Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/598EFAB4C34511EF8BE72D58762E951A.roa
File: 598EFAB4C34511EF8BE72D58762E951A.roa (raw, json)
Hash identifier: tjCA6cFllFEss+rZtM1A28sDVp9TvYv0+Fn/33Rw/Pg=
Subject key identifier: D2:47:F0:60:01:0A:C9:84:FC:62:A6:2E:4E:9C:B0:D5:7A:81:2D:A0
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EBFD
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/598EFAB4C34511EF8BE72D58762E951A.roa
Signing time: Thu 26 Dec 2024 04:53:30 +0000
ROA not before: Thu 26 Dec 2024 04:53:26 +0000
ROA not after: Fri 10 Dec 2027 04:53:26 +0000
asID: 17561
IP address blocks: 156.244.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60413 (0xebfd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 04:53:26 2024 GMT
Not After : Dec 10 04:53:26 2027 GMT
Subject: CN=676ce149-6e41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:54:ce:f8:70:d6:17:d1:8b:37:54:df:c8:31:
39:1f:2a:44:09:a9:72:a9:3c:42:bd:c9:5f:15:82:
34:ff:d1:f0:80:cd:01:94:a9:86:ac:72:e8:1f:45:
8d:d5:59:d7:2b:11:f6:bb:92:c2:2c:6e:10:e1:14:
7a:4d:9f:98:8c:3e:aa:dc:11:c5:13:eb:fa:73:93:
2a:5a:82:4f:57:b6:ea:26:b9:ad:b2:60:e8:04:3c:
af:d2:5c:f0:3d:73:ff:bb:94:05:f3:cb:82:16:8b:
d4:69:c5:c8:30:d4:7d:3c:9c:b0:c3:f1:85:bc:88:
0f:5d:2f:77:73:76:22:f2:4c:db:84:f7:03:e6:8e:
d7:e6:fd:65:75:ca:73:56:f4:c1:73:dd:9a:7f:9b:
2d:f1:43:26:00:f4:fe:a1:6e:35:cf:c3:fd:f2:b1:
0c:e4:76:0e:38:46:c8:43:c0:b7:2c:e4:f7:b3:df:
bb:a3:72:dc:34:f4:84:1b:ad:80:77:2b:46:a6:49:
db:2b:22:34:e9:fd:5e:cd:1e:49:db:fc:eb:58:79:
ab:59:48:da:69:76:93:6c:41:79:8a:04:45:f1:47:
43:0f:87:b4:d5:b6:65:e0:a3:55:78:63:c2:47:f9:
95:c4:70:29:dd:9d:65:86:fd:36:57:dd:47:db:9c:
6d:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:47:F0:60:01:0A:C9:84:FC:62:A6:2E:4E:9C:B0:D5:7A:81:2D:A0
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/598EFAB4C34511EF8BE72D58762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.244.250.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:11:3c:72:1f:69:61:35:04:51:78:64:c8:79:05:9a:9f:dc:
40:4b:da:a1:33:3c:8d:cd:36:76:1d:74:0d:52:71:04:a4:d3:
97:c9:98:8e:c7:fe:11:e0:4c:95:e2:bd:37:d2:a7:2b:f2:a7:
73:32:32:ba:83:a2:a5:a5:0d:1d:57:b4:b8:1d:e1:48:87:4e:
68:8e:8d:46:9b:b9:76:0d:0f:f1:be:51:f1:54:7a:05:0e:51:
4b:da:6c:57:b2:8a:e0:f2:1d:d7:9e:0e:64:27:0a:5b:2d:f3:
32:b5:7b:6a:67:cf:9c:25:14:66:92:cf:21:8c:b8:c0:0f:ec:
87:a7:48:cf:59:b1:86:50:2c:d6:8e:da:c7:29:85:52:5b:a0:
51:09:2d:0a:74:b9:14:6d:94:38:5a:30:1d:fc:28:9c:78:15:
d5:89:cc:e4:b3:df:e0:6e:98:61:db:bb:b1:f0:e0:09:0a:db:
eb:6a:82:9f:6b:62:86:58:22:7f:23:13:e8:e2:46:18:21:6c:
49:ef:2b:b7:81:9a:5b:0c:39:e4:1a:44:2e:d7:d0:38:ff:91:
d2:1f:f0:de:32:0e:05:dc:9c:94:88:8d:f6:f4:c1:3a:52:6a:
ea:48:18:ee:19:ec:26:f0:2f:63:f5:54:70:99:5e:14:b4:9f:
a8:73:5c:cb
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOv9MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDQ1MzI2WhcNMjcxMjEwMDQ1MzI2WjAYMRYw
FAYDVQQDEw02NzZjZTE0OS02ZTQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxFTO+HDWF9GLN1TfyDE5HypECalyqTxCvclfFYI0/9HwgM0BlKmGrHLo
H0WN1VnXKxH2u5LCLG4Q4RR6TZ+YjD6q3BHFE+v6c5MqWoJPV7bqJrmtsmDoBDyv
0lzwPXP/u5QF88uCFovUacXIMNR9PJyww/GFvIgPXS93c3Yi8kzbhPcD5o7X5v1l
dcpzVvTBc92af5st8UMmAPT+oW41z8P98rEM5HYOOEbIQ8C3LOT3s9+7o3LcNPSE
G62AdytGpknbKyI06f1ezR5J2/zrWHmrWUjaaXaTbEF5igRF8UdDD4e01bZl4KNV
eGPCR/mVxHAp3Z1lhv02V91H25xtYwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNJH
8GABCsmE/GKmLk6csNV6gS2gMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81OThFRkFCNEMzNDUxMUVGOEJFNzJENTg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPT6MA0GCSqGSIb3DQEBCwUA
A4IBAQC3ETxyH2lhNQRReGTIeQWan9xAS9qhMzyNzTZ2HXQNUnEEpNOXyZiOx/4R
4EyV4r030qcr8qdzMjK6g6KlpQ0dV7S4HeFIh05ojo1Gm7l2DQ/xvlHxVHoFDlFL
2mxXsorg8h3Xng5kJwpbLfMytXtqZ8+cJRRmks8hjLjAD+yHp0jPWbGGUCzWjtrH
KYVSW6BRCS0KdLkUbZQ4WjAd/CiceBXViczks9/gbphh27ux8OAJCtvraoKfa2KG
WCJ/IxPo4kYYIWxJ7yu3gZpbDDnkGkQu19A4/5HSH/DeMg4F3JyUiI329ME6Umrq
SBjuGewm8C9j9VRwmV4UtJ+oc1zL
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:41:09 2025 by rpki-client