Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/51961F66AB3711EF9601DBB5762E951A.roa
File: 51961F66AB3711EF9601DBB5762E951A.roa (raw, json)
Hash identifier: nEGYIQfNNPDar5xrhAzlfC+POHKTviVytCb6OGajq2U=
Subject key identifier: 75:BA:EF:28:C0:4D:69:52:5F:C6:9B:0D:C3:DF:FF:3F:9C:32:7B:CB
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: DA8C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/51961F66AB3711EF9601DBB5762E951A.roa
Signing time: Mon 25 Nov 2024 14:12:35 +0000
ROA not before: Mon 25 Nov 2024 14:12:31 +0000
ROA not after: Tue 13 Jan 2026 14:12:31 +0000
asID: 18004
IP address blocks: 156.225.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 55948 (0xda8c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Nov 25 14:12:31 2024 GMT
Not After : Jan 13 14:12:31 2026 GMT
Subject: CN=674485d3-4e3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:d2:55:28:2e:01:ba:ae:26:22:a4:6d:42:cb:
11:34:84:57:d1:e8:13:7f:e1:c2:46:9c:27:b9:1d:
0f:00:b4:5f:23:89:ba:93:94:ca:b6:a5:c8:d4:20:
d9:a2:8f:86:dc:6c:7a:d6:29:ca:2b:3d:62:a3:14:
28:9b:15:14:9e:42:74:c0:d4:e0:48:de:b6:19:24:
7d:d2:44:5f:70:69:10:f0:53:52:de:6b:e6:6f:37:
8f:9c:79:a5:96:7e:4d:b5:bd:a5:c0:a1:ea:23:73:
7a:ab:3e:38:c8:fc:30:54:1b:b3:5a:74:69:ce:7b:
df:0e:a9:59:d2:5e:91:00:55:fb:4e:82:60:cb:a9:
4f:04:68:26:d6:63:fe:ef:54:42:fd:33:d5:6d:c1:
b5:76:aa:9b:17:b9:1e:f9:ae:c1:37:5e:76:9d:27:
fe:1b:84:a2:e1:9f:95:ee:f1:29:bd:61:34:fd:0f:
42:0f:a9:c2:78:ea:5e:9f:ba:88:c5:9f:58:c8:f7:
2c:e4:c9:b3:dc:db:39:a0:b5:3d:7a:21:f9:ca:9d:
74:72:d9:3c:f6:ee:03:03:ee:97:0a:18:ee:20:c3:
6d:77:4d:34:ff:0b:e5:b6:72:76:34:01:20:0f:e8:
06:4d:4b:67:13:cc:93:3a:9f:79:74:4e:0c:32:94:
4f:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:BA:EF:28:C0:4D:69:52:5F:C6:9B:0D:C3:DF:FF:3F:9C:32:7B:CB
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/51961F66AB3711EF9601DBB5762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.99.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:eb:47:3c:4a:f9:b0:5e:05:f4:6e:ee:26:b4:6f:a0:66:de:
0f:06:8a:65:80:78:f9:24:39:9d:b2:bf:40:d3:2e:63:54:56:
67:4e:4e:2a:50:f5:45:af:52:09:eb:16:b4:21:cd:88:d2:27:
f8:7c:51:a9:84:d8:5a:4e:9f:29:4b:36:96:42:4b:09:98:8b:
e9:43:ec:8f:57:97:87:e3:9b:eb:19:13:5e:dc:9e:fd:90:97:
a0:7c:78:a2:f3:1f:a8:54:22:c4:2a:c6:fd:d9:8e:f5:0b:8c:
db:1e:b0:40:54:02:ce:aa:e3:2f:2b:f2:d9:45:3e:c2:5e:26:
4d:e0:13:64:14:70:c0:5d:ca:e4:97:6e:9a:5a:68:27:63:57:
05:4b:0f:22:d5:61:d5:dd:85:a8:49:e5:7a:6c:07:9b:62:48:
9e:7e:47:57:12:0f:68:ab:8f:2f:fa:95:1f:34:d1:b1:6c:7c:
41:f9:95:34:0f:a8:be:cc:9d:8d:ee:d0:55:64:18:7b:b0:0f:
a8:34:86:33:6e:d8:46:ee:84:3b:dd:98:57:a2:9e:f1:60:d1:
6e:f5:e7:ed:ee:38:b1:43:80:c4:8b:29:7c:db:3c:1e:0f:83:
ae:c2:e6:69:55:12:30:f6:22:1b:78:2d:97:af:55:72:43:d3:
0a:79:62:81
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANqMMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTI1MTQxMjMxWhcNMjYwMTEzMTQxMjMxWjAYMRYw
FAYDVQQDEw02NzQ0ODVkMy00ZTNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAttJVKC4Buq4mIqRtQssRNIRX0egTf+HCRpwnuR0PALRfI4m6k5TKtqXI
1CDZoo+G3Gx61inKKz1ioxQomxUUnkJ0wNTgSN62GSR90kRfcGkQ8FNS3mvmbzeP
nHmlln5Ntb2lwKHqI3N6qz44yPwwVBuzWnRpznvfDqlZ0l6RAFX7ToJgy6lPBGgm
1mP+71RC/TPVbcG1dqqbF7ke+a7BN152nSf+G4Si4Z+V7vEpvWE0/Q9CD6nCeOpe
n7qIxZ9YyPcs5Mmz3Ns5oLU9eiH5yp10ctk89u4DA+6XChjuIMNtd000/wvltnJ2
NAEgD+gGTUtnE8yTOp95dE4MMpRPjQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHW6
7yjATWlSX8abDcPf/z+cMnvLMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81MTk2MUY2NkFCMzcxMUVGOTYwMURCQjU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOFjMA0GCSqGSIb3DQEBCwUA
A4IBAQCl60c8SvmwXgX0bu4mtG+gZt4PBoplgHj5JDmdsr9A0y5jVFZnTk4qUPVF
r1IJ6xa0Ic2I0if4fFGphNhaTp8pSzaWQksJmIvpQ+yPV5eH45vrGRNe3J79kJeg
fHii8x+oVCLEKsb92Y71C4zbHrBAVALOquMvK/LZRT7CXiZN4BNkFHDAXcrkl26a
WmgnY1cFSw8i1WHV3YWoSeV6bAebYkiefkdXEg9oq48v+pUfNNGxbHxB+ZU0D6i+
zJ2N7tBVZBh7sA+oNIYzbthG7oQ73ZhXop7xYNFu9eft7jixQ4DEiyl82zweD4Ou
wuZpVRIw9iIbeC2Xr1VyQ9MKeWKB
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:44:46 2025 by rpki-client