Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5047FA3EC33411EFBF2EF367762E951A.roa
File: 5047FA3EC33411EFBF2EF367762E951A.roa (raw, json)
Hash identifier: s+Y+NAUbswd/RYVblGy2eA5oI/J5g18W4YUunv/iS4o=
Subject key identifier: AE:20:05:1C:DA:B9:27:DE:18:EC:AB:D4:57:07:E6:F8:B5:59:FD:C6
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EB35
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5047FA3EC33411EFBF2EF367762E951A.roa
Signing time: Thu 26 Dec 2024 02:51:32 +0000
ROA not before: Thu 26 Dec 2024 02:51:29 +0000
ROA not after: Wed 10 Dec 2025 02:51:29 +0000
asID: 984
IP address blocks: 156.244.150.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60213 (0xeb35)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 02:51:29 2024 GMT
Not After : Dec 10 02:51:29 2025 GMT
Subject: CN=676cc4b4-5daf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:4a:2e:36:ab:b9:5d:09:b9:cb:52:06:d3:0d:
b4:4c:09:d9:17:37:6f:1a:20:71:91:77:91:f1:dc:
97:e9:62:a9:78:d8:99:26:2f:4c:e6:bd:d4:2f:6e:
c1:82:3e:b3:55:80:03:50:2f:f5:ad:5f:02:fb:d9:
ab:75:b1:b4:71:6a:57:d7:ef:13:da:e1:64:c7:92:
6c:f7:0a:6f:09:ea:c8:a0:46:0a:a6:43:8b:6c:b8:
bf:10:09:aa:83:cf:d4:95:11:43:bc:75:e9:50:cf:
34:26:a9:27:8d:d9:bd:24:d1:e6:49:0f:38:f4:3d:
16:ee:03:97:ed:4a:25:34:6d:22:e5:ce:50:b1:99:
44:fc:6b:75:de:63:87:9a:68:66:c1:0e:6c:82:39:
0b:58:6e:89:58:92:4b:95:2d:a8:46:98:03:92:b8:
7b:98:74:99:0a:bf:26:6f:3b:f2:61:17:b0:4d:76:
8f:41:c8:df:ab:ae:3c:0e:87:f4:82:59:34:a2:17:
22:44:41:a5:39:05:85:40:74:45:b6:44:a3:3e:9b:
0b:ba:bb:c3:69:72:52:6e:4a:75:fc:90:87:21:7c:
02:6d:ba:47:dd:fd:37:a1:7d:c7:c4:cc:14:1b:a5:
3f:19:e0:a8:db:15:7f:4b:a5:45:bf:f6:2e:c5:7b:
fd:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:20:05:1C:DA:B9:27:DE:18:EC:AB:D4:57:07:E6:F8:B5:59:FD:C6
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5047FA3EC33411EFBF2EF367762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.244.150.0/24
Signature Algorithm: sha256WithRSAEncryption
72:40:63:4c:f3:ed:d4:8d:a7:4b:97:fa:bb:d1:13:77:35:f9:
72:ce:de:a7:b1:94:18:4e:5c:c7:c4:1c:29:e9:23:7b:f9:11:
61:32:ba:60:8c:7a:73:30:fd:dd:62:f2:33:c1:4f:19:21:73:
d2:b1:d4:86:9e:5f:66:da:7b:f6:fc:9d:d6:61:88:71:bf:8a:
8b:86:71:bd:90:cf:d3:97:5f:6b:b1:65:c7:0a:60:e1:13:58:
ff:2c:d1:44:9f:83:01:52:f3:01:41:75:10:b5:1c:23:6b:cf:
17:01:ca:88:99:ad:c5:54:09:81:a0:8d:57:8a:f0:fd:66:92:
2e:a4:f9:72:13:79:5a:ec:55:56:80:6f:6f:15:cb:5e:74:d7:
02:e1:26:a5:20:74:d7:43:7c:0b:5b:04:34:d8:8f:93:0d:82:
2b:66:83:fe:e2:7c:99:05:9d:71:35:db:c5:30:a9:99:95:be:
79:ca:b6:c7:5c:34:ee:a5:51:5d:e3:d6:d5:e2:3a:43:95:5d:
37:10:a1:f9:c0:26:f7:87:34:a4:25:a7:f1:23:43:50:9b:2c:
35:ee:a2:8d:21:8c:9f:8e:b6:38:98:64:62:63:ec:96:47:d7:
75:a9:fd:5d:54:22:7a:67:49:00:68:4f:d6:88:25:98:3b:81:
1b:19:0d:e5
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOs1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDI1MTI5WhcNMjUxMjEwMDI1MTI5WjAYMRYw
FAYDVQQDEw02NzZjYzRiNC01ZGFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4UouNqu5XQm5y1IG0w20TAnZFzdvGiBxkXeR8dyX6WKpeNiZJi9M5r3U
L27Bgj6zVYADUC/1rV8C+9mrdbG0cWpX1+8T2uFkx5Js9wpvCerIoEYKpkOLbLi/
EAmqg8/UlRFDvHXpUM80Jqknjdm9JNHmSQ849D0W7gOX7UolNG0i5c5QsZlE/Gt1
3mOHmmhmwQ5sgjkLWG6JWJJLlS2oRpgDkrh7mHSZCr8mbzvyYRewTXaPQcjfq648
Dof0glk0ohciREGlOQWFQHRFtkSjPpsLurvDaXJSbkp1/JCHIXwCbbpH3f03oX3H
xMwUG6U/GeCo2xV/S6VFv/YuxXv9uwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFK4g
BRzauSfeGOyr1FcH5vi1Wf3GMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81MDQ3RkEzRUMzMzQxMUVGQkYyRUYzNjc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPSWMA0GCSqGSIb3DQEBCwUA
A4IBAQByQGNM8+3UjadLl/q70RN3Nflyzt6nsZQYTlzHxBwp6SN7+RFhMrpgjHpz
MP3dYvIzwU8ZIXPSsdSGnl9m2nv2/J3WYYhxv4qLhnG9kM/Tl19rsWXHCmDhE1j/
LNFEn4MBUvMBQXUQtRwja88XAcqIma3FVAmBoI1XivD9ZpIupPlyE3la7FVWgG9v
FctedNcC4SalIHTXQ3wLWwQ02I+TDYIrZoP+4nyZBZ1xNdvFMKmZlb55yrbHXDTu
pVFd49bV4jpDlV03EKH5wCb3hzSkJafxI0NQmyw17qKNIYyfjrY4mGRiY+yWR9d1
qf1dVCJ6Z0kAaE/WiCWYO4EbGQ3l
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:58:22 2025 by rpki-client