Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/87B270C0C2A411EF90C48559762E951A.roa
File: 87B270C0C2A411EF90C48559762E951A.roa (raw, json)
Hash identifier: /DBj07JNtFVYwnQ6NncKHSb+7ua/h8Mp05nwm2QkCV4=
Subject key identifier: 3E:17:D8:B6:FC:4F:CF:96:91:18:2C:CB:A0:1D:7A:B1:E0:8F:60:88
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E9F7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/87B270C0C2A411EF90C48559762E951A.roa
Signing time: Wed 25 Dec 2024 09:42:18 +0000
ROA not before: Wed 25 Dec 2024 09:42:14 +0000
ROA not after: Sat 15 Feb 2025 09:42:14 +0000
asID: 138915
IP address blocks: 156.244.32.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59895 (0xe9f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 25 09:42:14 2024 GMT
Not After : Feb 15 09:42:14 2025 GMT
Subject: CN=676bd37a-5609
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:98:3d:18:db:71:41:e4:88:a8:ea:6b:a5:e7:
96:9c:91:b7:f5:fe:dc:81:0c:29:28:ed:00:be:da:
42:88:22:e9:03:b4:38:7a:42:e2:e5:8f:c8:43:5e:
e8:06:8c:36:06:03:50:e4:c7:c6:77:86:c5:16:6a:
fc:18:c5:fc:c9:13:35:be:d0:04:e9:d1:6a:fb:1a:
bb:ae:07:39:3c:b3:be:b0:0d:a7:03:97:b8:db:08:
ff:ba:96:b7:50:2c:45:cb:7f:5c:ee:92:5c:f1:e5:
f8:7f:84:e7:84:73:2e:1f:05:b6:21:0c:de:a3:f8:
ae:cd:36:08:d6:39:94:b2:28:bd:ca:49:6a:d1:36:
f6:ab:7c:8b:f3:19:8f:39:f0:d4:6e:e1:bb:7e:31:
e6:3a:eb:20:7c:c1:0d:88:de:f5:2e:f9:4c:f7:5c:
b0:b6:85:22:87:e2:0b:e4:4f:40:cd:0c:34:a2:c7:
10:30:27:e8:9c:5a:f7:c2:93:27:ed:62:bc:3b:19:
dd:31:11:07:d6:74:8d:06:9c:b3:d3:10:4c:2e:10:
46:4c:74:56:24:d7:b9:27:82:df:d0:54:e6:aa:34:
96:0d:47:f7:3a:b1:5c:c4:d1:bd:d8:6f:0a:b5:b9:
b6:3e:40:6a:68:db:51:7b:03:1f:1b:4b:f8:65:72:
17:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:17:D8:B6:FC:4F:CF:96:91:18:2C:CB:A0:1D:7A:B1:E0:8F:60:88
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/87B270C0C2A411EF90C48559762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.244.32.0/20
Signature Algorithm: sha256WithRSAEncryption
00:0a:ce:1a:74:32:45:c9:df:65:34:c1:73:14:9c:20:ef:f9:
71:a7:73:ae:b2:54:4c:25:ae:62:e8:2c:a4:61:f5:45:df:aa:
59:89:fd:01:4c:65:89:61:e8:62:5f:ce:7b:19:51:d9:66:f4:
d0:8f:ff:f7:b5:b6:7b:d6:16:60:7f:13:b9:85:77:02:a6:bb:
82:dd:16:d5:71:1f:9d:2c:54:16:28:8e:40:bc:44:be:46:1b:
41:43:67:51:ce:fc:13:6c:28:fa:58:14:7a:79:3d:20:6d:73:
85:8b:7b:fb:32:96:92:7d:bc:64:a6:7e:f7:aa:fa:f7:1e:9a:
b0:ef:1f:05:cf:10:b1:1d:b3:f8:fe:7b:44:ac:18:bb:0f:c6:
72:3b:9a:1d:56:69:74:3a:22:81:46:2c:82:65:5e:de:58:0e:
4a:6b:8d:0f:52:2b:ff:54:3f:7c:65:74:2d:2a:1d:7d:75:80:
ae:4a:59:6e:09:93:64:70:48:57:45:da:4d:aa:63:1d:21:48:
0d:b1:44:2e:36:f9:e0:e4:1d:5c:17:b9:7f:f4:48:d7:ac:cb:
45:f2:b3:09:6d:fe:6f:e7:7c:d3:03:0c:c2:ab:c7:97:48:f1:
8c:3e:a3:0b:4f:a4:76:b1:92:54:9b:6b:5a:c6:e0:99:36:1b:
c6:48:02:f2
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOn3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI1MDk0MjE0WhcNMjUwMjE1MDk0MjE0WjAYMRYw
FAYDVQQDEw02NzZiZDM3YS01NjA5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1pg9GNtxQeSIqOprpeeWnJG39f7cgQwpKO0AvtpCiCLpA7Q4ekLi5Y/I
Q17oBow2BgNQ5MfGd4bFFmr8GMX8yRM1vtAE6dFq+xq7rgc5PLO+sA2nA5e42wj/
upa3UCxFy39c7pJc8eX4f4TnhHMuHwW2IQzeo/iuzTYI1jmUsii9yklq0Tb2q3yL
8xmPOfDUbuG7fjHmOusgfMENiN71LvlM91ywtoUih+IL5E9AzQw0oscQMCfonFr3
wpMn7WK8OxndMREH1nSNBpyz0xBMLhBGTHRWJNe5J4Lf0FTmqjSWDUf3OrFcxNG9
2G8Ktbm2PkBqaNtRewMfG0v4ZXIXpwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFD4X
2Lb8T8+WkRgsy6AderHgj2CIMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84N0IyNzBDMEMyQTQxMUVGOTBDNDg1NTk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnPQgMA0GCSqGSIb3DQEBCwUA
A4IBAQAACs4adDJFyd9lNMFzFJwg7/lxp3OuslRMJa5i6CykYfVF36pZif0BTGWJ
YehiX857GVHZZvTQj//3tbZ71hZgfxO5hXcCpruC3RbVcR+dLFQWKI5AvES+RhtB
Q2dRzvwTbCj6WBR6eT0gbXOFi3v7MpaSfbxkpn73qvr3Hpqw7x8FzxCxHbP4/ntE
rBi7D8ZyO5odVml0OiKBRiyCZV7eWA5Ka40PUiv/VD98ZXQtKh19dYCuSlluCZNk
cEhXRdpNqmMdIUgNsUQuNvng5B1cF7l/9EjXrMtF8rMJbf5v53zTAwzCq8eXSPGM
PqMLT6R2sZJUm2taxuCZNhvGSALy
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:44:02 2025 by rpki-client