Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5A710CB6CCD611EF862A3BA2762E951A.roa
File: 5A710CB6CCD611EF862A3BA2762E951A.roa (raw, json)
Hash identifier: 5A1FPTgzOBHHj6sv0hgkySt+lqfAUwVfBPBxfTylKX0=
Subject key identifier: 7E:3A:8D:BF:A6:90:90:11:90:2B:D0:8A:D2:73:68:3D:1F:B9:E3:6C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FB09
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5A710CB6CCD611EF862A3BA2762E951A.roa
Signing time: Tue 07 Jan 2025 09:04:08 +0000
ROA not before: Tue 07 Jan 2025 09:04:04 +0000
ROA not after: Thu 24 Dec 2026 09:04:04 +0000
asID: 140595
IP address blocks: 156.249.101.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64265 (0xfb09)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 09:04:04 2025 GMT
Not After : Dec 24 09:04:04 2026 GMT
Subject: CN=677cee08-8d65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:19:fc:83:78:ff:27:55:9c:86:90:e0:3d:2b:
a0:b4:36:55:d2:68:26:6e:42:06:31:9c:0e:56:0c:
16:d3:34:d0:9f:8c:cf:64:da:fe:5d:ab:01:c0:4f:
1a:73:5a:1c:ba:73:c7:bb:64:69:5b:83:b2:43:dd:
b3:00:d2:a7:94:f6:58:0f:97:ab:e9:86:fe:b5:72:
8a:4c:45:3f:13:a3:ea:df:ce:1d:7a:7f:f6:91:60:
11:c3:92:79:1e:00:0e:44:8e:9c:83:8a:b4:c5:d0:
36:34:fc:13:13:a4:ed:d3:0a:47:f2:4d:ae:55:bd:
18:e1:b6:7e:f8:78:39:ae:8f:5b:26:0c:81:b5:a5:
b6:5e:7a:32:f2:b9:fc:bd:be:42:ce:29:e9:d6:49:
01:29:85:51:bb:5a:36:07:61:ea:15:7e:5d:52:d6:
b3:fb:5c:7e:c5:35:41:77:67:bc:49:6e:52:96:88:
db:2f:a6:e9:ae:66:9e:c6:69:7f:02:5d:6a:97:7e:
de:5e:30:b8:52:d9:4f:73:1b:df:53:20:cf:42:d1:
7c:b3:ba:8b:8c:38:78:54:db:fb:79:d6:48:be:1d:
5d:01:67:cd:e0:6c:85:4e:d4:1d:14:7d:aa:97:dc:
b8:70:77:ab:c4:32:1c:ab:5d:7f:26:98:76:01:41:
a0:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:3A:8D:BF:A6:90:90:11:90:2B:D0:8A:D2:73:68:3D:1F:B9:E3:6C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5A710CB6CCD611EF862A3BA2762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.249.101.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:64:a5:68:41:9e:53:66:97:ec:7e:a0:a6:e8:13:2e:72:0e:
c1:42:60:94:11:19:56:30:23:84:d9:c6:7b:1e:8a:29:f3:e3:
e2:c6:e3:0f:d9:62:16:e4:62:dd:a9:3b:46:df:cd:3d:2a:2f:
19:02:17:0e:c0:1b:e6:20:a5:b4:10:45:8e:3f:0e:a8:56:37:
d9:83:b3:73:5b:1b:5f:a1:42:db:56:67:17:0f:46:4e:d2:b3:
5d:80:d3:b8:71:64:a0:50:ab:cc:df:52:f8:8b:01:3c:4e:d6:
91:f2:be:54:dc:b2:35:82:bc:23:cb:ba:4b:cf:9b:14:dc:11:
d1:5a:67:25:a3:30:b1:f9:2b:cd:9e:84:88:11:17:58:37:88:
ce:86:49:7e:bb:1b:19:c7:f2:e4:5a:5e:57:36:98:ba:ad:ec:
32:54:10:68:c1:50:b5:14:ee:b0:7b:42:3b:b3:21:aa:02:c0:
fc:49:54:82:23:20:04:15:23:bb:5e:04:2c:ab:e6:f5:04:44:
a6:9f:22:7c:ab:93:a2:a0:e2:d1:79:74:b0:fc:a0:d6:ab:9f:
d4:51:da:55:9d:dc:2e:d3:b0:d6:71:d7:2b:bd:51:51:79:e7:
da:2a:d8:f2:38:c4:78:a9:6d:a9:1a:65:17:9a:5e:e2:53:18:
8e:18:8c:29
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPsJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDkwNDA0WhcNMjYxMjI0MDkwNDA0WjAYMRYw
FAYDVQQDEw02NzdjZWUwOC04ZDY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0Rn8g3j/J1WchpDgPSugtDZV0mgmbkIGMZwOVgwW0zTQn4zPZNr+XasB
wE8ac1ocunPHu2RpW4OyQ92zANKnlPZYD5er6Yb+tXKKTEU/E6Pq384den/2kWAR
w5J5HgAORI6cg4q0xdA2NPwTE6Tt0wpH8k2uVb0Y4bZ++Hg5ro9bJgyBtaW2Xnoy
8rn8vb5Czinp1kkBKYVRu1o2B2HqFX5dUtaz+1x+xTVBd2e8SW5SlojbL6bprmae
xml/Al1ql37eXjC4UtlPcxvfUyDPQtF8s7qLjDh4VNv7edZIvh1dAWfN4GyFTtQd
FH2ql9y4cHerxDIcq11/Jph2AUGgTQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFH46
jb+mkJARkCvQitJzaD0fueNsMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81QTcxMENCNkNDRDYxMUVGODYyQTNCQTI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPllMA0GCSqGSIb3DQEBCwUA
A4IBAQCKZKVoQZ5TZpfsfqCm6BMucg7BQmCUERlWMCOE2cZ7Hoop8+PixuMP2WIW
5GLdqTtG3809Ki8ZAhcOwBvmIKW0EEWOPw6oVjfZg7NzWxtfoULbVmcXD0ZO0rNd
gNO4cWSgUKvM31L4iwE8TtaR8r5U3LI1grwjy7pLz5sU3BHRWmclozCx+SvNnoSI
ERdYN4jOhkl+uxsZx/LkWl5XNpi6rewyVBBowVC1FO6we0I7syGqAsD8SVSCIyAE
FSO7XgQsq+b1BESmnyJ8q5OioOLReXSw/KDWq5/UUdpVndwu07DWcdcrvVFReefa
KtjyOMR4qW2pGmUXml7iUxiOGIwp
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:46:36 2025 by rpki-client