Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/57E001F2CE4B11EF82105F78762E951A.roa
File: 57E001F2CE4B11EF82105F78762E951A.roa (raw, json)
Hash identifier: VgMh2bQ3ZWNFa9qbBdIbWWuRi6Sq4JWFwBnvuv88rmU=
Subject key identifier: 9A:6F:F3:92:F2:32:FD:F8:89:A0:31:A5:9E:28:F7:68:9A:D3:D7:DD
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0102BD
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/57E001F2CE4B11EF82105F78762E951A.roa
Signing time: Thu 09 Jan 2025 05:34:06 +0000
ROA not before: Thu 09 Jan 2025 05:34:03 +0000
ROA not after: Fri 09 Jan 2026 05:34:03 +0000
asID: 17561
IP address blocks: 156.238.50.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66237 (0x102bd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 9 05:34:03 2025 GMT
Not After : Jan 9 05:34:03 2026 GMT
Subject: CN=677f5fce-1dc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:53:89:ad:3e:36:31:ec:29:24:ae:3d:35:ac:
b5:a7:e8:bc:90:ae:92:3e:9a:e8:b6:b2:c3:3f:11:
fd:92:bf:05:b2:ec:14:d1:e8:48:d7:61:47:eb:c5:
6a:b4:c5:c4:fd:f2:64:24:03:9a:e4:07:ae:24:e8:
e1:46:02:45:b0:e0:11:83:46:a7:89:48:87:bb:20:
15:d7:b0:02:f5:48:9a:f3:45:71:38:72:c8:5c:55:
60:8d:70:67:41:9b:e1:e0:1f:7b:c1:b7:b3:a1:ab:
04:10:43:9a:1c:cd:5a:b5:da:71:6f:5f:16:7f:ab:
ae:15:fa:2f:6f:be:e5:32:93:cd:05:e4:c8:b2:0d:
c2:7b:2f:43:c7:11:28:cd:aa:96:b8:54:f4:1e:e8:
5c:0c:15:94:a5:95:e8:41:17:7c:bb:c7:0b:50:80:
a7:cf:24:18:21:f4:d7:8b:98:cb:38:b5:c1:52:6f:
b4:79:36:97:0b:aa:9e:f8:b4:96:ae:bd:1c:23:80:
e7:28:14:36:05:35:b8:df:02:1c:67:0f:5d:f6:8a:
fa:60:30:df:7d:07:03:e0:47:15:21:d8:3c:1d:ba:
d4:92:eb:4c:d9:cc:98:ae:ca:ab:0d:f5:2f:a2:97:
4a:dd:67:2c:2d:d7:27:6e:12:8f:63:13:97:4d:37:
1d:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:6F:F3:92:F2:32:FD:F8:89:A0:31:A5:9E:28:F7:68:9A:D3:D7:DD
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/57E001F2CE4B11EF82105F78762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.50.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:15:6d:65:c6:74:60:b4:0d:b2:88:ba:e6:a1:b1:75:f5:e4:
b1:65:da:0c:14:84:57:ef:26:2a:0d:47:60:6f:ab:8c:92:15:
c0:b0:1f:f1:01:65:65:4e:68:45:a8:92:ab:66:2a:78:9a:02:
8d:cb:9d:1f:e7:77:d1:72:db:a4:b5:f1:7d:f6:a1:02:99:a8:
02:b9:db:e9:72:28:0a:97:f5:67:22:aa:b5:59:70:3c:3f:f0:
c3:94:85:9b:c3:00:a5:17:18:d9:c2:15:63:61:c3:f4:da:97:
7a:04:8b:ed:11:08:66:6c:95:04:2d:48:0c:9d:75:ac:2b:53:
f3:6d:08:d1:44:82:92:bb:99:c8:e0:ba:78:c3:74:52:70:ad:
98:62:4b:fe:c9:17:ce:70:bb:77:91:65:2a:ef:ec:19:54:d4:
1f:88:49:8c:fb:ae:a1:41:a6:d9:b0:23:bf:74:e3:f3:7f:39:
19:75:98:e5:48:c2:1a:98:c0:b3:19:e9:53:64:84:4d:b0:67:
b1:88:a4:f1:69:d4:ee:5c:00:c0:db:62:5e:be:13:15:5a:1d:
fc:b2:d6:12:ba:1d:cd:0d:e3:76:e9:e2:05:18:ea:88:7e:c8:
4f:23:66:2f:d1:e3:ac:1e:62:05:88:0a:13:36:b0:9c:b1:fc:
81:5c:3e:9a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQK9MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA5MDUzNDAzWhcNMjYwMTA5MDUzNDAzWjAYMRYw
FAYDVQQDEw02NzdmNWZjZS0xZGMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAt1OJrT42MewpJK49Nay1p+i8kK6SPprotrLDPxH9kr8FsuwU0ehI12FH
68VqtMXE/fJkJAOa5AeuJOjhRgJFsOARg0aniUiHuyAV17AC9Uia80VxOHLIXFVg
jXBnQZvh4B97wbezoasEEEOaHM1atdpxb18Wf6uuFfovb77lMpPNBeTIsg3Cey9D
xxEozaqWuFT0HuhcDBWUpZXoQRd8u8cLUICnzyQYIfTXi5jLOLXBUm+0eTaXC6qe
+LSWrr0cI4DnKBQ2BTW43wIcZw9d9or6YDDffQcD4EcVIdg8HbrUkutM2cyYrsqr
DfUvopdK3WcsLdcnbhKPYxOXTTcdNQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJpv
85LyMv34iaAxpZ4o92ia09fdMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81N0UwMDFGMkNFNEIxMUVGODIxMDVGNzg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO4yMA0GCSqGSIb3DQEBCwUA
A4IBAQBLFW1lxnRgtA2yiLrmobF19eSxZdoMFIRX7yYqDUdgb6uMkhXAsB/xAWVl
TmhFqJKrZip4mgKNy50f53fRctuktfF99qECmagCudvpcigKl/VnIqq1WXA8P/DD
lIWbwwClFxjZwhVjYcP02pd6BIvtEQhmbJUELUgMnXWsK1PzbQjRRIKSu5nI4Lp4
w3RScK2YYkv+yRfOcLt3kWUq7+wZVNQfiEmM+66hQabZsCO/dOPzfzkZdZjlSMIa
mMCzGelTZIRNsGexiKTxadTuXADA22JevhMVWh38stYSuh3NDeN26eIFGOqIfshP
I2Yv0eOsHmIFiAoTNrCcsfyBXD6a
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:41:14 2025 by rpki-client