHQcS3CrjTDnX
4oJc0JFFkYr4/jb2XP4ex8tWPvBjTwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKxN
4+SXRPDR/+Rx/QkLorMjg/9cMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zMTlDQjdFQ0NDRjcxMUVGQjYzNUY1NzA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOxWMA0GCSqGSIb3DQEBCwUA
A4IBAQAL2bQsdCoOgFP0q7s1Y55HKLXvaT9WKramu0q5QW6aY23Mc04TY9QRUne6
9t/UcgyaZWPW3vh3Gq5c6iOzvS+dtR+Avl03gh2QyFnzu8rY6MFklLUzl+5CvCTJ
PYo3YgQXMKKEtkQP9T26XdVl/C0pPRNbSifV9Aj0NSGt0N3JIl3Fr1wb9Sm5Sefb
gGTZUfXjGla2u+hNI3lULZePk1eWoWBpDqRxJGuMuVlubZJWbn4xiGR5p9096uLd
27O1pOj72W7XYWbVMPLStp7p1+GFsqE/zTHlnKAgPfLuWWtWHE6FUU2TPldMWv6q
DpQMbgsE/BHw+qCfE3jyY6YbjeaT
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:46:40 2025 by rpki-client