Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7A259E12C33211EF9D7CE75A762E951A.roa
File: 7A259E12C33211EF9D7CE75A762E951A.roa (raw, json)
Hash identifier: oN31cmzDDOYs+6+N1I8wJQTLMBJY1uuIqlLo/61voy8=
Subject key identifier: 8F:0E:30:72:74:DA:1D:A3:34:B4:4F:2C:8E:78:FD:89:1F:F1:44:40
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EB1F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7A259E12C33211EF9D7CE75A762E951A.roa
Signing time: Thu 26 Dec 2024 02:38:24 +0000
ROA not before: Thu 26 Dec 2024 02:38:20 +0000
ROA not after: Wed 10 Dec 2025 02:38:20 +0000
asID: 984
IP address blocks: 156.244.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60191 (0xeb1f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 02:38:20 2024 GMT
Not After : Dec 10 02:38:20 2025 GMT
Subject: CN=676cc1a0-3749
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:c9:23:cd:9e:87:f8:ed:85:39:86:a4:76:63:
27:8d:1a:b2:99:78:ce:5e:07:ea:0a:96:61:a6:e2:
9b:99:05:51:68:af:70:7c:a8:63:fb:99:aa:ad:cf:
9f:50:f2:3b:5f:3c:ae:45:7c:10:56:69:93:44:b4:
c6:b6:8e:7e:69:26:75:07:c5:f2:70:f4:dd:6c:0b:
b1:77:e9:95:97:6c:83:00:db:fe:de:59:f6:89:93:
49:d5:44:47:df:f4:27:75:66:c8:d1:67:c3:73:40:
cc:d8:dc:95:a1:e3:85:60:39:f4:eb:bb:e0:c9:b7:
80:71:a4:dc:70:55:b8:6e:d8:ae:65:6d:ac:02:a7:
d1:e8:01:a8:f8:ca:9b:b2:99:c6:41:08:d7:46:5f:
46:54:2b:91:3b:5c:fd:26:93:f1:84:0c:25:f1:44:
b4:32:a6:4d:82:c0:fb:d3:a9:4c:2c:ac:71:0b:2d:
26:b3:6d:2a:3e:94:5c:22:72:fa:77:b8:2d:7b:9f:
93:90:64:60:03:92:38:37:2a:55:06:d4:e8:05:3b:
1c:61:3d:44:29:4e:9d:3c:87:d7:31:1f:a1:29:54:
7f:8d:94:f8:a7:d6:55:b6:9b:81:da:5f:97:20:66:
4f:0f:57:0d:e8:a9:35:35:09:20:14:1e:7d:39:7e:
73:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:0E:30:72:74:DA:1D:A3:34:B4:4F:2C:8E:78:FD:89:1F:F1:44:40
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7A259E12C33211EF9D7CE75A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.244.139.0/24
Signature Algorithm: sha256WithRSAEncryption
22:b7:e2:66:a0:5d:a9:44:b4:fa:90:56:ce:99:74:37:65:81:
b6:19:87:cf:ab:29:06:13:ea:1a:4f:86:b9:a9:fb:71:5e:36:
5c:8e:62:62:d1:01:88:0b:25:dd:b0:df:99:72:58:76:93:a7:
5b:2d:11:11:fe:e2:41:70:6d:52:57:37:39:b7:e1:9b:2b:3a:
6a:65:52:f1:e9:d2:6a:d9:42:5b:25:a8:22:6e:8d:bd:8e:cf:
ca:cd:22:08:cb:6d:53:4b:a8:79:74:05:10:63:1a:a4:35:37:
71:20:37:e9:1e:ef:df:b8:86:5a:c2:f1:c9:1b:0d:b7:22:f1:
fd:eb:74:b9:9c:19:d3:21:83:30:6a:0e:38:d7:fb:13:6a:79:
c5:60:c1:9a:af:2b:41:ae:8a:d2:2d:cd:86:42:f8:0f:0b:08:
aa:e9:ef:3d:c7:66:4c:5c:eb:5d:7e:07:28:c7:1e:5b:e8:a5:
11:26:83:83:c1:37:04:70:0d:42:40:b5:7c:55:48:d6:ec:07:
dd:b3:2f:f5:24:8f:b7:a4:d5:48:d5:01:36:89:f8:3c:fc:11:
b9:70:a5:c4:11:01:98:50:f9:65:89:bf:b0:2d:ec:d7:67:ae:
94:b3:ce:38:87:07:16:73:1f:c7:d4:ee:73:2e:7c:52:82:6d:
2b:ad:3e:6f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOsfMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDIzODIwWhcNMjUxMjEwMDIzODIwWjAYMRYw
FAYDVQQDEw02NzZjYzFhMC0zNzQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAs8kjzZ6H+O2FOYakdmMnjRqymXjOXgfqCpZhpuKbmQVRaK9wfKhj+5mq
rc+fUPI7XzyuRXwQVmmTRLTGto5+aSZ1B8XycPTdbAuxd+mVl2yDANv+3ln2iZNJ
1URH3/QndWbI0WfDc0DM2NyVoeOFYDn067vgybeAcaTccFW4btiuZW2sAqfR6AGo
+MqbspnGQQjXRl9GVCuRO1z9JpPxhAwl8US0MqZNgsD706lMLKxxCy0ms20qPpRc
InL6d7gte5+TkGRgA5I4NypVBtToBTscYT1EKU6dPIfXMR+hKVR/jZT4p9ZVtpuB
2l+XIGZPD1cN6Kk1NQkgFB59OX5z/QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFI8O
MHJ02h2jNLRPLI54/Ykf8URAMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83QTI1OUUxMkMzMzIxMUVGOUQ3Q0U3NUE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPSLMA0GCSqGSIb3DQEBCwUA
A4IBAQAit+JmoF2pRLT6kFbOmXQ3ZYG2GYfPqykGE+oaT4a5qftxXjZcjmJi0QGI
CyXdsN+Zclh2k6dbLRER/uJBcG1SVzc5t+GbKzpqZVLx6dJq2UJbJagibo29js/K
zSIIy21TS6h5dAUQYxqkNTdxIDfpHu/fuIZawvHJGw23IvH963S5nBnTIYMwag44
1/sTannFYMGarytBrorSLc2GQvgPCwiq6e89x2ZMXOtdfgcoxx5b6KURJoODwTcE
cA1CQLV8VUjW7Afdsy/1JI+3pNVI1QE2ifg8/BG5cKXEEQGYUPllib+wLezXZ66U
s844hwcWcx/H1O5zLnxSgm0rrT5v
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:43:24 2025 by rpki-client