Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8D1989F4D24411EFBF18FE9E762E951A.roa
File: 8D1989F4D24411EFBF18FE9E762E951A.roa (raw, json)
Hash identifier: r+mQfwtJB0BcpiDAJ0+g9ExG+CNkDqw2yhKwnV7DU1k=
Subject key identifier: B6:34:94:D4:78:AB:10:78:08:11:7C:8B:4C:A7:47:F1:90:22:C2:40
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0106C6
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8D1989F4D24411EFBF18FE9E762E951A.roa
Signing time: Tue 14 Jan 2025 06:55:34 +0000
ROA not before: Tue 14 Jan 2025 06:55:30 +0000
ROA not after: Thu 15 May 2025 06:55:30 +0000
asID: 134365
IP address blocks: 156.224.18.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67270 (0x106c6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 14 06:55:30 2025 GMT
Not After : May 15 06:55:30 2025 GMT
Subject: CN=67860a66-5842
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:cf:45:d7:29:26:86:b7:7f:64:0b:8a:f6:48:
ca:26:37:e8:0e:ed:47:d7:f0:50:8a:b1:2e:b6:4b:
7c:cd:99:76:d9:4f:83:22:f5:32:d2:e0:aa:f9:0c:
17:d4:c7:4a:52:3b:a6:44:69:40:e0:4c:f0:5e:d9:
b2:32:fb:e1:26:00:68:67:ac:a8:05:49:37:ec:2e:
d8:50:f8:17:58:3a:84:4f:36:30:67:b1:54:7a:64:
8e:b3:e2:33:fa:73:36:17:f5:74:76:1d:31:f5:35:
9a:72:27:14:06:ef:b3:8a:a8:ab:97:d6:a2:e9:31:
9e:98:f8:83:76:b3:58:a8:68:ea:b4:95:0e:b5:e4:
55:c9:7a:7d:46:a4:d3:f5:1e:30:9c:34:95:5f:94:
89:0a:a1:cd:a4:18:fa:c2:f6:1d:ef:40:f5:ee:70:
e7:97:19:9d:92:33:5a:61:69:9b:6b:84:b8:fc:43:
36:a7:87:c6:ee:1b:3a:2a:fb:a7:47:a8:56:c9:97:
c4:bc:e2:26:24:da:f0:ec:dd:9c:9d:a6:e4:f2:33:
20:f7:d8:c1:90:cc:3c:b4:30:26:5a:c8:6f:68:25:
d7:af:4c:cb:6b:da:72:5f:5a:db:d6:6f:52:fd:3a:
c7:aa:21:b9:c4:06:08:4e:c2:0e:ad:ba:79:0b:ac:
5e:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:34:94:D4:78:AB:10:78:08:11:7C:8B:4C:A7:47:F1:90:22:C2:40
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8D1989F4D24411EFBF18FE9E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.224.18.0/23
Signature Algorithm: sha256WithRSAEncryption
51:5b:9b:a2:b7:6c:e2:31:17:34:56:a9:0c:07:25:76:04:34:
96:d2:a1:e9:26:68:b4:07:51:3d:d0:b3:68:c4:c5:15:35:04:
46:51:60:4a:94:79:5b:13:18:48:44:0a:da:6a:a8:31:b5:31:
da:2e:34:eb:bf:59:d1:6c:53:de:46:5a:e2:b8:fc:18:ec:ed:
e6:cf:ce:d9:bc:0c:54:07:ad:1a:34:3d:47:8c:17:1b:38:06:
86:be:b9:80:64:d0:6a:84:16:2b:19:e5:10:27:b1:7f:af:22:
03:a3:30:ba:e4:b7:22:d5:ba:9b:e1:42:f8:8b:b6:5c:fb:87:
8c:38:93:8f:28:7f:4d:22:df:74:e2:a5:07:fe:0b:be:32:33:
69:3a:07:9f:eb:cd:32:4b:fa:db:66:e8:86:93:4d:57:e9:c2:
ed:d4:41:75:67:05:8b:fc:11:03:da:07:c6:33:f4:13:8a:4b:
c0:18:35:7c:c1:10:0a:61:88:d0:e6:bb:ad:2c:1e:22:f8:03:
a1:ca:f0:09:08:b0:c0:f6:d4:78:ad:9d:a4:7c:6c:ab:a9:0e:
eb:2f:6e:d2:18:17:b0:ae:c0:b0:cd:cb:03:14:5e:36:d5:4a:
99:e7:dc:03:34:7e:30:75:1d:3b:0d:74:f7:68:e6:07:8b:5f:
1a:c1:9e:68
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQbGMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE0MDY1NTMwWhcNMjUwNTE1MDY1NTMwWjAYMRYw
FAYDVQQDEw02Nzg2MGE2Ni01ODQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAss9F1ykmhrd/ZAuK9kjKJjfoDu1H1/BQirEutkt8zZl22U+DIvUy0uCq
+QwX1MdKUjumRGlA4EzwXtmyMvvhJgBoZ6yoBUk37C7YUPgXWDqETzYwZ7FUemSO
s+Iz+nM2F/V0dh0x9TWacicUBu+ziqirl9ai6TGemPiDdrNYqGjqtJUOteRVyXp9
RqTT9R4wnDSVX5SJCqHNpBj6wvYd70D17nDnlxmdkjNaYWmba4S4/EM2p4fG7hs6
KvunR6hWyZfEvOImJNrw7N2cnabk8jMg99jBkMw8tDAmWshvaCXXr0zLa9pyX1rb
1m9S/TrHqiG5xAYITsIOrbp5C6xeWwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLY0
lNR4qxB4CBF8i0ynR/GQIsJAMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84RDE5ODlGNEQyNDQxMUVGQkYxOEZFOUU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnOASMA0GCSqGSIb3DQEBCwUA
A4IBAQBRW5uit2ziMRc0VqkMByV2BDSW0qHpJmi0B1E90LNoxMUVNQRGUWBKlHlb
ExhIRAraaqgxtTHaLjTrv1nRbFPeRlriuPwY7O3mz87ZvAxUB60aND1HjBcbOAaG
vrmAZNBqhBYrGeUQJ7F/ryIDozC65Lci1bqb4UL4i7Zc+4eMOJOPKH9NIt904qUH
/gu+MjNpOgef680yS/rbZuiGk01X6cLt1EF1ZwWL/BED2gfGM/QTikvAGDV8wRAK
YYjQ5rutLB4i+AOhyvAJCLDA9tR4rZ2kfGyrqQ7rL27SGBewrsCwzcsDFF421UqZ
59wDNH4wdR07DXT3aOYHi18awZ5o
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:01:11 2025 by rpki-client