Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9ADCD524CCD011EFAA586E7E762E951A.roa
File: 9ADCD524CCD011EFAA586E7E762E951A.roa (raw, json)
Hash identifier: BQJDtdXmzGAC8+fZNWe59F3FKXYjkXiGQ81IQTNzRDI=
Subject key identifier: 86:DA:F9:6B:E6:45:4A:F6:03:58:20:CC:80:EA:6B:4E:A9:05:C9:60
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FAC2
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9ADCD524CCD011EFAA586E7E762E951A.roa
Signing time: Tue 07 Jan 2025 08:22:59 +0000
ROA not before: Tue 07 Jan 2025 08:22:56 +0000
ROA not after: Mon 13 Dec 2027 08:22:56 +0000
asID: 17561
IP address blocks: 156.233.150.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64194 (0xfac2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 08:22:56 2025 GMT
Not After : Dec 13 08:22:56 2027 GMT
Subject: CN=677ce463-ebba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:25:93:b4:55:cd:8a:38:7c:02:64:04:2e:04:
98:f1:3d:e7:d7:bf:12:4d:40:c0:47:b0:3e:f8:b8:
47:4a:b2:c8:60:5d:b9:3f:d4:fe:86:55:71:11:15:
87:4d:b4:3d:10:89:d2:91:b2:25:a0:1a:e8:6d:2f:
f3:a0:75:0c:68:43:bc:67:8e:3a:02:0b:6d:d1:89:
a0:84:d7:dc:f0:a2:37:1d:dd:2f:59:f9:ff:f3:91:
0c:71:23:be:95:b1:28:46:f2:3c:2f:90:8d:3b:69:
ab:ca:79:38:2b:1a:37:d2:a1:0e:70:0c:9c:32:d1:
7c:0c:15:8d:44:7e:eb:bb:a1:31:5d:18:a6:7c:2c:
26:0e:3b:a4:25:3c:3f:a5:75:e6:a2:94:25:46:7d:
f8:fa:5e:86:53:4e:68:b5:63:8c:03:ab:a6:9b:f2:
de:57:0b:ae:5f:99:8b:84:66:8a:27:78:65:b7:3e:
16:3d:87:34:35:1c:ab:1e:42:3a:98:04:c3:be:6f:
a3:17:55:48:b2:18:b0:48:96:54:c8:a8:85:2e:b0:
e6:1a:45:09:ae:ce:d0:3c:5b:22:71:d7:49:87:8d:
73:ba:51:9f:40:c8:c1:af:3a:f4:b7:bd:cb:fb:85:
a0:78:8d:e9:10:52:53:39:cf:27:6a:7a:f2:3e:1c:
4f:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:DA:F9:6B:E6:45:4A:F6:03:58:20:CC:80:EA:6B:4E:A9:05:C9:60
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9ADCD524CCD011EFAA586E7E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.150.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:d2:be:dc:1b:79:a3:e4:78:3f:fe:63:b2:c2:c7:f3:15:bc:
a6:4a:fd:38:1b:ea:25:5b:25:a1:9f:51:a2:39:82:06:cb:d1:
9f:a6:d3:b8:0a:fe:29:5f:2f:34:a6:0f:5d:b3:a6:c2:29:bc:
aa:97:fc:69:ab:f7:c6:bb:fd:b2:3e:3c:0c:46:9a:2c:04:8b:
67:e6:cc:9f:fa:66:7e:85:15:45:1c:46:1d:2f:20:2a:a4:58:
c1:21:c3:d3:e1:3e:27:eb:e3:19:32:5a:82:18:a9:6f:0f:0e:
d6:42:e8:d3:45:f0:7d:89:0e:55:2e:6f:73:81:90:d4:13:8b:
cd:d9:48:70:d8:5b:69:a3:2a:3f:9a:95:99:69:f7:c8:8e:a4:
6a:06:56:81:69:b9:2a:b9:f3:32:9c:ad:0f:74:0c:44:35:bb:
17:bc:fb:b8:b4:18:00:a2:bc:90:d2:e2:79:99:90:fb:5d:8f:
77:29:c8:97:e1:13:10:4a:cf:8a:3a:86:7a:a8:90:db:40:8a:
97:0c:88:10:87:dd:b4:1c:10:6a:da:e4:d0:7c:5b:2c:7f:d0:
0c:43:da:46:2f:34:d6:d1:2a:e6:05:84:18:c4:64:e0:3d:b2:
b3:67:83:41:04:84:28:27:0d:3e:5c:e1:4b:72:14:22:46:a3:
69:e3:c1:d8
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPrCMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDgyMjU2WhcNMjcxMjEzMDgyMjU2WjAYMRYw
FAYDVQQDEw02NzdjZTQ2My1lYmJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsCWTtFXNijh8AmQELgSY8T3n178STUDAR7A++LhHSrLIYF25P9T+hlVx
ERWHTbQ9EInSkbIloBrobS/zoHUMaEO8Z446Agtt0YmghNfc8KI3Hd0vWfn/85EM
cSO+lbEoRvI8L5CNO2mrynk4Kxo30qEOcAycMtF8DBWNRH7ru6ExXRimfCwmDjuk
JTw/pXXmopQlRn34+l6GU05otWOMA6umm/LeVwuuX5mLhGaKJ3hltz4WPYc0NRyr
HkI6mATDvm+jF1VIshiwSJZUyKiFLrDmGkUJrs7QPFsicddJh41zulGfQMjBrzr0
t73L+4WgeI3pEFJTOc8nanryPhxP+QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIba
+WvmRUr2A1ggzIDqa06pBclgMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85QURDRDUyNENDRDAxMUVGQUE1ODZFN0U3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOmWMA0GCSqGSIb3DQEBCwUA
A4IBAQAr0r7cG3mj5Hg//mOywsfzFbymSv04G+olWyWhn1GiOYIGy9GfptO4Cv4p
Xy80pg9ds6bCKbyql/xpq/fGu/2yPjwMRposBItn5syf+mZ+hRVFHEYdLyAqpFjB
IcPT4T4n6+MZMlqCGKlvDw7WQujTRfB9iQ5VLm9zgZDUE4vN2Uhw2Ftpoyo/mpWZ
affIjqRqBlaBabkqufMynK0PdAxENbsXvPu4tBgAoryQ0uJ5mZD7XY93KciX4RMQ
Ss+KOoZ6qJDbQIqXDIgQh920HBBq2uTQfFssf9AMQ9pGLzTW0SrmBYQYxGTgPbKz
Z4NBBIQoJw0+XOFLchQiRqNp48HY
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:57:49 2025 by rpki-client