Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8218F9FACD0711EF896CD958762E951A.roa
File: 8218F9FACD0711EF896CD958762E951A.roa (raw, json)
Hash identifier: Jjx/kLqfbGNkbxttFlQD2GzWCFzM8LVW6jPOE0forFE=
Subject key identifier: 5C:01:19:02:30:2C:94:AA:36:61:FD:35:37:9E:C9:38:80:17:6B:E5
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FCA5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8218F9FACD0711EF896CD958762E951A.roa
Signing time: Tue 07 Jan 2025 14:56:00 +0000
ROA not before: Tue 07 Jan 2025 14:55:57 +0000
ROA not after: Mon 13 Dec 2027 14:55:57 +0000
asID: 17561
IP address blocks: 156.239.36.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64677 (0xfca5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 14:55:57 2025 GMT
Not After : Dec 13 14:55:57 2027 GMT
Subject: CN=677d4080-a0cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:d6:8f:28:d2:87:b6:d2:fc:6a:81:33:bf:83:
ac:0f:f1:71:a6:73:4f:b0:06:0e:29:3b:6e:bc:87:
b2:c1:9d:bb:63:95:49:80:6c:9b:9b:ff:53:f7:4a:
be:92:ea:da:cb:90:3d:5d:c7:d9:86:37:82:fa:55:
2d:03:e6:a3:ed:99:d0:08:f1:12:dc:e2:8a:60:16:
44:86:f2:74:0a:c9:a6:2d:26:c8:91:9b:ec:9f:c0:
95:ac:13:7b:63:33:0a:eb:92:9c:8a:74:d9:61:ca:
0b:e3:18:03:c0:18:58:0a:98:63:74:4a:38:61:0d:
0e:e1:0a:98:7b:a2:02:37:c3:3a:61:fd:55:cc:50:
7d:64:e7:ca:46:4b:c8:25:bc:98:28:91:b2:58:1e:
1b:32:81:de:99:9c:e0:74:d4:2b:98:b9:e2:78:b2:
91:34:fb:2b:f4:82:9e:f2:3e:a5:1e:27:5a:0d:ce:
f0:90:c7:a5:de:8e:83:ba:f8:1e:a9:dc:d7:26:b3:
9d:c2:25:b5:88:9d:da:d6:c9:34:98:14:89:2d:7a:
4d:ee:9d:13:d9:60:9b:25:e1:3f:f9:0e:d5:44:2f:
76:73:e0:84:6b:30:6e:30:10:0d:4c:02:a5:c7:b1:
dc:5d:ca:26:01:1b:b1:4f:2e:e3:64:ed:7d:9a:0d:
25:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:01:19:02:30:2C:94:AA:36:61:FD:35:37:9E:C9:38:80:17:6B:E5
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8218F9FACD0711EF896CD958762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.239.36.0/24
Signature Algorithm: sha256WithRSAEncryption
87:87:95:1f:74:86:b8:cd:3f:bf:23:27:52:b9:dc:50:dc:e6:
96:86:3c:1d:c3:52:0e:9a:84:2f:fb:33:dc:81:f9:b1:ea:f4:
7f:52:94:2e:d2:16:40:58:14:87:47:b7:4b:d7:36:e7:9a:8e:
8f:a0:da:37:2d:6b:63:8c:7b:82:56:80:d9:12:a4:92:48:49:
ea:1d:5b:61:76:48:69:4c:ed:d9:f9:96:8c:27:55:74:e8:f9:
26:6c:85:d2:e3:f7:b4:17:d0:e0:b3:8b:27:13:da:8e:81:97:
2a:a3:94:71:e0:a6:05:94:f0:a2:12:bc:18:f6:ba:26:b2:ea:
a1:8d:50:20:e0:b2:27:f5:0e:c9:ff:ee:f9:04:00:3b:18:52:
76:a2:2d:f6:67:11:83:ef:10:26:e6:04:01:d3:ec:c3:be:6c:
5e:c7:a6:7e:c9:72:ed:c1:32:f0:1e:ab:3c:fc:19:e5:7c:aa:
15:d4:eb:9c:7a:38:a8:e8:e3:05:ff:c2:de:ac:17:91:e0:67:
fe:24:ba:1a:24:72:11:f3:0b:52:8f:c4:c1:00:5e:6d:1e:35:
5f:9a:86:63:80:2c:86:51:72:98:06:dd:b8:9e:53:40:43:b0:
a6:22:d3:33:83:16:21:49:62:97:db:33:68:a1:5b:15:8b:d9:
5e:1d:c6:d6
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPylMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTQ1NTU3WhcNMjcxMjEzMTQ1NTU3WjAYMRYw
FAYDVQQDEw02NzdkNDA4MC1hMGNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6daPKNKHttL8aoEzv4OsD/FxpnNPsAYOKTtuvIeywZ27Y5VJgGybm/9T
90q+kuray5A9XcfZhjeC+lUtA+aj7ZnQCPES3OKKYBZEhvJ0CsmmLSbIkZvsn8CV
rBN7YzMK65KcinTZYcoL4xgDwBhYCphjdEo4YQ0O4QqYe6ICN8M6Yf1VzFB9ZOfK
RkvIJbyYKJGyWB4bMoHemZzgdNQrmLnieLKRNPsr9IKe8j6lHidaDc7wkMel3o6D
uvgeqdzXJrOdwiW1iJ3a1sk0mBSJLXpN7p0T2WCbJeE/+Q7VRC92c+CEazBuMBAN
TAKlx7HcXcomARuxTy7jZO19mg0lvQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFwB
GQIwLJSqNmH9NTeeyTiAF2vlMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84MjE4RjlGQUNEMDcxMUVGODk2Q0Q5NTg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO8kMA0GCSqGSIb3DQEBCwUA
A4IBAQCHh5UfdIa4zT+/IydSudxQ3OaWhjwdw1IOmoQv+zPcgfmx6vR/UpQu0hZA
WBSHR7dL1zbnmo6PoNo3LWtjjHuCVoDZEqSSSEnqHVthdkhpTO3Z+ZaMJ1V06Pkm
bIXS4/e0F9Dgs4snE9qOgZcqo5Rx4KYFlPCiErwY9romsuqhjVAg4LIn9Q7J/+75
BAA7GFJ2oi32ZxGD7xAm5gQB0+zDvmxex6Z+yXLtwTLwHqs8/BnlfKoV1Oucejio
6OMF/8LerBeR4Gf+JLoaJHIR8wtSj8TBAF5tHjVfmoZjgCyGUXKYBt24nlNAQ7Cm
ItMzgxYhSWKX2zNooVsVi9leHcbW
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:56:14 2025 by rpki-client