Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/39F5D25ACD0D11EFA1CE617B762E951A.roa
File: 39F5D25ACD0D11EFA1CE617B762E951A.roa (raw, json)
Hash identifier: MPoBunl8axM70hrYFV/7WJ2/wlwLmANvbukD5beOXMA=
Subject key identifier: A1:D5:50:BE:B7:D2:D3:EB:79:36:AB:EB:EE:99:25:E8:AA:83:82:75
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FCD3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/39F5D25ACD0D11EFA1CE617B762E951A.roa
Signing time: Tue 07 Jan 2025 15:36:56 +0000
ROA not before: Tue 07 Jan 2025 15:36:52 +0000
ROA not after: Mon 13 Dec 2027 15:36:52 +0000
asID: 17561
IP address blocks: 156.239.61.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64723 (0xfcd3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 15:36:52 2025 GMT
Not After : Dec 13 15:36:52 2027 GMT
Subject: CN=677d4a18-f62d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:04:b9:5d:44:db:39:e9:ab:47:6c:56:d0:6e:
3d:bf:27:20:1c:cc:ca:87:6e:24:74:45:61:fc:c7:
97:29:f1:03:f3:6a:e8:0f:f0:96:02:42:5c:56:1f:
a6:82:b7:0e:a5:3c:32:bd:96:2e:44:3f:ae:8a:97:
78:b0:5c:b9:73:4d:1f:e5:78:ce:e2:aa:cd:e5:9b:
09:3b:86:a4:cc:26:14:0e:e9:40:d2:af:f7:ec:c9:
88:cd:04:2f:12:dc:23:4b:33:68:e7:5b:64:c6:4a:
c0:19:a8:be:cf:2f:ed:6f:33:0f:b6:32:18:4e:be:
0b:f7:7c:25:14:f6:f7:fe:30:a7:38:6a:7d:6f:dc:
7d:7c:e0:dd:22:dd:95:5a:6a:05:85:13:f1:30:cd:
4d:a0:79:1d:73:49:96:86:a3:c6:01:29:3c:36:84:
59:80:b7:a9:88:dc:fb:c0:46:ec:98:a2:15:c3:95:
e7:63:ce:27:0e:e3:b3:69:20:b1:df:3c:72:4a:91:
85:9f:11:b3:cf:58:a5:4a:f3:97:67:32:7c:db:89:
a2:99:de:3b:65:5b:81:e6:23:7d:9f:1d:37:0e:cd:
54:88:35:4f:cb:1d:30:61:5d:e9:7b:06:74:5c:60:
70:8d:80:50:50:09:78:87:23:d1:2d:cb:82:21:63:
c2:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:D5:50:BE:B7:D2:D3:EB:79:36:AB:EB:EE:99:25:E8:AA:83:82:75
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/39F5D25ACD0D11EFA1CE617B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.239.61.0/24
Signature Algorithm: sha256WithRSAEncryption
47:2f:51:d9:13:23:6c:7c:b2:50:3a:ed:61:87:62:29:61:60:
a8:1e:a7:48:67:00:94:f7:68:ff:6e:6d:c1:41:ae:3f:50:2d:
50:2e:a5:8b:44:52:57:c8:cb:0b:2d:1d:0b:75:a8:32:2b:df:
5f:71:c1:6f:d8:3b:3b:c2:2a:d2:d4:f7:cf:6c:03:8e:23:b5:
00:22:94:89:36:d9:9d:99:7d:6c:09:44:0b:cf:bd:e4:67:f1:
b2:59:5d:bb:84:dc:e8:6e:34:dc:74:28:24:20:a5:46:d3:c0:
fa:73:ed:46:ce:80:7a:9b:55:3b:71:0c:29:5b:da:e7:58:df:
4c:56:55:6f:75:f5:cf:02:34:5e:3c:e9:bc:18:b2:62:c2:1d:
3f:cc:5d:6b:1e:b1:5c:97:84:fd:56:0b:16:6c:a7:c2:cd:00:
a9:ce:2c:0b:45:2f:f0:2f:56:9f:e9:ad:ae:b5:9c:ab:f8:e3:
4a:1b:9d:76:65:97:97:40:eb:bd:8f:f9:9c:92:a0:b9:55:1d:
95:2d:60:f4:6e:9b:bc:88:7e:1c:35:35:c4:25:a0:1b:5f:2e:
68:f5:40:56:40:f7:05:8f:97:48:63:65:f1:fd:1e:74:b8:46:
e4:2b:12:ae:34:0e:40:bb:6c:56:ff:25:d7:63:58:73:7d:a4:
25:a5:f1:ba
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPzTMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTUzNjUyWhcNMjcxMjEzMTUzNjUyWjAYMRYw
FAYDVQQDEw02NzdkNGExOC1mNjJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxAS5XUTbOemrR2xW0G49vycgHMzKh24kdEVh/MeXKfED82roD/CWAkJc
Vh+mgrcOpTwyvZYuRD+uipd4sFy5c00f5XjO4qrN5ZsJO4akzCYUDulA0q/37MmI
zQQvEtwjSzNo51tkxkrAGai+zy/tbzMPtjIYTr4L93wlFPb3/jCnOGp9b9x9fODd
It2VWmoFhRPxMM1NoHkdc0mWhqPGASk8NoRZgLepiNz7wEbsmKIVw5XnY84nDuOz
aSCx3zxySpGFnxGzz1ilSvOXZzJ824mimd47ZVuB5iN9nx03Ds1UiDVPyx0wYV3p
ewZ0XGBwjYBQUAl4hyPRLcuCIWPCpwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKHV
UL630tPreTar6+6ZJeiqg4J1MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zOUY1RDI1QUNEMEQxMUVGQTFDRTYxN0I3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO89MA0GCSqGSIb3DQEBCwUA
A4IBAQBHL1HZEyNsfLJQOu1hh2IpYWCoHqdIZwCU92j/bm3BQa4/UC1QLqWLRFJX
yMsLLR0LdagyK99fccFv2Ds7wirS1PfPbAOOI7UAIpSJNtmdmX1sCUQLz73kZ/Gy
WV27hNzobjTcdCgkIKVG08D6c+1GzoB6m1U7cQwpW9rnWN9MVlVvdfXPAjRePOm8
GLJiwh0/zF1rHrFcl4T9VgsWbKfCzQCpziwLRS/wL1af6a2utZyr+ONKG512ZZeX
QOu9j/mckqC5VR2VLWD0bpu8iH4cNTXEJaAbXy5o9UBWQPcFj5dIY2Xx/R50uEbk
KxKuNA5Au2xW/yXXY1hzfaQlpfG6
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:45:23 2025 by rpki-client