Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/542C43F2C34411EFB839DE51762E951A.roa
File: 542C43F2C34411EFB839DE51762E951A.roa (raw, json)
Hash identifier: yMw9zw+VTGQSU+U2V3vKDNDRaKQ5x1dawdIoDSGD17c=
Subject key identifier: 73:82:2E:BB:64:24:2B:40:08:81:AB:E7:02:8D:BC:50:5E:C8:7B:F4
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EBF1
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/542C43F2C34411EFB839DE51762E951A.roa
Signing time: Thu 26 Dec 2024 04:46:11 +0000
ROA not before: Thu 26 Dec 2024 04:46:07 +0000
ROA not after: Wed 10 Dec 2025 04:46:07 +0000
asID: 984
IP address blocks: 156.244.244.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60401 (0xebf1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 04:46:07 2024 GMT
Not After : Dec 10 04:46:07 2025 GMT
Subject: CN=676cdf93-61f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:68:04:14:d1:5b:31:35:5e:82:8d:5a:45:b1:
48:d3:de:ef:5f:c9:c7:29:51:a5:3a:86:ea:52:de:
85:2c:b4:56:0b:65:b9:85:59:36:c5:49:99:bd:d0:
bb:ee:19:3e:68:22:a8:93:80:13:31:3a:3f:67:eb:
a1:b5:f6:8c:3c:7f:ad:af:52:40:60:a5:9d:f4:ce:
9b:5a:0a:11:a6:0a:3c:9d:a1:d9:19:7c:1e:82:76:
5d:99:e4:d5:84:ef:84:52:1e:fe:9a:6d:26:24:99:
3a:3f:30:86:cd:2d:a2:dd:eb:a3:de:32:b3:79:2d:
9a:69:2e:46:11:ca:fd:78:7f:b6:9b:8a:72:bf:1b:
4c:c3:f1:69:68:fd:6d:42:71:2c:0f:6a:ff:41:a5:
c5:12:48:fa:6e:86:64:e8:3a:db:87:1b:d1:75:ac:
12:df:1f:84:6a:8d:98:8c:6c:e0:a0:ba:f7:6d:cf:
37:5e:34:f9:97:32:ee:5d:b2:84:a0:ea:b9:c6:a5:
f7:f0:b6:15:21:77:0d:78:fa:13:cd:f2:f3:8b:34:
b8:fd:8b:4f:18:2f:cb:05:4a:db:6b:ac:6e:c1:b8:
99:92:f0:38:46:8b:eb:24:ab:2a:11:6d:4d:ad:7b:
1f:39:06:88:1f:c8:46:1e:e9:ac:ee:72:64:a5:9d:
24:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:82:2E:BB:64:24:2B:40:08:81:AB:E7:02:8D:BC:50:5E:C8:7B:F4
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/542C43F2C34411EFB839DE51762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.244.244.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:c6:e0:a0:c5:93:46:70:e1:08:80:bb:9a:b2:6f:41:65:f3:
8b:24:5d:55:5d:c4:e5:96:4e:df:9f:36:9e:66:7d:69:dd:a7:
36:1e:41:58:71:25:41:ea:ed:d6:19:a6:07:68:e9:c1:45:a8:
38:a6:df:93:59:04:40:fc:30:49:82:be:71:bd:d7:be:ee:94:
34:19:d3:70:a2:ae:f5:32:f3:e3:71:ea:3e:04:d1:66:4b:37:
76:77:ad:de:eb:18:b6:15:97:b9:81:bc:96:0b:ff:a2:98:c8:
e3:0b:aa:36:fd:ee:f8:f4:5e:01:8e:d3:25:ee:77:a9:c3:e3:
97:7c:17:1a:63:72:e9:5c:2b:0b:bb:4d:98:20:6b:65:b1:69:
55:7e:f2:24:f7:b8:d1:5d:91:ce:a9:1b:61:3a:bf:23:f1:b0:
ea:d7:be:c9:57:ae:9b:5d:09:39:01:42:c7:b4:0a:85:55:86:
34:6c:25:9b:aa:ac:e5:5f:ea:a7:47:bb:2e:80:1c:3f:1a:c9:
f5:f5:4f:1d:0e:75:d5:63:73:ae:4a:f7:e5:5e:cf:14:91:ca:
d7:c8:fa:16:dc:fb:13:91:38:7a:e4:25:44:e3:5d:b7:f8:f9:
eb:ca:22:45:20:0a:a5:9a:9a:eb:a9:9c:39:34:0b:e1:56:a4:
bd:62:33:b7
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOvxMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDQ0NjA3WhcNMjUxMjEwMDQ0NjA3WjAYMRYw
FAYDVQQDEw02NzZjZGY5My02MWYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAy2gEFNFbMTVego1aRbFI097vX8nHKVGlOobqUt6FLLRWC2W5hVk2xUmZ
vdC77hk+aCKok4ATMTo/Z+uhtfaMPH+tr1JAYKWd9M6bWgoRpgo8naHZGXwegnZd
meTVhO+EUh7+mm0mJJk6PzCGzS2i3euj3jKzeS2aaS5GEcr9eH+2m4pyvxtMw/Fp
aP1tQnEsD2r/QaXFEkj6boZk6DrbhxvRdawS3x+Eao2YjGzgoLr3bc83XjT5lzLu
XbKEoOq5xqX38LYVIXcNePoTzfLzizS4/YtPGC/LBUrba6xuwbiZkvA4RovrJKsq
EW1NrXsfOQaIH8hGHums7nJkpZ0kHQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHOC
LrtkJCtACIGr5wKNvFBeyHv0MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81NDJDNDNGMkMzNDQxMUVGQjgzOURFNTE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPT0MA0GCSqGSIb3DQEBCwUA
A4IBAQBexuCgxZNGcOEIgLuasm9BZfOLJF1VXcTllk7fnzaeZn1p3ac2HkFYcSVB
6u3WGaYHaOnBRag4pt+TWQRA/DBJgr5xvde+7pQ0GdNwoq71MvPjceo+BNFmSzd2
d63e6xi2FZe5gbyWC/+imMjjC6o2/e749F4BjtMl7nepw+OXfBcaY3LpXCsLu02Y
IGtlsWlVfvIk97jRXZHOqRthOr8j8bDq177JV66bXQk5AULHtAqFVYY0bCWbqqzl
X+qnR7sugBw/Gsn19U8dDnXVY3OuSvflXs8UkcrXyPoW3PsTkTh65CVE4123+Pnr
yiJFIAqlmprrqZw5NAvhVqS9YjO3
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:47:42 2025 by rpki-client