Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/844E3006CAE011EF86A0CEA5762E951A.roa
File: 844E3006CAE011EF86A0CEA5762E951A.roa (raw, json)
Hash identifier: zLn98wJ34hz/5btqvRB6HhN6Z/RqEAQH6+xOfjaMTcU=
Subject key identifier: B1:12:80:BB:32:F3:A3:56:28:0F:56:24:1E:C8:7E:EA:2F:EA:68:6C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F7AE
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/844E3006CAE011EF86A0CEA5762E951A.roa
Signing time: Sat 04 Jan 2025 21:11:51 +0000
ROA not before: Sun 05 Jan 2025 21:11:48 +0000
ROA not after: Wed 12 Feb 2025 21:11:48 +0000
asID: 18046
IP address blocks: 156.236.13.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63406 (0xf7ae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 5 21:11:48 2025 GMT
Not After : Feb 12 21:11:48 2025 GMT
Subject: CN=6779a417-5419
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:f5:96:8f:57:18:6c:8c:03:be:a5:3c:45:81:
46:ac:89:fb:f4:18:f7:29:bd:08:98:6f:67:11:b8:
96:2a:ce:7c:47:dd:3f:0d:15:1d:03:7d:62:8c:88:
18:98:42:5e:23:c0:aa:a3:20:f3:41:0c:22:cb:9e:
c8:7b:44:4a:7c:14:33:5b:c6:2a:a3:89:39:78:b2:
85:a7:5c:7a:35:77:79:1b:49:13:46:76:d5:a6:0c:
88:ac:bf:35:6a:48:a4:56:ff:09:d7:f1:fa:1b:a2:
bc:67:7a:ab:eb:fa:e2:61:ec:b0:3c:f5:90:13:d5:
0d:95:52:98:0c:86:e5:07:a2:32:30:84:29:3b:cf:
7c:11:bb:28:bf:0f:f7:2e:c3:2f:4f:b5:c1:0c:a0:
d9:97:bb:78:7f:02:cc:4d:67:b2:67:f6:e2:01:58:
b2:6d:ae:dd:f2:ba:72:af:8f:0d:72:c7:96:ec:5b:
a3:be:24:b7:99:bf:ac:e3:78:47:bc:96:f4:02:fc:
bb:ca:8d:86:dc:50:4d:3a:81:6c:a1:ab:82:57:16:
5a:7f:90:76:23:1c:50:f9:13:c2:b2:ba:ad:09:e7:
7e:cc:88:d7:6f:78:ce:1c:a1:2e:a7:57:c1:b5:52:
b7:82:66:18:a3:94:8f:22:e3:75:67:6f:4e:58:88:
a8:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:12:80:BB:32:F3:A3:56:28:0F:56:24:1E:C8:7E:EA:2F:EA:68:6C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/844E3006CAE011EF86A0CEA5762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.236.13.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:a7:55:c9:e2:30:ed:7b:67:05:25:69:b6:9b:70:c2:6e:9a:
94:16:da:2c:b7:8e:1f:03:57:60:89:87:b2:21:65:38:b9:57:
7d:79:4b:72:66:a0:1c:cb:2a:af:13:b1:5e:f4:86:a6:a3:8e:
9e:88:53:13:c1:90:03:e4:5f:92:ae:a6:cd:03:fb:83:c9:dc:
4e:76:ef:f4:38:3d:b7:07:74:d2:06:39:e5:e7:6d:f7:e2:40:
79:36:fa:02:df:54:18:55:e9:98:f5:68:31:85:03:fe:c8:43:
bd:aa:19:c1:94:8d:38:c8:38:fc:44:49:1a:d4:f2:f3:be:f4:
22:1a:01:5f:87:c1:5e:05:b1:e8:65:13:9d:77:00:f3:14:37:
05:5f:68:ea:19:d3:24:c4:50:2a:ee:c0:77:de:f2:1a:e4:5d:
cc:1e:65:7f:13:54:7c:65:6f:94:e0:9e:29:b0:86:45:57:39:
b1:58:12:fb:4e:07:b1:34:d6:cb:7b:d6:1f:57:40:dd:8f:6d:
c7:31:ed:86:cf:a0:05:ea:d7:c4:47:2d:9b:51:ea:8a:dc:f1:
4d:a9:29:ff:be:4d:dc:d3:47:53:66:ae:a1:76:8c:47:b1:e0:
4e:00:4a:50:f5:a1:b0:3b:fe:ea:cd:d2:f9:76:0c:57:90:62:
9d:49:ab:40
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPeuMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA1MjExMTQ4WhcNMjUwMjEyMjExMTQ4WjAYMRYw
FAYDVQQDEw02Nzc5YTQxNy01NDE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwfWWj1cYbIwDvqU8RYFGrIn79Bj3Kb0ImG9nEbiWKs58R90/DRUdA31i
jIgYmEJeI8CqoyDzQQwiy57Ie0RKfBQzW8Yqo4k5eLKFp1x6NXd5G0kTRnbVpgyI
rL81akikVv8J1/H6G6K8Z3qr6/riYeywPPWQE9UNlVKYDIblB6IyMIQpO898Ebso
vw/3LsMvT7XBDKDZl7t4fwLMTWeyZ/biAViyba7d8rpyr48NcseW7FujviS3mb+s
43hHvJb0Avy7yo2G3FBNOoFsoauCVxZaf5B2IxxQ+RPCsrqtCed+zIjXb3jOHKEu
p1fBtVK3gmYYo5SPIuN1Z29OWIioewIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLES
gLsy86NWKA9WJB7Ifuov6mhsMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84NDRFMzAwNkNBRTAxMUVGODZBMENFQTU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOwNMA0GCSqGSIb3DQEBCwUA
A4IBAQCwp1XJ4jDte2cFJWm2m3DCbpqUFtost44fA1dgiYeyIWU4uVd9eUtyZqAc
yyqvE7Fe9Iamo46eiFMTwZAD5F+SrqbNA/uDydxOdu/0OD23B3TSBjnl52334kB5
NvoC31QYVemY9WgxhQP+yEO9qhnBlI04yDj8REka1PLzvvQiGgFfh8FeBbHoZROd
dwDzFDcFX2jqGdMkxFAq7sB33vIa5F3MHmV/E1R8ZW+U4J4psIZFVzmxWBL7Tgex
NNbLe9YfV0Ddj23HMe2Gz6AF6tfERy2bUeqK3PFNqSn/vk3c00dTZq6hdoxHseBO
AEpQ9aGwO/7qzdL5dgxXkGKdSatA
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:47:59 2025 by rpki-client