Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8DEE78B4B5FA11EF85C69E8D762E951A.roa
File: 8DEE78B4B5FA11EF85C69E8D762E951A.roa (raw, json)
Hash identifier: aADXiQfv8GKAawxv0IvlyjjtTV043L7myH9ciVPJ0Bc=
Subject key identifier: 1E:F0:39:DD:52:83:FF:F9:19:07:51:6B:74:F5:DE:28:33:11:79:72
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E14A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8DEE78B4B5FA11EF85C69E8D762E951A.roa
Signing time: Mon 09 Dec 2024 06:55:20 +0000
ROA not before: Mon 09 Dec 2024 06:55:16 +0000
ROA not after: Thu 06 Feb 2025 06:55:16 +0000
asID: 149014
IP address blocks: 156.236.96.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 06 Feb 2025 06:55:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57674 (0xe14a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 9 06:55:16 2024 GMT
Not After : Feb 6 06:55:16 2025 GMT
Subject: CN=67569458-5f6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:64:e9:ed:fd:bd:79:8d:10:a6:ce:2f:42:d4:
75:42:55:d7:e0:04:8c:80:91:c9:02:a7:f5:ae:0c:
e0:fa:26:b0:2d:62:23:b7:9d:40:05:61:46:e0:1a:
9c:a0:65:fb:44:7b:ce:d6:1b:0d:ee:8b:a9:e4:8f:
a5:f4:0f:da:ea:b4:b5:0e:2e:1e:90:57:dd:cf:e7:
4f:c0:c8:4a:ca:5c:74:25:8b:89:97:53:28:74:05:
91:58:3b:5e:2d:9b:85:1a:1e:fc:98:e3:9b:ae:40:
9c:ef:4a:8f:bc:d9:95:c3:c7:98:f5:b2:33:cf:80:
99:3e:c9:f7:a7:89:a1:91:80:68:5b:aa:a7:99:43:
65:aa:69:f4:26:9b:f9:85:d4:ae:23:0b:c5:b6:e4:
be:c0:b3:f2:7a:f9:51:8e:dc:8b:b5:70:52:50:56:
84:22:1c:85:d0:59:26:fc:5a:ea:71:f1:0e:4b:72:
4c:91:b8:1d:9f:a0:0b:01:14:0b:f7:d1:20:f7:5b:
89:c3:7e:9a:92:b2:56:5a:d8:51:bf:a0:78:25:52:
09:37:3c:90:68:57:29:98:fe:7c:d5:50:48:e4:98:
4c:7c:f7:6d:a4:70:4e:ee:0b:5d:e5:92:50:ff:5a:
34:18:75:84:cb:e0:4c:a3:05:64:c8:a2:62:76:e6:
11:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:F0:39:DD:52:83:FF:F9:19:07:51:6B:74:F5:DE:28:33:11:79:72
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8DEE78B4B5FA11EF85C69E8D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.236.96.0/22
Signature Algorithm: sha256WithRSAEncryption
27:91:41:ec:49:6d:73:e8:b4:11:60:6b:04:c2:bc:58:fd:5f:
c7:ce:56:2b:78:0a:04:10:73:af:27:40:4f:ac:d0:1b:23:f1:
02:3f:b1:8d:5c:93:a5:61:d2:1d:13:29:c9:25:6b:16:30:94:
3f:69:81:fc:ff:4f:22:6d:24:c3:a2:d5:4c:00:49:30:5c:fd:
be:38:94:35:b9:42:27:37:a7:c0:cf:39:e1:5d:6c:87:6f:c4:
b6:62:d0:30:1e:3e:33:f0:d4:54:73:75:e0:a2:d7:28:e5:b9:
77:7b:e6:ad:1c:d3:3a:83:6a:34:48:44:ec:83:1c:94:df:3d:
5d:0b:8b:95:d4:33:92:6b:07:25:92:cd:59:d0:58:38:75:a5:
a1:b2:b4:fe:11:79:04:b9:c8:60:d0:53:ff:d1:27:c6:75:37:
a3:16:b2:db:84:38:c5:3d:a4:fe:f7:1a:6d:92:81:ea:7f:c1:
b2:82:91:58:3c:e4:cc:aa:36:1b:3a:be:85:f1:b0:60:66:85:
76:26:02:06:a4:e4:e0:1f:11:57:95:cb:b6:fa:13:52:34:e2:
9e:89:e8:80:0d:35:5a:e4:84:0c:d8:66:a0:32:16:45:53:9d:
3b:ab:52:86:57:96:fa:50:d1:16:02:9d:5d:21:bd:5d:07:3a:
2e:ff:a5:84
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOFKMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjA5MDY1NTE2WhcNMjUwMjA2MDY1NTE2WjAYMRYw
FAYDVQQDEw02NzU2OTQ1OC01ZjZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtWTp7f29eY0Qps4vQtR1QlXX4ASMgJHJAqf1rgzg+iawLWIjt51ABWFG
4BqcoGX7RHvO1hsN7oup5I+l9A/a6rS1Di4ekFfdz+dPwMhKylx0JYuJl1ModAWR
WDteLZuFGh78mOObrkCc70qPvNmVw8eY9bIzz4CZPsn3p4mhkYBoW6qnmUNlqmn0
Jpv5hdSuIwvFtuS+wLPyevlRjtyLtXBSUFaEIhyF0Fkm/FrqcfEOS3JMkbgdn6AL
ARQL99Eg91uJw36akrJWWthRv6B4JVIJNzyQaFcpmP581VBI5JhMfPdtpHBO7gtd
5ZJQ/1o0GHWEy+BMowVkyKJiduYRGwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFB7w
Od1Sg//5GQdRa3T13igzEXlyMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84REVFNzhCNEI1RkExMUVGODVDNjlFOEQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnOxgMA0GCSqGSIb3DQEBCwUA
A4IBAQAnkUHsSW1z6LQRYGsEwrxY/V/HzlYreAoEEHOvJ0BPrNAbI/ECP7GNXJOl
YdIdEynJJWsWMJQ/aYH8/08ibSTDotVMAEkwXP2+OJQ1uUInN6fAzznhXWyHb8S2
YtAwHj4z8NRUc3Xgotco5bl3e+atHNM6g2o0SETsgxyU3z1dC4uV1DOSawclks1Z
0Fg4daWhsrT+EXkEuchg0FP/0SfGdTejFrLbhDjFPaT+9xptkoHqf8GygpFYPOTM
qjYbOr6F8bBgZoV2JgIGpOTgHxFXlcu2+hNSNOKeieiADTVa5IQM2GagMhZFU507
q1KGV5b6UNEWAp1dIb1dBzou/6WE
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:52:23 2025 by rpki-client