Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8C78F858B3D211EFBA462676762E951A.roa
File: 8C78F858B3D211EFBA462676762E951A.roa (raw, json)
Hash identifier: iUW0cXmn0YWOsPmEY7gLr9RPgZM2NgLIjpy4HAmPhvw=
Subject key identifier: 9B:DA:DD:BD:07:F5:EC:3A:64:C9:45:94:DF:07:CB:C2:30:7D:5D:4B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E027
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8C78F858B3D211EFBA462676762E951A.roa
Signing time: Fri 06 Dec 2024 13:03:55 +0000
ROA not before: Fri 06 Dec 2024 13:03:52 +0000
ROA not after: Mon 10 Mar 2025 13:03:52 +0000
asID: 54600
IP address blocks: 156.236.192.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57383 (0xe027)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 6 13:03:52 2024 GMT
Not After : Mar 10 13:03:52 2025 GMT
Subject: CN=6752f63b-96a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:ea:78:6b:f7:28:47:f6:4b:88:a7:7b:da:19:
9f:63:e8:03:0b:bd:da:27:66:d0:88:e8:96:e4:fa:
65:86:e5:95:37:e6:ee:a1:28:1b:d2:b2:1c:06:a8:
fc:89:2e:8e:ba:f5:2c:fe:e9:ed:d9:c1:fd:d5:32:
08:8e:95:5e:16:c0:59:05:08:a1:16:1a:3c:60:e9:
a6:5d:2f:13:4e:b6:ed:6c:08:72:eb:65:e3:8a:50:
ed:91:75:29:ef:67:8a:59:5e:66:66:6e:fd:2e:1a:
29:95:d9:cf:c2:80:18:86:01:3f:cd:59:31:aa:9b:
d9:53:00:f8:76:97:99:3b:da:04:6a:ea:21:c2:9e:
15:4e:69:9c:bc:ea:a8:ef:4c:ea:4b:a0:31:cd:77:
1c:a6:88:3b:53:cc:0b:91:90:8f:6b:71:d8:d7:84:
68:73:e8:5c:4f:57:9b:dd:fd:f7:9b:16:37:50:f8:
ac:06:53:f9:64:67:0f:b1:40:40:11:4c:49:17:52:
20:10:45:64:07:f6:45:9e:cd:ba:b2:47:18:e2:0b:
16:15:97:d5:6c:99:69:0a:da:b5:ac:e2:1f:66:27:
5c:94:f9:bc:e6:2d:71:6e:53:84:85:f3:3a:6c:44:
72:4c:b5:a6:92:22:e1:bc:23:b1:42:9b:c8:dd:9b:
e7:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:DA:DD:BD:07:F5:EC:3A:64:C9:45:94:DF:07:CB:C2:30:7D:5D:4B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8C78F858B3D211EFBA462676762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.236.192.0/18
Signature Algorithm: sha256WithRSAEncryption
94:b8:b0:f0:68:1b:d7:aa:d3:28:10:a6:2f:b4:2a:07:08:9c:
c7:7a:45:cc:e8:04:f8:ba:af:97:42:4f:9b:d0:20:a0:6b:97:
17:61:2c:3a:7c:c7:61:65:93:8a:26:e0:b2:74:a6:43:2e:4b:
bb:42:0e:10:80:c7:4d:63:68:b7:0d:5e:97:d7:86:1f:19:4d:
b2:4b:2c:93:36:3e:d3:e4:fc:58:62:a7:31:d5:d4:31:81:1d:
be:53:a1:5e:f4:33:e8:f8:18:73:f7:01:94:9f:0f:3c:af:d7:
d5:12:76:ce:35:46:20:cb:1f:a5:b8:c7:78:c6:af:23:a2:24:
72:09:8f:75:2e:75:b7:bd:8e:16:7f:c1:db:ea:4b:2d:44:08:
86:f9:22:42:3c:2d:66:8b:28:a6:72:64:a1:2e:71:8e:f1:0c:
52:51:05:21:df:aa:22:cd:94:b8:10:c2:00:a0:a1:36:f7:71:
d1:7a:7d:92:5c:83:fd:f0:e3:c3:a9:8d:66:8b:4c:28:00:b6:
46:8a:40:b7:d3:a2:0f:88:30:f9:7e:18:cd:17:38:11:0b:47:
d6:82:63:dc:28:f5:87:02:dd:16:e2:62:50:f4:54:d9:19:14:
6d:64:08:06:5c:a7:5d:2c:65:4e:d8:30:35:8c:d4:53:48:dc:
1f:b5:b3:f9
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOAnMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjA2MTMwMzUyWhcNMjUwMzEwMTMwMzUyWjAYMRYw
FAYDVQQDEw02NzUyZjYzYi05NmEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAz+p4a/coR/ZLiKd72hmfY+gDC73aJ2bQiOiW5PplhuWVN+buoSgb0rIc
Bqj8iS6OuvUs/unt2cH91TIIjpVeFsBZBQihFho8YOmmXS8TTrbtbAhy62XjilDt
kXUp72eKWV5mZm79LhopldnPwoAYhgE/zVkxqpvZUwD4dpeZO9oEauohwp4VTmmc
vOqo70zqS6AxzXccpog7U8wLkZCPa3HY14Roc+hcT1eb3f33mxY3UPisBlP5ZGcP
sUBAEUxJF1IgEEVkB/ZFns26skcY4gsWFZfVbJlpCtq1rOIfZidclPm85i1xblOE
hfM6bERyTLWmkiLhvCOxQpvI3Zvn2wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJva
3b0H9ew6ZMlFlN8Hy8IwfV1LMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84Qzc4Rjg1OEIzRDIxMUVGQkE0NjI2NzY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGnOzAMA0GCSqGSIb3DQEBCwUA
A4IBAQCUuLDwaBvXqtMoEKYvtCoHCJzHekXM6AT4uq+XQk+b0CCga5cXYSw6fMdh
ZZOKJuCydKZDLku7Qg4QgMdNY2i3DV6X14YfGU2ySyyTNj7T5PxYYqcx1dQxgR2+
U6Fe9DPo+Bhz9wGUnw88r9fVEnbONUYgyx+luMd4xq8joiRyCY91LnW3vY4Wf8Hb
6kstRAiG+SJCPC1miyimcmShLnGO8QxSUQUh36oizZS4EMIAoKE293HRen2SXIP9
8OPDqY1mi0woALZGikC306IPiDD5fhjNFzgRC0fWgmPcKPWHAt0W4mJQ9FTZGRRt
ZAgGXKddLGVO2DA1jNRTSNwftbP5
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:43:51 2025 by rpki-client