Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/496DF6C0CF2611EF99646569762E951A.roa
File: 496DF6C0CF2611EF99646569762E951A.roa (raw, json)
Hash identifier: ru1ZIp0UhtvRZt+IL4bzvDXfkhQzM1SjYVU47pYfcF4=
Subject key identifier: 52:23:B8:EE:DE:B6:BC:B1:B0:64:6E:66:2A:EF:06:F7:57:F5:B0:E5
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0104FB
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/496DF6C0CF2611EF99646569762E951A.roa
Signing time: Fri 10 Jan 2025 07:41:22 +0000
ROA not before: Fri 10 Jan 2025 07:41:18 +0000
ROA not after: Fri 16 Jan 2026 07:41:18 +0000
asID: 138965
IP address blocks: 156.236.88.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66811 (0x104fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 10 07:41:18 2025 GMT
Not After : Jan 16 07:41:18 2026 GMT
Subject: CN=6780cf22-e70d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:50:81:e7:0d:d1:84:82:c6:37:70:11:95:46:
40:05:9f:fa:fe:eb:ad:e1:1e:6f:79:4e:61:a0:9b:
8b:ad:a0:22:ba:28:91:4e:22:5c:0d:1d:88:50:95:
da:4d:18:fb:95:e3:bb:d3:ef:c7:2e:35:f1:ef:d6:
19:1d:cc:ff:99:ff:35:81:21:b4:bb:c5:0d:26:6b:
69:18:a7:fd:84:f2:da:6b:f5:00:f3:c6:cc:34:bf:
ae:d7:44:06:cb:54:82:a3:25:64:12:d2:9b:c7:b3:
5e:9b:8e:02:1e:d9:0b:c9:d8:f4:12:62:c2:f3:04:
76:e5:4a:6d:dd:d4:28:74:9b:94:2d:7f:c8:f2:c7:
40:61:a2:23:58:c6:88:40:97:d3:32:24:3b:da:97:
eb:52:32:7c:b1:1c:7a:f8:5e:7f:47:9f:64:9b:0d:
d0:7d:87:0e:63:cc:8f:d9:09:45:65:eb:d9:cb:de:
9e:13:7e:d3:60:af:02:2e:ea:78:d5:2a:8e:d1:da:
1c:df:78:e3:57:bb:44:f1:32:b3:31:83:6b:db:12:
52:a7:95:b0:f0:22:64:15:94:7e:95:2f:2b:da:bc:
40:eb:f9:8b:5d:04:11:de:52:7e:d4:72:f1:32:8e:
05:cc:98:44:d7:86:f5:a3:bc:b6:ae:f8:74:e2:5b:
48:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:23:B8:EE:DE:B6:BC:B1:B0:64:6E:66:2A:EF:06:F7:57:F5:B0:E5
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/496DF6C0CF2611EF99646569762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.236.88.0/21
Signature Algorithm: sha256WithRSAEncryption
42:4b:bf:b4:82:96:0c:bb:68:1e:b8:50:5e:b4:ab:82:5f:0c:
4f:b4:f6:e9:b7:79:d8:0c:2b:c1:3d:a1:b1:ca:76:bc:d8:8c:
5f:61:f1:65:81:99:05:24:07:5a:46:6a:63:eb:0e:05:d2:0f:
cd:c4:98:99:4d:86:b3:f7:7d:4e:53:b8:21:54:e7:d6:47:fa:
a6:4c:e0:b6:13:16:eb:2b:18:cb:e1:9d:30:3c:59:ea:cb:f7:
6f:f0:27:14:32:36:b7:46:d5:55:59:4a:27:da:54:b3:03:42:
2a:4f:bd:db:4d:8a:1e:79:bd:43:4d:3e:f8:2c:e0:f5:41:10:
e0:96:73:62:f9:39:33:fd:8d:2e:40:d0:2a:57:fe:6f:4b:97:
86:1d:f1:8a:d9:66:ca:33:f4:0c:5a:b8:ac:89:14:79:1e:ed:
16:ed:d9:65:e5:f7:55:da:d0:9d:0d:68:ec:c9:ef:09:79:80:
44:e7:54:44:13:79:90:fc:32:ce:3b:b7:8a:88:22:ec:bc:97:
67:18:7c:fe:f7:c4:37:f3:b2:c3:54:cd:94:db:a3:ba:d2:ba:
bc:05:68:fa:e5:e0:20:8b:de:1e:fc:17:e2:d3:94:10:e1:ce:
17:6b:7c:71:f7:82:df:3c:04:80:b1:36:a3:7f:c1:14:bf:8d:
38:e9:f5:8f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQT7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTEwMDc0MTE4WhcNMjYwMTE2MDc0MTE4WjAYMRYw
FAYDVQQDEw02NzgwY2YyMi1lNzBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvVCB5w3RhILGN3ARlUZABZ/6/uut4R5veU5hoJuLraAiuiiRTiJcDR2I
UJXaTRj7leO70+/HLjXx79YZHcz/mf81gSG0u8UNJmtpGKf9hPLaa/UA88bMNL+u
10QGy1SCoyVkEtKbx7Nem44CHtkLydj0EmLC8wR25Upt3dQodJuULX/I8sdAYaIj
WMaIQJfTMiQ72pfrUjJ8sRx6+F5/R59kmw3QfYcOY8yP2QlFZevZy96eE37TYK8C
Lup41SqO0doc33jjV7tE8TKzMYNr2xJSp5Ww8CJkFZR+lS8r2rxA6/mLXQQR3lJ+
1HLxMo4FzJhE14b1o7y2rvh04ltI3QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFIj
uO7etryxsGRuZirvBvdX9bDlMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80OTZERjZDMENGMjYxMUVGOTk2NDY1Njk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnOxYMA0GCSqGSIb3DQEBCwUA
A4IBAQBCS7+0gpYMu2geuFBetKuCXwxPtPbpt3nYDCvBPaGxyna82IxfYfFlgZkF
JAdaRmpj6w4F0g/NxJiZTYaz931OU7ghVOfWR/qmTOC2ExbrKxjL4Z0wPFnqy/dv
8CcUMja3RtVVWUon2lSzA0IqT73bTYoeeb1DTT74LOD1QRDglnNi+Tkz/Y0uQNAq
V/5vS5eGHfGK2WbKM/QMWrisiRR5Hu0W7dll5fdV2tCdDWjsye8JeYBE51REE3mQ
/DLOO7eKiCLsvJdnGHz+98Q387LDVM2U26O60rq8BWj65eAgi94e/Bfi05QQ4c4X
a3xx94LfPASAsTajf8EUv4046fWP
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:55:45 2025 by rpki-client