Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/81DFD5E4DA7211EF8D7299BB762E951A.roa
File: 81DFD5E4DA7211EF8D7299BB762E951A.roa (raw, json)
Hash identifier: cs0soAqztAEnhkRBzFGLkwJo3tZxSdsR2i4bZToZzCA=
Subject key identifier: 98:2A:95:D0:75:DF:AF:B6:7C:F7:64:B2:4B:28:E6:A6:9B:1F:68:94
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010FBA
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/81DFD5E4DA7211EF8D7299BB762E951A.roa
Signing time: Fri 24 Jan 2025 16:44:41 +0000
ROA not before: Fri 24 Jan 2025 16:44:37 +0000
ROA not after: Tue 04 Mar 2025 16:44:37 +0000
asID: 395886
IP address blocks: 156.238.224.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 21 Feb 2025 00:26:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 69562 (0x10fba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 24 16:44:37 2025 GMT
Not After : Mar 4 16:44:37 2025 GMT
Subject: CN=6793c379-a1b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:58:4c:fc:db:a8:b2:30:cc:78:b4:84:81:ad:
b3:d9:30:d5:b4:ba:80:99:48:4c:77:4d:77:29:89:
88:dc:e3:c9:4c:31:a2:6a:34:94:25:93:c3:d7:0c:
a9:4a:41:66:9b:0e:7e:06:cc:cc:c8:3b:40:c5:93:
b8:b9:24:14:4f:e8:9c:8b:76:bb:c2:51:e5:cf:5b:
20:39:39:a1:e2:da:1b:68:7c:07:8f:aa:c4:8e:28:
b4:a1:61:03:ed:e1:91:c7:ed:db:96:2e:dd:60:26:
d6:c9:d6:e6:70:80:83:5e:43:19:f4:80:83:14:df:
9f:91:95:3b:76:9a:44:1e:ae:81:4d:0c:2d:f8:21:
7f:b3:9c:7f:27:c6:0b:cd:db:17:7e:98:59:17:99:
ff:c4:1b:8b:25:42:d7:93:68:77:d9:71:8e:2f:81:
e9:77:0b:86:b5:46:eb:14:71:23:d4:4d:b3:92:d9:
be:3c:74:09:58:ce:e6:d4:ef:1c:1b:a4:f9:49:72:
da:d9:e8:02:b8:da:bb:9f:88:59:c7:a9:29:bb:82:
bb:f6:7b:5d:fd:a5:f8:23:b3:5d:dd:62:2a:0b:38:
56:09:46:8a:0a:3d:e9:0c:69:ee:4d:4c:81:52:2f:
e6:de:bc:34:bb:c6:c6:2c:a0:cd:72:7d:2d:68:b9:
71:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:2A:95:D0:75:DF:AF:B6:7C:F7:64:B2:4B:28:E6:A6:9B:1F:68:94
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/81DFD5E4DA7211EF8D7299BB762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.224.0/19
Signature Algorithm: sha256WithRSAEncryption
b4:b8:9e:e2:71:3a:cc:1f:78:cc:f3:88:34:39:73:23:a6:b3:
4d:d6:95:44:39:56:04:de:48:c4:88:f6:03:76:cb:42:80:41:
ea:e9:45:31:d1:59:6c:20:a6:36:b6:5c:52:67:1e:3d:91:98:
d8:24:2c:96:e6:8b:12:a9:fe:ad:5d:df:2b:06:67:a4:9d:e3:
c0:7c:c4:bf:65:90:d3:4a:e8:e9:cb:1c:66:f5:c5:49:ef:80:
d9:35:1a:52:2a:39:92:59:37:52:9f:43:4c:56:19:b0:94:e8:
20:e5:5f:ea:95:ac:f1:97:7b:3c:2f:a9:a4:c3:a0:d6:27:aa:
a5:40:5c:22:6b:d3:9a:dc:4c:05:c0:55:66:30:8b:b5:9c:74:
74:51:fa:62:1d:7a:90:0d:ab:61:73:13:54:37:06:33:26:35:
10:8c:f2:6e:83:96:c1:19:b9:cb:ee:68:14:f3:2d:f5:02:75:
d0:20:f6:43:88:3d:59:0a:7d:df:b1:a5:2d:c5:c8:0e:cf:9a:
3c:d5:fc:e2:c0:28:72:4d:b8:a2:0c:5a:eb:7e:5d:ef:ea:11:
36:24:c3:a0:d7:86:8b:c3:aa:b3:48:c5:b5:a0:a2:dd:e1:bd:
ae:98:2e:70:0e:44:f8:79:b7:f2:98:84:42:0c:c6:86:91:21:
c5:10:98:0e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQ+6MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTI0MTY0NDM3WhcNMjUwMzA0MTY0NDM3WjAYMRYw
FAYDVQQDEw02NzkzYzM3OS1hMWI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA9FhM/NuosjDMeLSEga2z2TDVtLqAmUhMd013KYmI3OPJTDGiajSUJZPD
1wypSkFmmw5+BszMyDtAxZO4uSQUT+ici3a7wlHlz1sgOTmh4tobaHwHj6rEjii0
oWED7eGRx+3bli7dYCbWydbmcICDXkMZ9ICDFN+fkZU7dppEHq6BTQwt+CF/s5x/
J8YLzdsXfphZF5n/xBuLJULXk2h32XGOL4HpdwuGtUbrFHEj1E2zktm+PHQJWM7m
1O8cG6T5SXLa2egCuNq7n4hZx6kpu4K79ntd/aX4I7Nd3WIqCzhWCUaKCj3pDGnu
TUyBUi/m3rw0u8bGLKDNcn0taLlxkQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJgq
ldB136+2fPdkskso5qabH2iUMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84MURGRDVFNERBNzIxMUVGOEQ3Mjk5QkI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFnO7gMA0GCSqGSIb3DQEBCwUA
A4IBAQC0uJ7icTrMH3jM84g0OXMjprNN1pVEOVYE3kjEiPYDdstCgEHq6UUx0Vls
IKY2tlxSZx49kZjYJCyW5osSqf6tXd8rBmeknePAfMS/ZZDTSujpyxxm9cVJ74DZ
NRpSKjmSWTdSn0NMVhmwlOgg5V/qlazxl3s8L6mkw6DWJ6qlQFwia9Oa3EwFwFVm
MIu1nHR0UfpiHXqQDathcxNUNwYzJjUQjPJug5bBGbnL7mgU8y31AnXQIPZDiD1Z
Cn3fsaUtxcgOz5o81fziwChyTbiiDFrrfl3v6hE2JMOg14aLw6qzSMW1oKLd4b2u
mC5wDkT4ebfymIRCDMaGkSHFEJgO
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:38:26 2025 by rpki-client