Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/80DCD264C33E11EF8DF28DAB762E951A.roa
File: 80DCD264C33E11EF8DF28DAB762E951A.roa (raw, json)
Hash identifier: /HUsjf/6Q3B/Mazk78R3E6TvNKzmdo1WKlSEIRuw54g=
Subject key identifier: 2B:14:69:2D:BC:48:83:33:82:84:1C:C3:58:D1:CE:25:BC:34:12:FB
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EBAD
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/80DCD264C33E11EF8DF28DAB762E951A.roa
Signing time: Thu 26 Dec 2024 04:04:29 +0000
ROA not before: Thu 26 Dec 2024 04:04:25 +0000
ROA not after: Fri 10 Dec 2027 04:04:25 +0000
asID: 17561
IP address blocks: 156.244.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60333 (0xebad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 04:04:25 2024 GMT
Not After : Dec 10 04:04:25 2027 GMT
Subject: CN=676cd5cd-0f85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:d3:60:11:74:a0:98:1e:de:95:e1:98:43:e9:
dd:28:1d:aa:6d:8b:03:04:cb:6b:70:06:22:a0:40:
07:c3:f2:0b:5f:1c:d1:1f:9d:de:d5:ae:ce:e4:85:
0d:fa:d2:4b:36:0a:35:2e:ab:fd:a4:9f:7a:7c:94:
94:96:b8:3d:91:26:a9:c4:61:0d:a4:0f:91:54:76:
d0:af:63:2c:1a:35:a2:5d:20:4e:b7:2a:3c:6c:42:
e8:34:a4:ac:98:d2:0c:68:ea:49:a8:24:58:13:83:
d9:d7:0e:fc:87:ed:92:ff:71:e0:2f:71:1b:e7:4e:
58:ee:ad:4c:37:1d:dc:a7:60:d5:08:98:09:cf:76:
38:1d:27:9d:55:fe:63:07:88:5c:67:e6:f2:e1:7d:
e6:3d:7e:dd:fd:1c:50:d4:94:b0:81:53:94:3c:2f:
31:94:f0:29:a4:66:26:f5:3c:7e:0e:31:bc:c4:32:
74:55:68:98:cd:03:23:c8:83:fb:af:b5:bf:d7:dc:
07:e3:11:ed:e2:4c:79:11:9a:d3:07:9b:55:5c:6f:
58:77:05:fc:71:5c:26:20:b7:ee:a5:cf:94:e3:ca:
62:59:3e:72:d8:cc:5c:0c:cf:69:f2:46:54:ee:0c:
c5:7c:74:5b:3c:d8:e2:bc:51:ca:3b:18:5a:fc:63:
dd:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:14:69:2D:BC:48:83:33:82:84:1C:C3:58:D1:CE:25:BC:34:12:FB
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/80DCD264C33E11EF8DF28DAB762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.244.210.0/24
Signature Algorithm: sha256WithRSAEncryption
87:e8:ea:10:9a:37:7b:c1:0b:a0:84:d0:22:62:96:ce:dd:c8:
3b:5e:22:eb:69:d0:9c:6a:61:db:5c:77:92:32:8a:5b:c2:82:
e5:c6:a8:dc:3a:04:fd:1f:8d:e1:a7:0e:c4:93:7a:8c:0a:00:
7f:c4:84:8a:d2:91:12:5f:88:75:0d:f4:c1:5a:44:f1:c2:42:
e8:40:7b:3c:c0:1c:22:3c:75:8a:94:5b:f5:05:ff:13:55:10:
64:a6:ed:f1:05:58:c8:d9:c1:ce:d6:61:cd:b6:a8:48:63:a9:
76:04:bb:24:a1:a9:61:af:f9:83:b1:39:f2:b0:b5:75:e0:8a:
28:fa:f1:c5:1f:1e:4c:da:4f:28:fa:7d:fd:e5:b4:27:d7:c6:
23:0e:d6:00:1d:e7:1c:4a:ce:92:f9:35:43:55:7c:93:a3:b7:
11:7d:df:92:8b:55:94:a9:56:8a:c3:fe:3f:4c:86:dc:1a:84:
95:b9:f7:37:8c:bb:7e:1f:91:84:55:51:1b:c7:61:42:1b:18:
45:72:0d:1c:a9:d2:58:73:71:91:48:82:3f:bc:2e:12:35:91:
4d:7f:f4:ec:de:7d:60:4a:41:ed:de:7a:2e:9e:10:ae:33:13:
25:03:5e:44:8c:91:57:88:b7:ab:9a:27:e6:87:d4:98:61:39:
90:8b:23:a2
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOutMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDQwNDI1WhcNMjcxMjEwMDQwNDI1WjAYMRYw
FAYDVQQDEw02NzZjZDVjZC0wZjg1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAodNgEXSgmB7eleGYQ+ndKB2qbYsDBMtrcAYioEAHw/ILXxzRH53e1a7O
5IUN+tJLNgo1Lqv9pJ96fJSUlrg9kSapxGENpA+RVHbQr2MsGjWiXSBOtyo8bELo
NKSsmNIMaOpJqCRYE4PZ1w78h+2S/3HgL3Eb505Y7q1MNx3cp2DVCJgJz3Y4HSed
Vf5jB4hcZ+by4X3mPX7d/RxQ1JSwgVOUPC8xlPAppGYm9Tx+DjG8xDJ0VWiYzQMj
yIP7r7W/19wH4xHt4kx5EZrTB5tVXG9YdwX8cVwmILfupc+U48piWT5y2MxcDM9p
8kZU7gzFfHRbPNjivFHKOxha/GPdQwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCsU
aS28SIMzgoQcw1jRziW8NBL7MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84MERDRDI2NEMzM0UxMUVGOERGMjhEQUI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPTSMA0GCSqGSIb3DQEBCwUA
A4IBAQCH6OoQmjd7wQughNAiYpbO3cg7XiLradCcamHbXHeSMopbwoLlxqjcOgT9
H43hpw7Ek3qMCgB/xISK0pESX4h1DfTBWkTxwkLoQHs8wBwiPHWKlFv1Bf8TVRBk
pu3xBVjI2cHO1mHNtqhIY6l2BLskoalhr/mDsTnysLV14Ioo+vHFHx5M2k8o+n39
5bQn18YjDtYAHeccSs6S+TVDVXyTo7cRfd+Si1WUqVaKw/4/TIbcGoSVufc3jLt+
H5GEVVEbx2FCGxhFcg0cqdJYc3GRSII/vC4SNZFNf/Ts3n1gSkHt3nounhCuMxMl
A15EjJFXiLermifmh9SYYTmQiyOi
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:39:49 2025 by rpki-client