Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9A62AF04C33B11EF83A43599762E951A.roa
File: 9A62AF04C33B11EF83A43599762E951A.roa (raw, json)
Hash identifier: 8CB7Y3SpdqfTGoSfi3ARea7w9ZgjZOlUOlJDUW3zDIs=
Subject key identifier: 7A:A9:AE:04:1B:B9:2B:D8:0C:68:3A:7C:11:52:AE:48:B9:9D:47:CA
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EB8B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9A62AF04C33B11EF83A43599762E951A.roa
Signing time: Thu 26 Dec 2024 03:43:43 +0000
ROA not before: Thu 26 Dec 2024 03:43:40 +0000
ROA not after: Fri 10 Dec 2027 03:43:40 +0000
asID: 17561
IP address blocks: 156.244.193.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60299 (0xeb8b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 03:43:40 2024 GMT
Not After : Dec 10 03:43:40 2027 GMT
Subject: CN=676cd0ef-96be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:f2:8a:6e:1d:d6:dd:35:19:98:2c:73:31:a4:
0c:4e:86:7a:2f:83:3e:55:ce:9c:19:7e:67:d3:36:
83:42:49:6c:22:13:64:83:e7:04:1b:f9:87:62:d8:
83:bf:a9:cb:6c:33:27:9f:57:18:95:f9:29:b6:37:
81:a6:db:87:a5:81:1c:50:f9:55:64:4d:b6:d3:53:
73:8f:e6:e5:f4:2c:95:55:79:95:f2:11:77:7d:7f:
c0:c8:7a:64:73:be:57:0a:49:2b:e4:e6:da:ec:0b:
1d:d0:9e:21:7e:38:73:1b:09:1c:e6:1b:01:3c:96:
b3:74:2d:dc:52:f3:fa:c3:32:c7:11:50:a8:1b:5b:
fd:72:db:c1:da:14:99:ae:89:e1:26:91:45:23:7d:
69:e0:fa:62:b9:ad:75:d4:c5:dc:4b:c3:ff:ba:03:
de:14:90:bd:af:d3:e6:11:e2:ca:ee:02:21:0b:b4:
cf:25:78:bb:5f:ff:c7:bb:ec:7d:f9:5e:01:94:99:
41:ec:ea:72:8e:c9:30:03:74:98:d6:53:8d:51:bc:
45:94:88:0d:86:76:ef:19:38:74:50:b5:86:46:63:
7b:ed:ef:da:af:1e:83:99:b4:29:a6:28:63:a2:cb:
d7:58:42:5d:54:4c:2c:c5:ba:49:82:6a:b0:5c:cb:
53:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:A9:AE:04:1B:B9:2B:D8:0C:68:3A:7C:11:52:AE:48:B9:9D:47:CA
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9A62AF04C33B11EF83A43599762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.244.193.0/24
Signature Algorithm: sha256WithRSAEncryption
19:5b:e9:d0:07:86:c4:1f:c4:28:99:67:e8:0b:f3:cf:57:78:
93:f2:68:44:02:d5:12:25:80:09:be:30:af:09:c9:a9:61:c2:
45:72:de:68:e0:d0:f5:28:05:59:77:45:df:59:3e:d3:7d:f4:
3b:f9:42:59:16:b5:09:c5:68:ef:ee:3e:99:cc:b3:91:86:f7:
6e:5b:69:a6:45:54:13:11:a5:8f:f0:4d:ee:ae:5a:d5:eb:04:
94:1d:49:78:4c:81:bc:0b:45:96:e4:df:a4:13:7a:11:85:aa:
c2:e9:6c:a5:9a:28:dd:3c:18:62:21:18:22:6f:35:e3:58:f1:
f0:16:39:e1:f2:e5:e0:b3:71:e8:40:a4:a3:f1:cc:bf:b0:43:
a1:e7:52:7e:d0:23:4f:ed:4c:af:25:3e:02:34:7e:35:32:f2:
99:c1:1e:4e:35:d1:f5:a2:ca:d8:4d:66:b0:f3:cd:56:19:3f:
37:8f:c9:a8:30:5b:1e:f4:86:71:39:d0:db:af:cc:1f:de:25:
40:0a:ac:44:da:3e:ea:92:72:46:25:18:ce:52:f8:f3:2b:af:
c2:9d:8e:79:8f:a5:7d:d2:45:42:76:d9:06:24:94:6c:e6:7a:
71:77:07:4f:66:ab:06:08:b5:c3:2c:1e:57:0d:46:6b:30:68:
65:8c:22:14
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOuLMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDM0MzQwWhcNMjcxMjEwMDM0MzQwWjAYMRYw
FAYDVQQDEw02NzZjZDBlZi05NmJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvfKKbh3W3TUZmCxzMaQMToZ6L4M+Vc6cGX5n0zaDQklsIhNkg+cEG/mH
YtiDv6nLbDMnn1cYlfkptjeBptuHpYEcUPlVZE2201Nzj+bl9CyVVXmV8hF3fX/A
yHpkc75XCkkr5Oba7Asd0J4hfjhzGwkc5hsBPJazdC3cUvP6wzLHEVCoG1v9ctvB
2hSZronhJpFFI31p4Ppiua111MXcS8P/ugPeFJC9r9PmEeLK7gIhC7TPJXi7X//H
u+x9+V4BlJlB7OpyjskwA3SY1lONUbxFlIgNhnbvGTh0ULWGRmN77e/arx6DmbQp
pihjosvXWEJdVEwsxbpJgmqwXMtThwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHqp
rgQbuSvYDGg6fBFSrki5nUfKMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85QTYyQUYwNEMzM0IxMUVGODNBNDM1OTk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPTBMA0GCSqGSIb3DQEBCwUA
A4IBAQAZW+nQB4bEH8QomWfoC/PPV3iT8mhEAtUSJYAJvjCvCcmpYcJFct5o4ND1
KAVZd0XfWT7TffQ7+UJZFrUJxWjv7j6ZzLORhvduW2mmRVQTEaWP8E3urlrV6wSU
HUl4TIG8C0WW5N+kE3oRharC6WylmijdPBhiIRgibzXjWPHwFjnh8uXgs3HoQKSj
8cy/sEOh51J+0CNP7UyvJT4CNH41MvKZwR5ONdH1osrYTWaw881WGT83j8moMFse
9IZxOdDbr8wf3iVACqxE2j7qknJGJRjOUvjzK6/CnY55j6V90kVCdtkGJJRs5npx
dwdPZqsGCLXDLB5XDUZrMGhljCIU
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:47:05 2025 by rpki-client