Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5250EAD0CAD111EF90553A48762E951A.roa
File: 5250EAD0CAD111EF90553A48762E951A.roa (raw, json)
Hash identifier: fV5gWpl1A6QZmrj0Mimzn61i65gtvsKQaJAZI0V52bs=
Subject key identifier: C7:D6:D0:D1:2C:16:D3:5E:8D:CB:9F:58:A1:BD:85:86:A3:38:26:FF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F780
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5250EAD0CAD111EF90553A48762E951A.roa
Signing time: Sat 04 Jan 2025 19:23:05 +0000
ROA not before: Sun 05 Jan 2025 19:23:01 +0000
ROA not after: Sun 09 Feb 2025 19:23:01 +0000
asID: 203020
IP address blocks: 156.237.64.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63360 (0xf780)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 5 19:23:01 2025 GMT
Not After : Feb 9 19:23:01 2025 GMT
Subject: CN=67798a99-2ed1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:0c:48:62:7a:8d:de:c9:c5:60:83:3f:f5:72:
b1:88:4e:c2:6e:f7:f6:9b:e8:bf:24:52:08:af:dd:
71:f4:18:fd:7b:02:85:e6:85:40:20:bc:b0:0a:94:
e0:7f:7d:76:10:4c:a2:c6:31:4a:ff:61:b2:41:74:
dd:8f:ee:0c:76:bd:ca:08:27:f3:17:df:07:ee:e7:
52:a6:69:a5:e0:a9:c7:41:20:c0:14:39:21:a1:f3:
5a:d5:ed:f1:5b:ab:4c:e6:e9:df:bc:6a:8f:e5:46:
1a:21:33:90:ec:d7:5f:6c:53:b2:14:6c:25:bc:ba:
3e:97:1d:61:d1:18:53:25:2f:be:d0:45:22:77:24:
9d:9e:19:a3:ec:82:6b:98:2c:d5:67:ec:97:ac:1b:
4b:71:de:2b:06:ba:2e:03:08:62:75:c5:ce:a2:e9:
12:fb:90:4d:c2:92:34:10:54:fa:a6:dc:9f:a6:c0:
87:30:7c:72:f8:d4:86:ff:9f:55:4e:ff:5c:d6:5a:
b0:ee:47:09:d0:2c:4e:48:7c:73:c5:2a:88:b0:73:
74:a7:23:30:97:77:f3:78:d5:14:ee:a0:6f:7f:d5:
0b:ec:e7:16:31:09:b5:a6:1d:bd:9a:ab:e9:0b:e6:
5e:56:17:df:7a:28:47:1a:e4:0d:ae:b1:03:2c:3c:
88:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:D6:D0:D1:2C:16:D3:5E:8D:CB:9F:58:A1:BD:85:86:A3:38:26:FF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5250EAD0CAD111EF90553A48762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.237.64.0/19
Signature Algorithm: sha256WithRSAEncryption
a8:84:03:13:fc:db:bd:15:a7:e8:b4:ce:65:ae:7a:24:63:f8:
3c:b1:de:b9:e5:7a:f6:4a:4f:b4:f5:a2:81:a1:66:29:e2:2d:
e1:41:dd:be:ab:f1:d0:e3:d7:d0:a6:82:55:05:34:39:32:5c:
cf:42:12:d6:ac:6b:27:c7:e5:56:8c:79:69:e0:a2:36:80:9d:
2d:28:73:82:75:06:92:9e:ed:d3:16:c3:6a:ef:2a:92:f6:2f:
76:5a:98:c6:de:2b:8d:39:7c:99:4a:8b:99:58:84:ec:45:88:
18:a8:0e:65:46:de:2f:8a:35:f7:e6:db:2c:ed:fc:8d:8b:3c:
94:45:c0:81:88:bd:0b:e6:2a:47:27:d1:32:65:df:d5:71:2d:
15:79:7b:a5:4b:74:1e:29:cf:9f:41:39:2a:0f:fa:a5:19:35:
de:65:7e:44:cf:2d:c6:6b:cc:cc:29:aa:3d:f8:ab:50:84:f4:
b7:fe:98:0a:7c:6f:01:e5:98:83:55:e1:2c:c3:6a:04:87:94:
86:0a:7c:2b:04:78:72:12:ce:e9:39:d6:d0:d6:af:70:ad:10:
bc:fb:55:b0:ae:b9:ee:1f:9a:26:22:a1:d7:69:37:f6:d3:5d:
40:6d:3a:cd:cc:43:ad:16:ca:88:14:fc:7d:13:c1:4f:ea:25:
97:6a:2b:29
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPeAMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA1MTkyMzAxWhcNMjUwMjA5MTkyMzAxWjAYMRYw
FAYDVQQDEw02Nzc5OGE5OS0yZWQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4QxIYnqN3snFYIM/9XKxiE7Cbvf2m+i/JFIIr91x9Bj9ewKF5oVAILyw
CpTgf312EEyixjFK/2GyQXTdj+4Mdr3KCCfzF98H7udSpmml4KnHQSDAFDkhofNa
1e3xW6tM5unfvGqP5UYaITOQ7NdfbFOyFGwlvLo+lx1h0RhTJS++0EUidySdnhmj
7IJrmCzVZ+yXrBtLcd4rBrouAwhidcXOoukS+5BNwpI0EFT6ptyfpsCHMHxy+NSG
/59VTv9c1lqw7kcJ0CxOSHxzxSqIsHN0pyMwl3fzeNUU7qBvf9UL7OcWMQm1ph29
mqvpC+ZeVhffeihHGuQNrrEDLDyIXQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMfW
0NEsFtNejcufWKG9hYajOCb/MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81MjUwRUFEMENBRDExMUVGOTA1NTNBNDg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFnO1AMA0GCSqGSIb3DQEBCwUA
A4IBAQCohAMT/Nu9FafotM5lrnokY/g8sd655Xr2Sk+09aKBoWYp4i3hQd2+q/HQ
49fQpoJVBTQ5MlzPQhLWrGsnx+VWjHlp4KI2gJ0tKHOCdQaSnu3TFsNq7yqS9i92
WpjG3iuNOXyZSouZWITsRYgYqA5lRt4vijX35tss7fyNizyURcCBiL0L5ipHJ9Ey
Zd/VcS0VeXulS3QeKc+fQTkqD/qlGTXeZX5Ezy3Ga8zMKao9+KtQhPS3/pgKfG8B
5ZiDVeEsw2oEh5SGCnwrBHhyEs7pOdbQ1q9wrRC8+1WwrrnuH5omIqHXaTf2011A
bTrNzEOtFsqIFPx9E8FP6iWXaisp
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:50:51 2025 by rpki-client