Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/718B2662CCF811EFBB178A79762E951A.roa
File: 718B2662CCF811EFBB178A79762E951A.roa (raw, json)
Hash identifier: WZzvZ2HxQizapBQa213nm9LZBw2wsGMxb6NWiF4nyCY=
Subject key identifier: 62:51:7E:02:6A:F3:BB:B9:EC:23:16:31:37:C0:70:A8:34:14:50:22
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FC2B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/718B2662CCF811EFBB178A79762E951A.roa
Signing time: Tue 07 Jan 2025 13:08:10 +0000
ROA not before: Tue 07 Jan 2025 13:08:06 +0000
ROA not after: Sat 13 Dec 2025 13:08:06 +0000
asID: 984
IP address blocks: 156.236.120.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64555 (0xfc2b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 13:08:06 2025 GMT
Not After : Dec 13 13:08:06 2025 GMT
Subject: CN=677d273a-7a31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:66:4b:e5:57:46:3e:22:22:05:7a:75:65:a0:
f4:0a:b0:16:0a:e6:4e:56:55:96:ae:26:8f:6a:e2:
b8:f5:11:e4:63:74:79:20:df:a0:de:f3:2d:0d:8c:
1c:e1:58:94:6c:0f:1e:8d:f8:df:e4:3d:0d:d1:d2:
de:56:32:85:13:d7:f5:49:8b:aa:49:3d:42:93:e2:
e7:39:4c:ba:cc:d2:15:f7:5b:9b:ad:ba:03:74:c6:
af:24:32:10:cb:5b:61:b4:de:5f:22:79:b7:d3:53:
a2:87:de:7b:85:e4:25:ba:cc:99:f2:49:af:72:3f:
54:74:45:b3:6d:9b:99:3d:85:5b:36:0c:8a:8a:af:
5d:81:fe:b9:57:30:8a:b2:b9:51:9f:34:7b:c4:91:
ca:72:f4:da:fc:9f:64:fc:a8:a4:d1:7c:57:9b:83:
55:60:5a:01:eb:04:b2:fd:5e:8d:c2:6f:1f:12:51:
85:a8:11:43:98:07:1f:06:7d:7c:46:94:52:71:cd:
08:08:88:0b:3e:90:eb:fb:70:43:b8:3f:a2:0e:39:
3b:f5:6d:31:33:42:25:e5:91:05:31:81:f9:0c:14:
94:24:d3:15:98:2d:a4:5c:4e:54:fa:45:82:f1:b0:
c3:7b:09:53:f9:7e:03:cd:62:cf:5d:63:5f:b5:1b:
85:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:51:7E:02:6A:F3:BB:B9:EC:23:16:31:37:C0:70:A8:34:14:50:22
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/718B2662CCF811EFBB178A79762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.236.120.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:0d:b7:6c:98:4d:18:d4:46:23:69:d4:e1:7e:dd:03:e6:8a:
28:0b:a6:03:33:80:11:ff:31:99:df:fe:f9:a7:0e:11:e3:03:
8a:1f:38:1b:81:b5:52:85:7a:fc:f5:6f:ef:4e:fb:13:f0:80:
72:a3:d8:01:a9:89:11:27:40:4d:c7:a3:e8:7b:16:48:18:1f:
28:84:bf:bf:64:17:d9:b6:1c:1b:ad:b4:d1:3b:2e:c3:5d:f7:
76:45:61:a1:cf:59:55:34:e2:6f:7f:c5:6e:82:03:ba:4f:84:
8a:ce:07:b2:8b:2a:91:74:7b:ed:28:ff:5e:80:5f:95:0b:b3:
7d:c4:e0:9b:52:8e:48:6e:7b:67:f9:17:e5:08:39:ee:bd:bf:
4b:4c:9f:55:20:04:97:3a:d1:ed:5c:d7:3d:2d:9a:57:96:04:
96:95:d2:44:94:5d:f7:89:ea:44:d9:15:46:ce:b9:2a:bf:9a:
a7:df:bf:99:4d:88:6c:de:c0:1b:88:f7:9d:46:a6:e0:bc:5e:
c8:ba:85:3c:26:18:47:35:d4:9a:1c:7a:60:19:7a:c2:93:eb:
18:fd:74:04:eb:6b:cc:d5:b5:96:fa:f0:af:97:cc:e8:02:cc:
c2:16:22:7e:22:77:ae:9d:e1:80:ed:4e:27:60:9d:4c:28:bc:
fc:ba:a4:4d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPwrMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTMwODA2WhcNMjUxMjEzMTMwODA2WjAYMRYw
FAYDVQQDEw02NzdkMjczYS03YTMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzmZL5VdGPiIiBXp1ZaD0CrAWCuZOVlWWriaPauK49RHkY3R5IN+g3vMt
DYwc4ViUbA8ejfjf5D0N0dLeVjKFE9f1SYuqST1Ck+LnOUy6zNIV91ubrboDdMav
JDIQy1thtN5fInm301Oih957heQlusyZ8kmvcj9UdEWzbZuZPYVbNgyKiq9dgf65
VzCKsrlRnzR7xJHKcvTa/J9k/Kik0XxXm4NVYFoB6wSy/V6Nwm8fElGFqBFDmAcf
Bn18RpRScc0ICIgLPpDr+3BDuD+iDjk79W0xM0Il5ZEFMYH5DBSUJNMVmC2kXE5U
+kWC8bDDewlT+X4DzWLPXWNftRuF8QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGJR
fgJq87u57CMWMTfAcKg0FFAiMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83MThCMjY2MkNDRjgxMUVGQkIxNzhBNzk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOx4MA0GCSqGSIb3DQEBCwUA
A4IBAQAODbdsmE0Y1EYjadThft0D5oooC6YDM4AR/zGZ3/75pw4R4wOKHzgbgbVS
hXr89W/vTvsT8IByo9gBqYkRJ0BNx6PoexZIGB8ohL+/ZBfZthwbrbTROy7DXfd2
RWGhz1lVNOJvf8VuggO6T4SKzgeyiyqRdHvtKP9egF+VC7N9xOCbUo5Ibntn+Rfl
CDnuvb9LTJ9VIASXOtHtXNc9LZpXlgSWldJElF33iepE2RVGzrkqv5qn37+ZTYhs
3sAbiPedRqbgvF7IuoU8JhhHNdSaHHpgGXrCk+sY/XQE62vM1bWW+vCvl8zoAszC
FiJ+IneuneGA7U4nYJ1MKLz8uqRN
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:52:46 2025 by rpki-client