Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/50C4353AC32611EFABE7947F762E951A.roa
File: 50C4353AC32611EFABE7947F762E951A.roa (raw, json)
Hash identifier: 6SC3t2+8JVd4wOTWDhW/5ZmuSFWWvVjiF6Qw6eZ9yf8=
Subject key identifier: F6:E5:9D:BE:E9:84:6A:40:81:5F:8D:61:AE:7B:D1:5E:99:B8:E6:1C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EA8D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/50C4353AC32611EFABE7947F762E951A.roa
Signing time: Thu 26 Dec 2024 01:11:20 +0000
ROA not before: Thu 26 Dec 2024 01:11:17 +0000
ROA not after: Wed 10 Dec 2025 01:11:17 +0000
asID: 984
IP address blocks: 156.243.133.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60045 (0xea8d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 01:11:17 2024 GMT
Not After : Dec 10 01:11:17 2025 GMT
Subject: CN=676cad38-7284
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:03:78:c9:e4:cf:a2:9a:38:65:c6:87:e0:2c:
2b:9d:fb:72:aa:15:91:e5:fa:61:cb:57:ad:43:a1:
68:b1:2d:ba:70:29:49:09:34:d5:d9:23:35:9f:0c:
2a:86:cc:53:18:a9:fe:29:40:5c:8f:69:32:d3:0e:
74:d1:78:bf:36:b8:cb:59:20:fd:76:1a:34:d4:84:
96:cc:f7:bb:b4:f7:de:93:28:56:37:80:62:06:ab:
8d:3c:ad:cb:37:12:0a:77:ea:3b:14:65:60:4c:ce:
e9:e3:8e:31:3f:40:7e:eb:29:4c:0c:ca:58:b9:3b:
74:21:e0:f6:41:7d:67:12:fc:f3:6d:3d:15:53:a1:
3f:7d:4f:06:35:f5:46:0c:07:52:9b:96:1e:79:b2:
86:85:ba:9e:88:22:2f:5f:a1:55:75:05:eb:7d:a1:
86:ac:3d:c3:e5:11:70:df:9f:0e:3f:a2:d7:35:9e:
8e:2e:d7:de:f6:8c:19:43:60:62:a1:0c:ed:34:37:
de:2f:6d:40:f7:ba:d8:bb:6f:8b:ea:14:e6:31:78:
27:cb:95:40:00:86:d2:a2:db:51:e0:60:be:d1:e4:
17:9b:75:dd:a3:20:e6:b6:6b:29:a9:73:3a:eb:b1:
11:1a:bd:8c:92:aa:ce:e9:ce:f0:b6:d1:06:42:9d:
5f:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:E5:9D:BE:E9:84:6A:40:81:5F:8D:61:AE:7B:D1:5E:99:B8:E6:1C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/50C4353AC32611EFABE7947F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.133.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:c3:a6:28:af:d5:b0:98:58:e8:81:01:5c:98:bd:a7:9b:72:
85:d8:c9:ba:db:82:d9:87:09:7f:c9:c9:30:0a:8f:ab:ab:3d:
3f:f8:55:bd:9a:b9:05:43:55:58:b1:4f:40:de:40:ae:51:94:
07:6d:0d:39:8f:11:69:7f:04:5b:ab:c4:9c:bd:59:91:89:5d:
3e:7d:27:92:de:05:be:7a:4d:f3:49:85:c4:ae:e9:c7:01:4c:
e7:04:86:2e:50:f8:a3:8d:d8:b3:f3:60:95:6c:5f:dc:68:b9:
f2:6d:c1:5d:17:54:2f:1e:0a:1a:17:be:fa:f4:65:a2:4b:d9:
f8:64:85:6c:92:f1:ab:62:12:a3:33:6a:73:21:0f:64:52:43:
34:a0:e9:da:e7:2c:30:94:58:a0:41:d8:32:ca:89:df:cb:69:
b1:27:ac:1c:e1:56:5b:bc:2b:40:a8:c7:d7:77:e5:4b:39:23:
f2:8c:46:17:c5:8f:a1:fb:22:30:c1:06:17:2b:93:c5:52:85:
e3:7b:15:5d:a9:5e:52:20:d2:90:eb:32:51:75:86:f7:e2:ac:
c9:ef:8d:ca:75:bc:b6:dd:e6:f7:d9:a6:9b:85:29:23:bc:d5:
8c:94:1c:9a:f2:57:9b:8e:23:a6:4c:ce:9b:b0:e8:32:fd:77:
f1:14:be:a8
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOqNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDExMTE3WhcNMjUxMjEwMDExMTE3WjAYMRYw
FAYDVQQDEw02NzZjYWQzOC03Mjg0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwgN4yeTPopo4ZcaH4CwrnftyqhWR5fphy1etQ6FosS26cClJCTTV2SM1
nwwqhsxTGKn+KUBcj2ky0w500Xi/NrjLWSD9dho01ISWzPe7tPfekyhWN4BiBquN
PK3LNxIKd+o7FGVgTM7p444xP0B+6ylMDMpYuTt0IeD2QX1nEvzzbT0VU6E/fU8G
NfVGDAdSm5YeebKGhbqeiCIvX6FVdQXrfaGGrD3D5RFw358OP6LXNZ6OLtfe9owZ
Q2BioQztNDfeL21A97rYu2+L6hTmMXgny5VAAIbSottR4GC+0eQXm3XdoyDmtmsp
qXM667ERGr2MkqrO6c7wttEGQp1fZwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPbl
nb7phGpAgV+NYa570V6ZuOYcMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81MEM0MzUzQUMzMjYxMUVGQUJFNzk0N0Y3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPOFMA0GCSqGSIb3DQEBCwUA
A4IBAQC6w6Yor9WwmFjogQFcmL2nm3KF2Mm624LZhwl/yckwCo+rqz0/+FW9mrkF
Q1VYsU9A3kCuUZQHbQ05jxFpfwRbq8ScvVmRiV0+fSeS3gW+ek3zSYXErunHAUzn
BIYuUPijjdiz82CVbF/caLnybcFdF1QvHgoaF7769GWiS9n4ZIVskvGrYhKjM2pz
IQ9kUkM0oOna5ywwlFigQdgyyonfy2mxJ6wc4VZbvCtAqMfXd+VLOSPyjEYXxY+h
+yIwwQYXK5PFUoXjexVdqV5SINKQ6zJRdYb34qzJ743Kdby23eb32aabhSkjvNWM
lBya8lebjiOmTM6bsOgy/XfxFL6o
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:49:25 2025 by rpki-client