Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4B00B988B49F11EF8B10907B762E951A.roa
File: 4B00B988B49F11EF8B10907B762E951A.roa (raw, json)
Hash identifier: 1ty0kyYwroIX/x6INzuVpsDH9gdC1kyVP0C8hiCaaoM=
Subject key identifier: D1:26:3D:EC:B1:C3:0B:A3:CE:47:1C:73:D2:AC:EC:98:30:85:81:1A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E0A0
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4B00B988B49F11EF8B10907B762E951A.roa
Signing time: Sat 07 Dec 2024 13:29:32 +0000
ROA not before: Sat 07 Dec 2024 13:29:29 +0000
ROA not after: Sun 09 Feb 2025 13:29:29 +0000
asID: 135097
IP address blocks: 156.226.32.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57504 (0xe0a0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 7 13:29:29 2024 GMT
Not After : Feb 9 13:29:29 2025 GMT
Subject: CN=67544dbc-a1fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:d1:b2:d5:45:6a:f4:07:8e:17:92:20:81:85:
34:4c:84:07:1e:45:c6:0c:47:16:6c:77:0f:a3:33:
f6:86:80:90:d8:c9:b8:08:f5:b4:4c:22:e3:42:b1:
f1:65:76:30:8d:4e:83:27:8e:d2:1b:b0:13:d5:1d:
ad:bc:27:e2:77:15:52:ed:bb:00:06:5a:36:1e:29:
70:45:d6:20:d6:b2:5f:93:01:42:18:13:f9:31:26:
09:42:62:9c:af:4c:69:49:81:ae:4c:b4:4b:35:a1:
4c:3e:18:7d:7f:80:7c:48:04:5e:1d:68:0b:b6:e0:
53:e9:33:87:23:84:5b:af:e8:6c:6e:99:a0:4a:c7:
66:19:ce:28:f9:6f:47:39:32:46:dc:1b:c2:04:f2:
83:88:ba:6f:ca:eb:af:ba:c1:26:63:26:95:eb:40:
03:84:7a:db:e7:cf:ed:6a:78:e4:15:84:f7:04:5a:
f2:ae:2b:3d:78:df:20:16:7e:59:99:74:ea:fd:62:
df:96:78:4b:1c:fc:ca:a7:f9:af:11:63:9c:5d:78:
94:6f:48:76:38:1e:16:8a:87:0a:23:56:8a:7e:f4:
b2:51:60:c2:17:46:a2:75:86:5a:5d:59:2b:bc:d4:
ff:45:db:d5:49:70:ef:0d:55:47:5c:a9:c8:79:c8:
27:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:26:3D:EC:B1:C3:0B:A3:CE:47:1C:73:D2:AC:EC:98:30:85:81:1A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4B00B988B49F11EF8B10907B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.226.32.0/19
Signature Algorithm: sha256WithRSAEncryption
70:19:23:df:62:bf:c6:51:b3:1f:9b:3a:53:9b:8f:86:4f:85:
8e:79:2e:d3:d6:8c:58:cd:2c:1f:a7:ba:5c:62:43:55:c7:32:
a2:89:63:3e:1e:96:5e:87:5e:f6:b8:14:84:25:b7:bd:1d:7b:
06:e9:5b:24:24:57:c2:51:87:b8:e8:26:6b:b6:ea:a5:a5:15:
7d:69:c9:40:f9:d8:00:67:c0:33:5b:1f:e9:ac:ba:89:57:e7:
fa:22:b8:5e:73:08:18:5c:13:f7:45:4a:6d:07:5a:98:31:be:
5a:01:e6:39:5a:e7:c7:da:a3:95:dd:33:55:3b:76:b0:8d:11:
8a:58:5f:c6:f4:cc:84:19:71:db:b0:5c:be:61:e1:ae:8c:dc:
9f:0d:2f:f3:eb:ac:03:92:f9:98:ea:42:fe:80:30:67:ee:84:
f2:2d:d7:0e:92:94:ae:8f:91:be:a7:cb:0f:e6:11:9b:d6:cf:
d5:a1:ba:b3:c8:36:b7:6b:70:ff:92:5c:d1:47:21:ab:93:f6:
2b:9f:ee:99:c5:60:d3:95:49:b2:f2:53:4c:ce:81:25:ce:33:
f2:b2:e2:e6:f1:ca:7d:07:3b:6f:f5:f0:80:77:a1:d7:c1:57:
3d:42:04:76:67:30:e7:c7:1d:ea:09:c7:b8:96:c6:5a:c6:87:
45:3b:ed:19
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOCgMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjA3MTMyOTI5WhcNMjUwMjA5MTMyOTI5WjAYMRYw
FAYDVQQDEw02NzU0NGRiYy1hMWZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAltGy1UVq9AeOF5IggYU0TIQHHkXGDEcWbHcPozP2hoCQ2Mm4CPW0TCLj
QrHxZXYwjU6DJ47SG7AT1R2tvCfidxVS7bsABlo2HilwRdYg1rJfkwFCGBP5MSYJ
QmKcr0xpSYGuTLRLNaFMPhh9f4B8SAReHWgLtuBT6TOHI4Rbr+hsbpmgSsdmGc4o
+W9HOTJG3BvCBPKDiLpvyuuvusEmYyaV60ADhHrb58/tanjkFYT3BFryris9eN8g
Fn5ZmXTq/WLflnhLHPzKp/mvEWOcXXiUb0h2OB4WiocKI1aKfvSyUWDCF0aidYZa
XVkrvNT/RdvVSXDvDVVHXKnIecgn6QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNEm
Peyxwwujzkccc9Ks7JgwhYEaMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80QjAwQjk4OEI0OUYxMUVGOEIxMDkwN0I3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFnOIgMA0GCSqGSIb3DQEBCwUA
A4IBAQBwGSPfYr/GUbMfmzpTm4+GT4WOeS7T1oxYzSwfp7pcYkNVxzKiiWM+HpZe
h172uBSEJbe9HXsG6VskJFfCUYe46CZrtuqlpRV9aclA+dgAZ8AzWx/prLqJV+f6
IrhecwgYXBP3RUptB1qYMb5aAeY5WufH2qOV3TNVO3awjRGKWF/G9MyEGXHbsFy+
YeGujNyfDS/z66wDkvmY6kL+gDBn7oTyLdcOkpSuj5G+p8sP5hGb1s/VobqzyDa3
a3D/klzRRyGrk/Yrn+6ZxWDTlUmy8lNMzoElzjPysuLm8cp9Bztv9fCAd6HXwVc9
QgR2ZzDnxx3qCce4lsZaxodFO+0Z
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:42:16 2025 by rpki-client