Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/391CA9CAD24A11EFABD8D242762E951A.roa
File: 391CA9CAD24A11EFABD8D242762E951A.roa (raw, json)
Hash identifier: FdlWFH992msArtIHMcYNGA97tPz+a3DXul/ac6fZTdA=
Subject key identifier: 41:6C:31:98:47:71:C0:52:04:DF:28:17:21:27:8A:4B:63:95:34:A8
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0106EC
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/391CA9CAD24A11EFABD8D242762E951A.roa
Signing time: Tue 14 Jan 2025 07:36:10 +0000
ROA not before: Tue 14 Jan 2025 07:36:06 +0000
ROA not after: Tue 18 Feb 2025 07:36:06 +0000
asID: 61112
IP address blocks: 156.246.88.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67308 (0x106ec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 14 07:36:06 2025 GMT
Not After : Feb 18 07:36:06 2025 GMT
Subject: CN=678613ea-43f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:5b:76:d2:53:0c:24:a4:df:c4:38:80:fc:75:
c5:42:bb:62:c0:53:2f:10:ee:86:22:a9:20:c2:52:
78:f2:e7:a8:90:9f:d0:5b:c8:ab:57:7d:c5:a2:3f:
4b:ef:92:22:4b:b6:03:05:f0:17:cc:e5:70:f0:4e:
4c:c8:1a:07:c5:1c:1f:fd:b6:b6:88:89:23:11:8b:
fa:74:e4:e3:74:57:fe:2d:53:04:d4:8a:f0:82:cd:
aa:e9:c7:2e:67:01:f8:c1:53:cc:45:fc:cc:6f:46:
8e:d8:6b:d4:be:42:97:02:f9:48:95:41:b4:cc:71:
9b:36:a2:9f:97:d7:74:a4:51:83:ab:63:eb:c6:fc:
f2:63:82:dd:9d:ce:ee:3c:16:b0:1b:55:87:12:b0:
4e:25:70:73:d9:53:9c:17:f6:69:c1:e8:67:dd:3e:
55:5b:98:e5:01:de:82:b1:e0:06:ea:cc:86:2f:0e:
22:a5:e3:64:56:c2:12:44:05:ff:fd:ec:0c:34:60:
0a:01:81:5b:b7:23:62:4d:73:bc:4c:c8:cc:63:64:
d2:fc:ba:bf:ab:9b:5e:d1:52:de:65:cf:68:eb:bb:
4e:c8:4a:83:50:42:a6:a4:7e:aa:b7:b0:ae:5f:8e:
ff:cd:92:3e:83:e7:9e:d0:e7:77:7c:ad:aa:1d:f7:
da:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:6C:31:98:47:71:C0:52:04:DF:28:17:21:27:8A:4B:63:95:34:A8
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/391CA9CAD24A11EFABD8D242762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.246.88.0/21
Signature Algorithm: sha256WithRSAEncryption
a0:4c:4b:02:e6:20:e9:87:0c:ee:34:08:92:8a:3d:10:17:3e:
65:42:f4:be:79:e0:25:d3:b1:09:81:0a:dc:7d:82:5b:e1:27:
fe:4c:54:6b:b7:17:ed:a6:da:ef:37:31:ba:93:d4:f1:8c:a7:
0c:0d:a7:2f:13:3e:ad:23:6e:4b:b4:ff:32:1c:b2:23:72:2d:
e0:97:9b:d7:ab:5e:6b:d9:cc:a2:3e:79:98:71:9d:9c:d1:96:
9e:c7:df:0a:7e:6d:ce:12:14:c8:36:09:b1:8b:58:0c:75:3d:
6d:28:1f:ea:b4:9f:aa:90:e9:9b:ef:04:9e:c1:78:f7:47:82:
95:ce:86:2b:09:c5:da:35:16:76:8c:29:74:20:9a:0c:af:b2:
79:55:29:00:fa:01:d1:87:19:8a:87:fa:dd:4d:44:ee:04:3a:
f0:34:17:4d:fd:7b:e1:2f:f0:57:57:2d:37:bd:02:d2:06:d7:
1d:25:59:66:82:2a:65:20:c7:e2:98:ba:6a:cd:12:b6:b5:19:
09:3c:09:d3:c2:83:68:3c:98:45:6d:2a:8d:58:22:fc:cc:96:
d2:38:b7:62:d2:c2:34:cd:c6:98:32:da:f6:a7:31:ba:f7:cb:
50:64:c7:06:32:20:ad:3b:ef:dc:bd:ec:61:5e:34:a2:db:bd:
7c:4f:e0:d1
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQbsMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE0MDczNjA2WhcNMjUwMjE4MDczNjA2WjAYMRYw
FAYDVQQDEw02Nzg2MTNlYS00M2Y0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoFt20lMMJKTfxDiA/HXFQrtiwFMvEO6GIqkgwlJ48ueokJ/QW8irV33F
oj9L75IiS7YDBfAXzOVw8E5MyBoHxRwf/ba2iIkjEYv6dOTjdFf+LVME1Irwgs2q
6ccuZwH4wVPMRfzMb0aO2GvUvkKXAvlIlUG0zHGbNqKfl9d0pFGDq2PrxvzyY4Ld
nc7uPBawG1WHErBOJXBz2VOcF/Zpwehn3T5VW5jlAd6CseAG6syGLw4ipeNkVsIS
RAX//ewMNGAKAYFbtyNiTXO8TMjMY2TS/Lq/q5te0VLeZc9o67tOyEqDUEKmpH6q
t7CuX47/zZI+g+ee0Od3fK2qHffaYQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEFs
MZhHccBSBN8oFyEniktjlTSoMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zOTFDQTlDQUQyNEExMUVGQUJEOEQyNDI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnPZYMA0GCSqGSIb3DQEBCwUA
A4IBAQCgTEsC5iDphwzuNAiSij0QFz5lQvS+eeAl07EJgQrcfYJb4Sf+TFRrtxft
ptrvNzG6k9TxjKcMDacvEz6tI25LtP8yHLIjci3gl5vXq15r2cyiPnmYcZ2c0Zae
x98Kfm3OEhTINgmxi1gMdT1tKB/qtJ+qkOmb7wSewXj3R4KVzoYrCcXaNRZ2jCl0
IJoMr7J5VSkA+gHRhxmKh/rdTUTuBDrwNBdN/XvhL/BXVy03vQLSBtcdJVlmgipl
IMfimLpqzRK2tRkJPAnTwoNoPJhFbSqNWCL8zJbSOLdi0sI0zcaYMtr2pzG698tQ
ZMcGMiCtO+/cvexhXjSi2718T+DR
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:36:36 2025 by rpki-client