Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4D1B6C36C95811EFBCCE2468762E951A.roa
File: 4D1B6C36C95811EFBCCE2468762E951A.roa (raw, json)
Hash identifier: dAOgGW5xUE4rr2BDctxp+ksG01bJJId+U8S2zr8lpJI=
Subject key identifier: 3A:EA:6E:85:29:43:D6:77:B5:F2:10:AB:25:B4:AB:46:11:14:53:1A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F40C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4D1B6C36C95811EFBCCE2468762E951A.roa
Signing time: Thu 02 Jan 2025 22:24:16 +0000
ROA not before: Thu 02 Jan 2025 22:24:12 +0000
ROA not after: Mon 13 Dec 2027 22:24:12 +0000
asID: 17561
IP address blocks: 156.226.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62476 (0xf40c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 2 22:24:12 2025 GMT
Not After : Dec 13 22:24:12 2027 GMT
Subject: CN=67771210-e0bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:fc:35:1e:f4:09:9a:eb:e3:83:20:09:73:f3:
e8:86:6a:df:ce:52:cd:94:dc:a5:50:e0:81:2a:45:
7c:b7:b8:bb:3f:e5:b4:e5:2d:17:b0:1c:3b:ab:d7:
52:e9:46:d1:20:77:51:83:a8:a6:15:ad:e6:ca:80:
20:3f:2f:f5:2a:26:83:4d:ed:dc:be:cf:bd:f8:94:
31:da:c3:d9:21:19:3e:06:3b:41:17:36:1c:f0:9a:
2f:7d:f8:b9:41:9c:82:0c:68:34:ee:c9:84:ee:a4:
23:8a:7f:41:26:84:c6:6d:f3:86:88:6b:bd:e7:73:
14:0a:2f:b5:d9:6c:f2:e2:0d:e6:ec:b6:fc:a8:f4:
22:a4:d7:9b:d8:53:5d:92:4e:fa:5d:bf:61:5d:27:
54:1b:ff:ab:3a:59:db:90:c4:04:5b:84:db:bf:d8:
25:63:db:2b:bc:9a:c5:e5:c8:d3:45:b9:5d:d4:75:
83:bb:f7:93:6e:9a:ed:f4:f9:d6:f5:8c:74:72:72:
f1:2a:c8:1a:30:6b:c8:f9:66:8b:cb:86:6f:22:c2:
1e:64:01:15:d5:60:52:fb:22:7a:30:9f:8e:ca:9e:
9e:01:a5:e0:d7:24:b8:d1:ae:0b:31:8b:3a:97:6a:
ca:ed:cc:54:51:19:a4:1b:97:9f:a6:f9:97:a1:c7:
2d:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:EA:6E:85:29:43:D6:77:B5:F2:10:AB:25:B4:AB:46:11:14:53:1A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4D1B6C36C95811EFBCCE2468762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.226.159.0/24
Signature Algorithm: sha256WithRSAEncryption
36:03:60:6b:da:cf:df:a2:a8:a8:a9:c7:55:e9:b1:af:fc:e1:
b6:01:57:e6:9d:01:28:ff:df:88:50:01:fc:e1:e4:68:22:05:
07:d1:f1:26:75:8f:fa:be:3b:b9:10:29:4e:ae:8d:ce:a7:67:
4e:db:19:83:2c:ef:0f:d8:50:0b:bd:fc:93:55:75:4c:bb:a0:
94:78:c1:c5:87:78:98:fc:cc:d4:ea:b9:28:d7:12:0c:03:5b:
24:47:1a:ab:b5:fb:94:ba:e9:98:83:8d:9e:89:dc:7f:8b:c5:
5e:e0:49:b5:fa:a6:09:7a:24:46:db:7a:bc:35:29:06:6a:70:
fe:f9:f0:1d:3c:80:9e:01:92:a9:2a:c7:67:f1:fe:c2:ca:58:
04:81:58:35:8b:66:d5:3a:85:50:cd:d0:bc:98:dd:72:77:da:
f1:a4:22:69:cf:bd:22:f1:e0:3b:0b:49:5b:67:f6:4e:f4:2b:
5f:28:04:87:1d:49:04:8d:e2:9a:9d:d8:a1:7d:be:f7:28:5c:
a7:42:45:02:e3:00:29:51:ac:96:04:92:51:3d:ed:7d:85:63:
3a:6d:6c:f2:56:84:6a:76:a8:2c:8b:60:2e:87:4d:c2:e6:e2:
9a:9a:65:bb:77:84:af:cf:61:99:8f:2f:9e:52:bc:69:20:74:
1b:06:23:91
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPQMMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAyMjIyNDEyWhcNMjcxMjEzMjIyNDEyWjAYMRYw
FAYDVQQDEw02Nzc3MTIxMC1lMGJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyPw1HvQJmuvjgyAJc/PohmrfzlLNlNylUOCBKkV8t7i7P+W05S0XsBw7
q9dS6UbRIHdRg6imFa3myoAgPy/1KiaDTe3cvs+9+JQx2sPZIRk+BjtBFzYc8Jov
ffi5QZyCDGg07smE7qQjin9BJoTGbfOGiGu953MUCi+12Wzy4g3m7Lb8qPQipNeb
2FNdkk76Xb9hXSdUG/+rOlnbkMQEW4Tbv9glY9srvJrF5cjTRbld1HWDu/eTbprt
9PnW9Yx0cnLxKsgaMGvI+WaLy4ZvIsIeZAEV1WBS+yJ6MJ+Oyp6eAaXg1yS40a4L
MYs6l2rK7cxUURmkG5efpvmXocctywIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDrq
boUpQ9Z3tfIQqyW0q0YRFFMaMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80RDFCNkMzNkM5NTgxMUVGQkNDRTI0Njg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOKfMA0GCSqGSIb3DQEBCwUA
A4IBAQA2A2Br2s/foqioqcdV6bGv/OG2AVfmnQEo/9+IUAH84eRoIgUH0fEmdY/6
vju5EClOro3Op2dO2xmDLO8P2FALvfyTVXVMu6CUeMHFh3iY/MzU6rko1xIMA1sk
RxqrtfuUuumYg42eidx/i8Ve4Em1+qYJeiRG23q8NSkGanD++fAdPICeAZKpKsdn
8f7CylgEgVg1i2bVOoVQzdC8mN1yd9rxpCJpz70i8eA7C0lbZ/ZO9CtfKASHHUkE
jeKandihfb73KFynQkUC4wApUayWBJJRPe19hWM6bWzyVoRqdqgsi2Auh03C5uKa
mmW7d4Svz2GZjy+eUrxpIHQbBiOR
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:58:54 2025 by rpki-client