Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/42289D46CD0711EFB0C7B856762E951A.roa
File: 42289D46CD0711EFB0C7B856762E951A.roa (raw, json)
Hash identifier: xq+cf3LjW9OgD2VWE2QmKe0u2vW7nPd32526daW3HDg=
Subject key identifier: E0:A0:36:B7:A3:3F:CF:1D:8C:41:78:47:AA:DF:33:6A:8E:1C:10:A9
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FCA3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/42289D46CD0711EFB0C7B856762E951A.roa
Signing time: Tue 07 Jan 2025 14:54:13 +0000
ROA not before: Tue 07 Jan 2025 14:54:08 +0000
ROA not after: Mon 13 Dec 2027 14:54:08 +0000
asID: 17561
IP address blocks: 156.239.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64675 (0xfca3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 14:54:08 2025 GMT
Not After : Dec 13 14:54:08 2027 GMT
Subject: CN=677d4015-4ea8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:3d:75:aa:ba:b7:5b:d8:da:bb:16:37:ca:95:
91:f8:95:d5:3b:c0:87:fd:9c:a5:8f:08:1a:19:fa:
1e:b4:0a:85:5d:a5:fa:80:98:c2:90:06:04:34:00:
1e:b6:8f:6d:ad:2d:21:48:ba:ae:db:6c:6b:39:0d:
be:c4:49:32:e6:1a:38:6a:9b:cd:52:9e:3e:66:04:
91:e0:56:28:85:b1:c6:0f:53:c3:d8:ec:1d:60:f4:
fd:20:ec:5a:43:d6:84:25:18:ca:b0:81:43:a7:a9:
a4:65:21:58:21:d5:86:e4:08:64:82:d8:e9:dd:2a:
6b:08:27:59:7b:4c:32:08:67:19:9d:2f:d7:6e:c8:
2f:47:ac:bf:9f:94:5e:e7:f8:79:5d:64:2f:f1:fd:
fe:f2:cd:ed:34:79:13:d6:2b:c1:b6:7a:97:c6:bd:
0f:a8:e3:24:a9:5e:ea:89:bc:87:f0:04:e6:9f:34:
b5:4f:a7:29:dd:e5:8e:08:3e:96:16:fa:ee:0b:34:
bc:13:b0:c9:f7:34:b8:06:10:db:ef:83:5a:cb:42:
a9:6d:fa:12:9c:2e:4c:5c:14:43:e5:4b:b7:ef:cc:
ba:5c:dc:f8:b2:46:dd:1d:99:91:a2:13:ec:6f:cd:
2e:ba:e1:cd:18:07:85:72:ab:1d:04:06:40:df:82:
3c:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:A0:36:B7:A3:3F:CF:1D:8C:41:78:47:AA:DF:33:6A:8E:1C:10:A9
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/42289D46CD0711EFB0C7B856762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.239.35.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:0c:c6:2f:11:47:d1:24:4f:39:06:e3:ec:64:78:1b:87:a8:
21:ce:aa:66:88:ad:f4:c2:20:23:c0:fb:94:c7:a3:3f:69:8c:
92:6d:af:d2:0c:1d:f2:a2:17:7b:c3:94:5d:f4:17:a4:7d:f6:
6b:a3:ec:98:8b:bd:1b:88:65:52:f9:83:a4:d9:e1:3d:96:be:
82:1f:bf:b9:c8:fd:e9:bf:2b:db:04:e2:a8:e3:99:8f:10:01:
c8:25:22:4e:ca:77:1b:7c:64:e4:e4:44:5b:f8:5f:a0:b4:d2:
ae:4d:c5:00:0b:de:36:39:92:45:40:e7:e4:2d:67:ed:c2:ce:
b8:54:34:b1:e5:2c:fb:13:92:16:46:fe:48:2e:3d:10:34:26:
43:bc:40:3f:46:1c:26:88:29:b0:e7:d8:8c:4a:dc:54:7a:00:
c4:5e:25:34:98:89:ff:08:dc:8d:9a:10:93:80:6f:2f:e0:76:
18:41:27:98:3c:84:21:8b:af:2a:a2:fb:b1:d0:e6:f7:a3:08:
9c:45:2b:b6:83:2c:6c:cb:6d:37:b3:a4:98:bd:65:5b:fe:04:
83:76:48:cc:9a:06:1f:d7:3c:d8:ed:f4:08:29:08:b2:4c:ac:
df:9b:ac:9d:7d:3a:5f:cd:4b:72:7f:2d:1a:e0:4a:35:0d:94:
fe:6b:3b:42
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPyjMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTQ1NDA4WhcNMjcxMjEzMTQ1NDA4WjAYMRYw
FAYDVQQDEw02NzdkNDAxNS00ZWE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0T11qrq3W9jauxY3ypWR+JXVO8CH/ZyljwgaGfoetAqFXaX6gJjCkAYE
NAAeto9trS0hSLqu22xrOQ2+xEky5ho4apvNUp4+ZgSR4FYohbHGD1PD2OwdYPT9
IOxaQ9aEJRjKsIFDp6mkZSFYIdWG5Ahkgtjp3SprCCdZe0wyCGcZnS/XbsgvR6y/
n5Re5/h5XWQv8f3+8s3tNHkT1ivBtnqXxr0PqOMkqV7qibyH8ATmnzS1T6cp3eWO
CD6WFvruCzS8E7DJ9zS4BhDb74Nay0KpbfoSnC5MXBRD5Uu378y6XNz4skbdHZmR
ohPsb80uuuHNGAeFcqsdBAZA34I8TQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOCg
NrejP88djEF4R6rfM2qOHBCpMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80MjI4OUQ0NkNEMDcxMUVGQjBDN0I4NTY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO8jMA0GCSqGSIb3DQEBCwUA
A4IBAQB+DMYvEUfRJE85BuPsZHgbh6ghzqpmiK30wiAjwPuUx6M/aYySba/SDB3y
ohd7w5Rd9BekffZro+yYi70biGVS+YOk2eE9lr6CH7+5yP3pvyvbBOKo45mPEAHI
JSJOyncbfGTk5ERb+F+gtNKuTcUAC942OZJFQOfkLWftws64VDSx5Sz7E5IWRv5I
Lj0QNCZDvEA/RhwmiCmw59iMStxUegDEXiU0mIn/CNyNmhCTgG8v4HYYQSeYPIQh
i68qovux0Ob3owicRSu2gyxsy203s6SYvWVb/gSDdkjMmgYf1zzY7fQIKQiyTKzf
m6ydfTpfzUtyfy0a4Eo1DZT+aztC
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:48:10 2025 by rpki-client