Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/491A4228C2A611EFBBAFBF65762E951A.roa
File: 491A4228C2A611EFBBAFBF65762E951A.roa (raw, json)
Hash identifier: UiudZA2BCqzKpES+g4a2a5zw7OoWU7JTlZn/Q+TARPA=
Subject key identifier: CE:75:DB:AD:16:3B:43:D2:E8:24:35:B5:C4:9E:EA:5A:43:C1:FB:1C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EA03
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/491A4228C2A611EFBBAFBF65762E951A.roa
Signing time: Wed 25 Dec 2024 09:54:52 +0000
ROA not before: Wed 25 Dec 2024 09:54:48 +0000
ROA not after: Sat 15 Feb 2025 09:54:48 +0000
asID: 138915
IP address blocks: 156.244.50.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59907 (0xea03)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 25 09:54:48 2024 GMT
Not After : Feb 15 09:54:48 2025 GMT
Subject: CN=676bd66c-b299
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:46:ff:b2:26:42:3f:8c:1a:11:38:48:c9:72:
06:65:c9:4e:e9:f0:b6:c8:c0:99:58:6e:e9:e3:15:
e5:bc:d3:d2:8b:5d:4e:ae:76:16:55:84:8f:71:8c:
74:8a:63:81:1d:34:07:42:37:0b:09:e8:bb:c8:91:
de:43:33:25:65:57:c3:f4:70:6e:02:da:24:e2:33:
68:33:96:fb:82:78:44:33:71:61:62:be:ca:58:48:
24:fd:74:91:f5:6a:8b:4a:a5:2e:7e:34:60:13:bd:
17:bc:de:7f:b9:b7:67:23:c6:66:e4:1a:4a:f6:a1:
55:45:28:62:78:32:f6:7a:f1:87:91:8b:84:af:0a:
b1:76:4e:40:8c:65:c6:47:68:1f:60:e3:c7:b9:16:
22:1a:6f:69:f4:41:f4:16:0c:59:13:8e:22:b7:6b:
ba:88:73:05:b0:23:44:88:46:47:75:4c:da:5a:d2:
4b:62:27:d0:d5:3a:b7:e9:4b:83:52:f3:d7:58:fb:
9f:7e:a2:98:97:65:88:77:06:87:32:3a:e9:71:76:
c2:11:f2:3f:86:63:9e:d7:e8:21:13:8c:62:eb:9c:
23:4c:f7:3e:36:b9:c9:1f:44:31:fd:0d:fd:94:14:
4a:82:43:97:d6:d1:4f:20:d8:96:83:6d:7a:51:00:
3d:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:75:DB:AD:16:3B:43:D2:E8:24:35:B5:C4:9E:EA:5A:43:C1:FB:1C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/491A4228C2A611EFBBAFBF65762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.244.50.0/23
Signature Algorithm: sha256WithRSAEncryption
82:db:d4:ec:29:40:5a:8b:f7:f6:93:93:bf:9b:18:6d:86:a4:
bf:be:a4:f9:81:85:d8:60:fa:83:eb:a6:3a:c6:d9:24:1a:2a:
d4:91:c0:15:e1:bb:fd:06:f1:64:ea:dd:8f:12:83:18:56:20:
70:88:3e:0f:c3:fa:6b:03:5b:43:d9:4a:fd:c0:6a:46:87:35:
1f:02:a7:45:f7:94:cd:12:ae:4c:df:d5:01:f4:6b:2c:41:f8:
c8:39:0f:d5:a9:0f:db:49:68:3f:67:f9:78:16:da:d2:47:d8:
8f:b2:f1:11:98:c3:92:63:13:ca:d0:5d:0f:73:78:0e:95:c2:
8f:23:0c:86:9d:17:9b:38:ab:8b:cf:ca:60:59:1e:98:bc:c0:
7e:d1:5c:b2:87:d1:59:1c:a2:ae:cc:d8:ac:d9:f7:9f:4a:4f:
8d:0c:81:cf:90:02:23:0b:00:2b:d9:78:06:a7:2a:38:61:7c:
e8:0e:07:26:f5:6d:d7:1f:ed:0e:80:9f:6e:88:c7:e6:81:4c:
fe:88:11:b7:23:13:2c:d0:70:80:45:56:15:37:e3:e2:d0:2c:
14:5f:cf:96:64:33:13:f2:4b:84:2b:5b:b1:94:af:ad:03:65:
3a:1c:7c:f2:04:81:3f:f5:db:ec:ba:9e:04:2b:71:1e:2a:7e:
7f:8a:61:dc
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOoDMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI1MDk1NDQ4WhcNMjUwMjE1MDk1NDQ4WjAYMRYw
FAYDVQQDEw02NzZiZDY2Yy1iMjk5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArUb/siZCP4waEThIyXIGZclO6fC2yMCZWG7p4xXlvNPSi11OrnYWVYSP
cYx0imOBHTQHQjcLCei7yJHeQzMlZVfD9HBuAtok4jNoM5b7gnhEM3FhYr7KWEgk
/XSR9WqLSqUufjRgE70XvN5/ubdnI8Zm5BpK9qFVRShieDL2evGHkYuErwqxdk5A
jGXGR2gfYOPHuRYiGm9p9EH0FgxZE44it2u6iHMFsCNEiEZHdUzaWtJLYifQ1Tq3
6UuDUvPXWPuffqKYl2WIdwaHMjrpcXbCEfI/hmOe1+ghE4xi65wjTPc+NrnJH0Qx
/Q39lBRKgkOX1tFPINiWg216UQA9ZQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFM51
260WO0PS6CQ1tcSe6lpDwfscMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80OTFBNDIyOEMyQTYxMUVGQkJBRkJGNjU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnPQyMA0GCSqGSIb3DQEBCwUA
A4IBAQCC29TsKUBai/f2k5O/mxhthqS/vqT5gYXYYPqD66Y6xtkkGirUkcAV4bv9
BvFk6t2PEoMYViBwiD4Pw/prA1tD2Ur9wGpGhzUfAqdF95TNEq5M39UB9GssQfjI
OQ/VqQ/bSWg/Z/l4FtrSR9iPsvERmMOSYxPK0F0Pc3gOlcKPIwyGnRebOKuLz8pg
WR6YvMB+0Vyyh9FZHKKuzNis2fefSk+NDIHPkAIjCwAr2XgGpyo4YXzoDgcm9W3X
H+0OgJ9uiMfmgUz+iBG3IxMs0HCARVYVN+Pi0CwUX8+WZDMT8kuEK1uxlK+tA2U6
HHzyBIE/9dvsup4EK3EeKn5/imHc
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:49:04 2025 by rpki-client