Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6E0ABD3EC33B11EFA54E6C97762E951A.roa
File: 6E0ABD3EC33B11EFA54E6C97762E951A.roa (raw, json)
Hash identifier: 9vaBRTDUUgFJfhToql0+sD8QbcxJfeJ4JvXRMLvziOo=
Subject key identifier: DB:28:E0:46:E0:D4:B6:E2:32:47:ED:B8:D7:25:4C:29:FB:C2:B3:0B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EB89
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6E0ABD3EC33B11EFA54E6C97762E951A.roa
Signing time: Thu 26 Dec 2024 03:42:29 +0000
ROA not before: Thu 26 Dec 2024 03:42:25 +0000
ROA not after: Fri 10 Dec 2027 03:42:25 +0000
asID: 17561
IP address blocks: 156.244.192.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60297 (0xeb89)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 03:42:25 2024 GMT
Not After : Dec 10 03:42:25 2027 GMT
Subject: CN=676cd0a5-4d1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:4f:48:ec:ff:5d:c8:79:16:0e:d4:fd:e8:0f:
7c:2a:05:f8:c8:4b:10:34:a0:b1:30:bb:dc:55:97:
fe:0b:96:a8:cc:55:6f:1e:2d:f4:cd:23:15:51:b4:
7e:7b:a2:72:20:57:39:6f:a3:fc:b8:fb:fe:38:ac:
b5:5a:41:b9:99:99:b2:78:5a:5a:f2:d4:a8:c7:5f:
60:d3:91:54:5c:fa:17:69:f9:17:67:ff:b7:eb:5c:
6c:a7:6e:df:aa:21:75:90:0f:52:cc:1c:03:4a:30:
5d:9b:5c:f6:f2:c4:3a:36:6a:eb:4d:09:3d:a7:f7:
11:9f:25:ea:73:8a:53:10:5b:e4:25:f2:f3:47:c4:
e3:86:40:ca:31:e3:f2:5e:d7:c5:48:82:c5:4d:9b:
86:77:17:d3:1e:7c:b9:a1:32:6e:13:70:08:5c:57:
fa:a7:82:51:49:36:1e:ea:94:2b:0e:b2:e7:6f:e2:
b8:4d:03:90:cd:48:3c:54:38:12:b7:e4:3b:0d:79:
29:8a:51:6b:ec:b6:dd:7d:d2:84:3e:3c:84:d6:0e:
da:cf:93:4e:d1:be:8f:ca:55:7a:dc:1d:7d:47:80:
13:3d:e0:2d:ee:39:e8:03:92:8b:77:03:0f:b7:31:
d3:1b:62:17:d3:1d:76:f1:a7:14:16:10:f4:04:e3:
19:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:28:E0:46:E0:D4:B6:E2:32:47:ED:B8:D7:25:4C:29:FB:C2:B3:0B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6E0ABD3EC33B11EFA54E6C97762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.244.192.0/24
Signature Algorithm: sha256WithRSAEncryption
51:7b:cd:e4:ea:88:d9:4b:23:dd:19:26:26:c0:92:38:92:f9:
ba:26:06:b8:57:c3:45:1b:27:51:09:07:c4:89:67:11:66:8a:
4d:c9:4c:c2:01:ca:cb:df:d5:38:f1:66:b7:0a:2f:5c:a7:24:
9b:91:08:41:31:ca:57:70:99:07:23:3c:d4:69:2f:4e:d2:6e:
fb:21:cd:09:ae:c7:1d:46:ff:49:b7:46:06:5d:97:ec:91:a7:
0b:48:3a:83:9d:5a:ce:9b:b3:aa:6d:5d:a9:9d:f3:0e:3c:05:
36:8f:a1:3d:eb:23:6d:4c:4f:a7:40:fe:6e:aa:84:e5:2f:81:
46:c4:11:8c:d8:a0:c4:c1:15:91:51:af:00:55:3f:87:ef:7e:
50:b5:35:07:42:05:72:68:50:11:c7:e1:68:a0:78:84:58:0d:
f3:94:f4:fb:16:ef:a7:e8:fa:e3:6d:dd:97:69:06:50:61:2d:
1a:06:fe:dc:d7:0f:27:f7:94:b3:6f:99:86:eb:db:ab:2d:3c:
a4:d3:57:d4:e9:f6:6e:74:ff:4d:c1:ab:a9:1b:bd:46:c3:be:
38:55:40:b0:d8:85:b1:59:2f:f7:4f:54:f6:2a:45:8e:65:77:
56:4f:e4:71:fc:ad:86:33:37:4f:f0:98:ce:e8:7e:cb:4f:39:
39:37:24:c4
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOuJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDM0MjI1WhcNMjcxMjEwMDM0MjI1WjAYMRYw
FAYDVQQDEw02NzZjZDBhNS00ZDFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAp09I7P9dyHkWDtT96A98KgX4yEsQNKCxMLvcVZf+C5aozFVvHi30zSMV
UbR+e6JyIFc5b6P8uPv+OKy1WkG5mZmyeFpa8tSox19g05FUXPoXafkXZ/+361xs
p27fqiF1kA9SzBwDSjBdm1z28sQ6NmrrTQk9p/cRnyXqc4pTEFvkJfLzR8TjhkDK
MePyXtfFSILFTZuGdxfTHny5oTJuE3AIXFf6p4JRSTYe6pQrDrLnb+K4TQOQzUg8
VDgSt+Q7DXkpilFr7LbdfdKEPjyE1g7az5NO0b6PylV63B19R4ATPeAt7jnoA5KL
dwMPtzHTG2IX0x128acUFhD0BOMZ9wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNso
4Ebg1LbiMkftuNclTCn7wrMLMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82RTBBQkQzRUMzM0IxMUVGQTU0RTZDOTc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPTAMA0GCSqGSIb3DQEBCwUA
A4IBAQBRe83k6ojZSyPdGSYmwJI4kvm6Jga4V8NFGydRCQfEiWcRZopNyUzCAcrL
39U48Wa3Ci9cpySbkQhBMcpXcJkHIzzUaS9O0m77Ic0JrscdRv9Jt0YGXZfskacL
SDqDnVrOm7OqbV2pnfMOPAU2j6E96yNtTE+nQP5uqoTlL4FGxBGM2KDEwRWRUa8A
VT+H735QtTUHQgVyaFARx+FooHiEWA3zlPT7Fu+n6Prjbd2XaQZQYS0aBv7c1w8n
95Szb5mG69urLTyk01fU6fZudP9NwaupG71Gw744VUCw2IWxWS/3T1T2KkWOZXdW
T+Rx/K2GMzdP8JjO6H7LTzk5NyTE
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:54:42 2025 by rpki-client