Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7BDC8E16C33511EF942B6E71762E951A.roa
File: 7BDC8E16C33511EF942B6E71762E951A.roa (raw, json)
Hash identifier: ICHDEifPYKyocR+OKwjMsY697mBuV/Hy+QykX8M8DLI=
Subject key identifier: CD:96:A1:D0:06:98:C5:18:08:11:B9:4F:05:E3:B0:7A:9F:14:F8:E7
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EB43
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7BDC8E16C33511EF942B6E71762E951A.roa
Signing time: Thu 26 Dec 2024 02:59:55 +0000
ROA not before: Thu 26 Dec 2024 02:59:51 +0000
ROA not after: Fri 10 Dec 2027 02:59:51 +0000
asID: 17561
IP address blocks: 156.244.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60227 (0xeb43)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 02:59:51 2024 GMT
Not After : Dec 10 02:59:51 2027 GMT
Subject: CN=676cc6ab-e74d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:94:b0:e1:e4:f2:2b:00:2d:9a:5f:52:05:39:
a9:2c:f8:68:86:ab:7a:24:7d:78:07:be:5e:05:48:
bf:89:96:81:6e:5a:d7:fc:f7:da:15:43:c1:43:c3:
dc:5c:80:1a:b0:55:e9:ad:bf:e7:83:17:87:e6:59:
70:50:c5:63:d7:a9:dc:0a:82:f7:0d:ea:a6:35:79:
ec:87:89:7d:ac:dc:c9:31:35:c7:8c:0b:c5:5f:d1:
b1:3b:60:ba:cf:3f:d8:5b:53:32:b6:3d:c0:b5:45:
b4:ce:92:2b:9e:f9:0e:a2:d5:a7:80:9e:d7:c7:23:
27:ec:76:4a:0d:2d:0e:19:1d:09:f1:13:d8:a3:e7:
3f:99:a0:81:50:a7:d5:73:d7:ba:c2:af:4d:3f:01:
8a:e4:bf:be:45:07:d3:78:51:ea:99:b4:5d:69:0e:
c1:d5:82:50:3d:05:50:91:a7:ff:5b:ba:85:56:52:
a7:95:a4:5b:ed:3c:03:8b:06:50:59:12:12:92:b3:
0a:14:77:95:0c:76:a8:c9:d6:af:90:fe:4a:e3:d2:
91:fb:3e:e9:ba:32:74:9f:c9:1b:66:a6:59:e7:85:
04:5a:e4:65:da:38:5a:15:50:ff:d1:5b:dd:17:fe:
1b:cf:5f:74:77:3f:f1:e3:e5:33:dd:9f:04:38:29:
e7:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:96:A1:D0:06:98:C5:18:08:11:B9:4F:05:E3:B0:7A:9F:14:F8:E7
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7BDC8E16C33511EF942B6E71762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.244.157.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:c3:6d:a0:a6:0c:c3:7a:62:3e:c9:79:9f:8d:99:0d:f7:38:
45:51:a5:12:c8:4a:a5:bc:0d:c1:92:2c:b7:a6:18:d1:d4:94:
a0:8c:11:c7:43:4a:e9:ca:23:6f:b5:4c:1a:1a:66:68:93:e8:
e1:0f:5b:6a:b1:f2:8f:6b:18:4b:ca:0d:c0:7a:89:71:40:e6:
46:66:25:e5:8e:f5:78:59:f6:99:0d:de:be:75:1d:20:f8:df:
15:9c:2b:a5:89:7e:cc:01:96:3e:db:c9:0e:01:3e:a3:e8:f6:
8c:4e:44:41:34:ec:2b:12:a5:58:e0:7f:53:53:75:0c:a0:7a:
78:85:57:08:ae:f2:6d:ec:17:16:2e:ba:6c:09:44:cc:ec:31:
29:61:0f:55:56:f4:30:3f:62:ff:02:10:e4:a4:17:21:eb:66:
a2:58:9c:00:53:a6:e9:9e:27:7c:7d:2d:35:af:11:50:ac:8c:
6b:72:3d:aa:45:7f:9d:2a:aa:bd:ff:78:42:c9:5a:a7:6d:99:
af:07:36:cb:3a:2d:ce:1a:bd:7f:8e:43:17:8d:06:5c:a4:83:
b8:72:25:8a:88:28:1e:ca:76:0b:2f:c8:db:db:fa:7b:c2:9f:
ca:f6:d2:c6:ed:6d:44:b0:e2:e0:be:c3:36:3f:eb:1a:71:a7:
02:94:3d:39
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOtDMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDI1OTUxWhcNMjcxMjEwMDI1OTUxWjAYMRYw
FAYDVQQDEw02NzZjYzZhYi1lNzRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtpSw4eTyKwAtml9SBTmpLPhohqt6JH14B75eBUi/iZaBblrX/PfaFUPB
Q8PcXIAasFXprb/ngxeH5llwUMVj16ncCoL3DeqmNXnsh4l9rNzJMTXHjAvFX9Gx
O2C6zz/YW1Mytj3AtUW0zpIrnvkOotWngJ7XxyMn7HZKDS0OGR0J8RPYo+c/maCB
UKfVc9e6wq9NPwGK5L++RQfTeFHqmbRdaQ7B1YJQPQVQkaf/W7qFVlKnlaRb7TwD
iwZQWRISkrMKFHeVDHaoydavkP5K49KR+z7pujJ0n8kbZqZZ54UEWuRl2jhaFVD/
0VvdF/4bz190dz/x4+Uz3Z8EOCnnMwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFM2W
odAGmMUYCBG5TwXjsHqfFPjnMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83QkRDOEUxNkMzMzUxMUVGOTQyQjZFNzE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPSdMA0GCSqGSIb3DQEBCwUA
A4IBAQAuw22gpgzDemI+yXmfjZkN9zhFUaUSyEqlvA3Bkiy3phjR1JSgjBHHQ0rp
yiNvtUwaGmZok+jhD1tqsfKPaxhLyg3AeolxQOZGZiXljvV4WfaZDd6+dR0g+N8V
nCuliX7MAZY+28kOAT6j6PaMTkRBNOwrEqVY4H9TU3UMoHp4hVcIrvJt7BcWLrps
CUTM7DEpYQ9VVvQwP2L/AhDkpBch62aiWJwAU6bpnid8fS01rxFQrIxrcj2qRX+d
Kqq9/3hCyVqnbZmvBzbLOi3OGr1/jkMXjQZcpIO4ciWKiCgeynYLL8jb2/p7wp/K
9tLG7W1EsOLgvsM2P+sacacClD05
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:54:13 2025 by rpki-client