Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6254A684BB7B11EF9CA33CAB762E951A.roa
File: 6254A684BB7B11EF9CA33CAB762E951A.roa (raw, json)
Hash identifier: AKx/dO24lcwYrl1/ONwbHqyozNu4l6eFDiW/1zWJpqk=
Subject key identifier: CE:CE:2F:C1:1B:3C:64:FF:44:B5:A1:63:5C:B7:BD:4B:41:D9:E6:14
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E422
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6254A684BB7B11EF9CA33CAB762E951A.roa
Signing time: Mon 16 Dec 2024 07:00:08 +0000
ROA not before: Mon 16 Dec 2024 07:00:04 +0000
ROA not after: Tue 04 Mar 2025 07:00:04 +0000
asID: 142403
IP address blocks: 156.236.72.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58402 (0xe422)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 16 07:00:04 2024 GMT
Not After : Mar 4 07:00:04 2025 GMT
Subject: CN=675fcff8-68b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:e3:06:40:32:92:ac:1e:86:fc:42:a9:85:73:
6b:4a:6b:04:f8:38:54:46:7a:a6:78:be:aa:c4:57:
92:90:90:97:fe:30:db:07:55:49:67:bb:41:c5:4d:
ea:d8:30:fd:2f:65:9f:9e:18:df:12:e8:f8:a6:5e:
a9:b8:b9:30:29:a6:25:2c:ce:85:a5:03:6f:04:4b:
5a:1e:d8:fc:c2:6c:d5:f4:d7:1f:4f:65:b2:a8:e5:
6b:d6:0e:f4:7a:90:93:e3:f5:ab:cc:61:13:09:1e:
db:93:ec:51:6a:d1:66:90:55:77:df:6c:33:5f:ed:
0b:9b:e4:c0:f7:6d:47:d9:64:11:5a:20:e1:90:ef:
7b:0b:07:85:85:3b:04:8b:01:eb:d3:6c:23:2c:4e:
8f:55:60:a9:75:8b:0c:d7:e0:93:aa:e8:65:da:11:
9c:c0:72:25:95:67:54:e5:4f:ec:86:3b:d8:97:f2:
45:14:93:a7:fa:33:42:d8:fe:f9:96:6a:72:d2:8a:
ac:04:03:e0:b0:e6:b9:3b:ed:e8:b8:45:a6:e4:9e:
67:9f:97:94:b5:11:34:9b:79:df:03:84:56:ba:5a:
8f:80:a0:13:4a:6a:63:00:e6:26:0a:ff:4d:d6:5a:
58:59:a5:3b:b9:f6:fc:31:a0:1a:7f:45:ba:6b:0e:
f5:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:CE:2F:C1:1B:3C:64:FF:44:B5:A1:63:5C:B7:BD:4B:41:D9:E6:14
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6254A684BB7B11EF9CA33CAB762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.236.72.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:a1:40:9f:4c:88:b8:4f:85:61:ad:f7:ee:5e:76:aa:9c:2a:
2d:c8:76:0f:ac:27:a0:2d:83:1b:b5:00:e9:dd:54:c0:80:32:
19:d8:d4:99:8b:7c:f8:e4:9a:01:56:f0:e8:63:a6:1d:21:77:
db:75:8d:69:6c:03:a0:7c:f5:b2:5f:71:60:3b:f2:c8:c1:9a:
9b:37:01:46:d3:fb:2e:e7:60:44:c5:5d:74:0a:b0:aa:17:6e:
70:6c:8f:7b:9b:9d:0d:4f:1a:f9:b1:7e:27:aa:72:82:2d:8e:
eb:42:27:c1:31:b4:0f:55:88:5c:28:df:87:7d:6e:03:b0:c6:
87:b2:62:ef:3d:ed:a1:f4:2c:cc:3c:35:37:d0:e1:61:7a:c0:
73:fd:11:48:3b:6a:6c:9d:53:47:5f:46:fd:e9:d4:ca:54:07:
16:e9:07:47:db:be:5d:2f:81:ab:93:55:83:5e:8d:b3:60:18:
0f:9e:98:3a:1e:de:6d:4f:b4:6c:99:0d:4c:f8:ac:5f:74:fd:
e3:8f:c4:5e:30:e4:07:32:77:22:77:83:b5:e3:e3:1b:b1:b8:
7c:08:5d:4d:17:08:f2:a3:66:0e:7f:d5:59:83:b6:90:0d:ba:
bd:2a:bb:93:00:4f:17:50:42:73:b4:55:8a:14:26:23:f7:7b:
87:2e:74:66
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOQiMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjE2MDcwMDA0WhcNMjUwMzA0MDcwMDA0WjAYMRYw
FAYDVQQDEw02NzVmY2ZmOC02OGIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApeMGQDKSrB6G/EKphXNrSmsE+DhURnqmeL6qxFeSkJCX/jDbB1VJZ7tB
xU3q2DD9L2WfnhjfEuj4pl6puLkwKaYlLM6FpQNvBEtaHtj8wmzV9NcfT2WyqOVr
1g70epCT4/WrzGETCR7bk+xRatFmkFV332wzX+0Lm+TA921H2WQRWiDhkO97CweF
hTsEiwHr02wjLE6PVWCpdYsM1+CTquhl2hGcwHIllWdU5U/shjvYl/JFFJOn+jNC
2P75lmpy0oqsBAPgsOa5O+3ouEWm5J5nn5eUtRE0m3nfA4RWulqPgKATSmpjAOYm
Cv9N1lpYWaU7ufb8MaAaf0W6aw71rwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFM7O
L8EbPGT/RLWhY1y3vUtB2eYUMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82MjU0QTY4NEJCN0IxMUVGOUNBMzNDQUI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOxIMA0GCSqGSIb3DQEBCwUA
A4IBAQCioUCfTIi4T4VhrffuXnaqnCotyHYPrCegLYMbtQDp3VTAgDIZ2NSZi3z4
5JoBVvDoY6YdIXfbdY1pbAOgfPWyX3FgO/LIwZqbNwFG0/su52BExV10CrCqF25w
bI97m50NTxr5sX4nqnKCLY7rQifBMbQPVYhcKN+HfW4DsMaHsmLvPe2h9CzMPDU3
0OFhesBz/RFIO2psnVNHX0b96dTKVAcW6QdH275dL4Grk1WDXo2zYBgPnpg6Ht5t
T7RsmQ1M+KxfdP3jj8ReMOQHMncid4O14+Mbsbh8CF1NFwjyo2YOf9VZg7aQDbq9
KruTAE8XUEJztFWKFCYj93uHLnRm
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:48:18 2025 by rpki-client