Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/40301B84C95311EFA6CEEF49762E951A.roa
File: 40301B84C95311EFA6CEEF49762E951A.roa (raw, json)
Hash identifier: kV28ewnAuB+txoExGMTrEo3TPNUqqRg0hOZUMWHi/zw=
Subject key identifier: E5:0B:B9:63:F6:6D:C1:E8:64:18:70:7D:2A:06:A0:F3:D7:B8:12:5E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F3DC
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/40301B84C95311EFA6CEEF49762E951A.roa
Signing time: Thu 02 Jan 2025 21:48:07 +0000
ROA not before: Thu 02 Jan 2025 21:48:03 +0000
ROA not after: Mon 13 Dec 2027 21:48:03 +0000
asID: 17561
IP address blocks: 156.226.134.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62428 (0xf3dc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 2 21:48:03 2025 GMT
Not After : Dec 13 21:48:03 2027 GMT
Subject: CN=67770997-59ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:1c:d7:04:37:a8:ca:5e:83:d0:c6:c8:f2:83:
50:57:f9:0d:87:7c:80:f4:04:57:16:11:d2:49:2a:
77:64:a3:64:55:90:1f:be:da:cc:40:ed:83:d3:e9:
2a:97:62:f0:45:cd:22:96:59:c8:a2:75:0a:49:5a:
38:fe:db:1a:47:0b:17:85:b1:6f:fc:80:8a:6f:92:
ea:30:e9:4e:7c:dd:c4:fe:c4:0a:bf:55:8f:82:20:
f2:cf:90:39:10:8a:b4:4b:6b:af:7d:e1:04:09:76:
70:5e:03:26:4e:d3:06:58:ad:21:53:bc:09:4b:ef:
5e:a7:81:64:33:3d:44:f7:e4:c1:04:5e:f5:f4:86:
8e:f8:27:11:61:98:d0:6e:7a:98:6c:16:0e:07:7b:
f9:4a:32:a6:54:7c:f1:b2:e8:fd:6d:aa:a4:08:61:
3e:88:0c:fc:c3:8f:6a:94:d4:3a:15:67:c6:54:2e:
ad:fb:80:7a:ec:23:e5:ec:75:84:ba:6b:84:18:ac:
01:bb:2d:47:7e:87:35:81:f4:39:7a:ab:9b:b2:a0:
6e:4a:d5:fa:ef:60:d0:3c:48:3a:de:d0:24:18:09:
f1:de:98:36:32:46:3e:64:06:eb:e6:f8:e9:a2:19:
1f:5b:67:5b:9c:b9:22:2b:4c:86:c9:66:a6:84:b2:
49:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:0B:B9:63:F6:6D:C1:E8:64:18:70:7D:2A:06:A0:F3:D7:B8:12:5E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/40301B84C95311EFA6CEEF49762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.226.134.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:f0:1a:63:a5:c9:b2:bc:fa:cc:d0:9c:59:b9:78:e4:7c:71:
a8:67:86:59:cf:fb:2d:e8:62:e5:15:45:ee:1a:d3:b8:92:b1:
b5:a4:97:72:9d:0f:a9:d5:fc:b7:51:9e:4f:df:26:ce:5d:8a:
19:87:e5:77:22:26:24:15:22:d9:ab:3c:3b:ec:84:30:4a:ab:
07:73:ba:f0:ba:53:e8:98:d1:5d:8c:9e:6a:b7:70:18:91:43:
4e:08:f3:ec:82:94:08:38:b1:b6:11:23:45:12:25:9d:52:16:
2d:0e:7d:65:3e:98:17:89:68:df:cd:6f:e3:74:09:36:a4:fd:
4e:b3:04:41:06:a0:fe:3e:50:5a:b1:8b:3d:a5:cf:ec:8c:cc:
1e:65:f1:16:87:1a:b6:b4:7b:69:3b:52:4e:6e:d5:9c:ea:90:
8e:de:ab:ec:30:cd:92:25:d9:22:e4:21:d6:ae:2c:2e:c4:67:
54:18:aa:46:33:1b:91:b3:6a:9f:c9:ff:eb:a6:5c:8f:80:be:
82:fa:00:9e:4e:82:99:e9:8d:ae:12:dc:a2:53:6f:5f:97:d5:
d3:ad:b6:59:0c:99:b7:89:b5:79:6e:ee:5f:d4:1d:63:12:77:
2d:78:c5:91:a7:74:56:2a:6a:e3:1b:07:cd:86:03:6b:70:e0:
3e:e4:15:8d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPPcMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAyMjE0ODAzWhcNMjcxMjEzMjE0ODAzWjAYMRYw
FAYDVQQDEw02Nzc3MDk5Ny01OWVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyRzXBDeoyl6D0MbI8oNQV/kNh3yA9ARXFhHSSSp3ZKNkVZAfvtrMQO2D
0+kql2LwRc0illnIonUKSVo4/tsaRwsXhbFv/ICKb5LqMOlOfN3E/sQKv1WPgiDy
z5A5EIq0S2uvfeEECXZwXgMmTtMGWK0hU7wJS+9ep4FkMz1E9+TBBF719IaO+CcR
YZjQbnqYbBYOB3v5SjKmVHzxsuj9baqkCGE+iAz8w49qlNQ6FWfGVC6t+4B67CPl
7HWEumuEGKwBuy1Hfoc1gfQ5equbsqBuStX672DQPEg63tAkGAnx3pg2MkY+ZAbr
5vjpohkfW2dbnLkiK0yGyWamhLJJmwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOUL
uWP2bcHoZBhwfSoGoPPXuBJeMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80MDMwMUI4NEM5NTMxMUVGQTZDRUVGNDk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOKGMA0GCSqGSIb3DQEBCwUA
A4IBAQAs8BpjpcmyvPrM0JxZuXjkfHGoZ4ZZz/st6GLlFUXuGtO4krG1pJdynQ+p
1fy3UZ5P3ybOXYoZh+V3IiYkFSLZqzw77IQwSqsHc7rwulPomNFdjJ5qt3AYkUNO
CPPsgpQIOLG2ESNFEiWdUhYtDn1lPpgXiWjfzW/jdAk2pP1OswRBBqD+PlBasYs9
pc/sjMweZfEWhxq2tHtpO1JObtWc6pCO3qvsMM2SJdki5CHWriwuxGdUGKpGMxuR
s2qfyf/rplyPgL6C+gCeToKZ6Y2uEtyiU29fl9XTrbZZDJm3ibV5bu5f1B1jEnct
eMWRp3RWKmrjGwfNhgNrcOA+5BWN
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:00:15 2025 by rpki-client