Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8160E3F0CD0811EF90D4505F762E951A.roa
File: 8160E3F0CD0811EF90D4505F762E951A.roa (raw, json)
Hash identifier: ju6HaLJyc5A+HhaKm6fIp3a3Nz2N3bgwpZF/2VwJRsA=
Subject key identifier: 0D:89:80:31:5D:6A:C3:C8:E3:0B:D5:07:9C:A0:E6:5A:32:55:BA:FB
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FCAD
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8160E3F0CD0811EF90D4505F762E951A.roa
Signing time: Tue 07 Jan 2025 15:03:09 +0000
ROA not before: Tue 07 Jan 2025 15:03:05 +0000
ROA not after: Mon 13 Dec 2027 15:03:05 +0000
asID: 17561
IP address blocks: 156.239.40.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64685 (0xfcad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 15:03:05 2025 GMT
Not After : Dec 13 15:03:05 2027 GMT
Subject: CN=677d422d-a742
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:77:bc:0f:c9:40:c9:2c:8d:0a:ab:6e:0a:28:
da:63:70:4c:9b:77:ca:44:31:d3:bc:c2:be:4a:74:
b8:3b:ee:05:17:a0:dc:c3:c5:52:8f:ff:03:c6:f3:
fd:44:8f:58:a8:e3:c7:e6:b5:6c:a2:8f:73:6f:d6:
be:54:5d:1a:d9:85:6e:67:4f:84:cb:d0:95:ff:b0:
55:4b:f1:42:de:0f:fe:e9:69:63:c6:20:3f:d3:1b:
89:70:cb:95:e5:77:90:bc:9e:1d:98:02:2e:ab:03:
ca:20:80:59:eb:44:cf:59:d4:12:cb:fb:02:fa:cb:
78:1e:3b:67:6e:48:af:d6:c7:fa:f0:8d:86:64:77:
f7:42:52:c4:30:73:92:3e:22:82:ba:c7:18:75:08:
ba:dc:98:c9:34:f3:7e:13:cd:8d:7a:ad:82:79:5a:
9c:b5:3e:b0:ff:f2:d2:53:46:44:1e:d5:39:51:98:
b8:cd:f7:6d:c2:20:3a:bf:e7:a7:b2:cd:8b:79:55:
63:01:71:53:98:f3:a5:55:28:5d:3f:40:9b:ef:d1:
4b:48:bd:41:7c:07:0f:0a:11:86:e9:84:a3:14:63:
3f:29:94:2c:f0:20:be:9c:d5:87:4e:90:1c:a8:88:
8b:d3:69:5a:6e:41:09:39:08:b3:4c:8d:fe:7f:57:
45:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:89:80:31:5D:6A:C3:C8:E3:0B:D5:07:9C:A0:E6:5A:32:55:BA:FB
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8160E3F0CD0811EF90D4505F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.239.40.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:2c:93:7a:7b:69:e4:09:73:59:ae:33:e4:30:63:cb:bb:26:
83:52:e9:5e:40:68:af:3a:a3:03:d1:9c:5f:fe:c9:4e:8d:a9:
eb:e0:0f:dd:c8:89:d8:45:f8:cd:d7:03:bf:25:b2:64:3b:31:
05:6a:eb:d7:6d:e4:f6:88:82:e0:a1:7a:5b:9a:a6:6a:d6:08:
3e:18:de:0e:e0:07:09:3a:8d:b1:a4:6d:16:53:ad:27:f0:f7:
51:fd:a7:4a:db:3c:e0:55:dc:a2:a7:a7:83:b6:ea:e9:7a:37:
ac:4b:42:df:31:69:03:34:ad:74:5b:6a:e7:fd:69:51:16:b5:
a0:f2:55:ce:9f:f6:07:a5:4b:95:5d:26:f2:96:cc:e0:51:7b:
1a:a1:90:a3:fa:5c:54:31:0e:95:ad:43:92:a0:c7:e4:17:bf:
3e:b0:7b:ae:ae:c0:a0:82:b7:a5:40:c2:8b:d3:b6:fc:7c:ae:
c1:5f:09:b3:e5:50:06:28:3d:04:37:fd:35:cd:c6:75:8a:a8:
e6:f3:64:31:93:7c:1b:0b:e9:3c:70:21:7f:a5:bb:24:20:f7:
6c:26:7a:08:c4:b7:ad:90:13:8f:b5:e7:1a:12:f4:f6:b3:18:
b7:a1:12:04:d0:db:c8:cc:6b:21:8b:31:7d:0b:86:4f:16:c3:
27:54:e2:e4
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPytMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTUwMzA1WhcNMjcxMjEzMTUwMzA1WjAYMRYw
FAYDVQQDEw02NzdkNDIyZC1hNzQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA+ne8D8lAySyNCqtuCijaY3BMm3fKRDHTvMK+SnS4O+4FF6Dcw8VSj/8D
xvP9RI9YqOPH5rVsoo9zb9a+VF0a2YVuZ0+Ey9CV/7BVS/FC3g/+6WljxiA/0xuJ
cMuV5XeQvJ4dmAIuqwPKIIBZ60TPWdQSy/sC+st4Hjtnbkiv1sf68I2GZHf3QlLE
MHOSPiKCuscYdQi63JjJNPN+E82Neq2CeVqctT6w//LSU0ZEHtU5UZi4zfdtwiA6
v+enss2LeVVjAXFTmPOlVShdP0Cb79FLSL1BfAcPChGG6YSjFGM/KZQs8CC+nNWH
TpAcqIiL02labkEJOQizTI3+f1dFcQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFA2J
gDFdasPI4wvVB5yg5loyVbr7MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84MTYwRTNGMENEMDgxMUVGOTBENDUwNUY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO8oMA0GCSqGSIb3DQEBCwUA
A4IBAQA6LJN6e2nkCXNZrjPkMGPLuyaDUuleQGivOqMD0Zxf/slOjanr4A/dyInY
RfjN1wO/JbJkOzEFauvXbeT2iILgoXpbmqZq1gg+GN4O4AcJOo2xpG0WU60n8PdR
/adK2zzgVdyip6eDturpejesS0LfMWkDNK10W2rn/WlRFrWg8lXOn/YHpUuVXSby
lszgUXsaoZCj+lxUMQ6VrUOSoMfkF78+sHuursCggrelQMKL07b8fK7BXwmz5VAG
KD0EN/01zcZ1iqjm82Qxk3wbC+k8cCF/pbskIPdsJnoIxLetkBOPtecaEvT2sxi3
oRIE0NvIzGshizF9C4ZPFsMnVOLk
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:43:24 2025 by rpki-client