Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9F680366CBD611EF938A7444762E951A.roa
File: 9F680366CBD611EF938A7444762E951A.roa (raw, json)
Hash identifier: U3Y4hcR9QA6JJeSOCV9c751WTMwX3zlALTnnHYBN5Xc=
Subject key identifier: 1D:8D:DF:B1:60:31:D9:7B:A0:D7:1F:D6:1B:36:0D:07:79:E6:02:78
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F7D8
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9F680366CBD611EF938A7444762E951A.roa
Signing time: Mon 06 Jan 2025 02:33:33 +0000
ROA not before: Mon 06 Jan 2025 02:33:29 +0000
ROA not after: Sun 09 Feb 2025 02:33:29 +0000
asID: 11404
IP address blocks: 156.237.16.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63448 (0xf7d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 6 02:33:29 2025 GMT
Not After : Feb 9 02:33:29 2025 GMT
Subject: CN=677b40fd-8b52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:56:4d:20:bb:1a:8f:6a:8e:7a:02:53:5c:4d:
ef:9d:08:8e:9e:5e:0d:53:6c:d9:ab:3f:f2:c7:ef:
29:33:4c:97:fa:63:03:5e:f8:1e:1b:ac:0a:cb:4d:
a0:92:78:e6:13:bc:f1:fa:b2:e7:25:81:36:83:f7:
dd:de:ba:dd:c1:e3:ce:86:b0:85:80:10:32:7e:fc:
d0:2f:de:9d:da:ee:57:34:db:a3:ad:ea:72:04:74:
d7:ab:3e:d1:0f:13:c4:2e:6e:41:78:a9:27:bb:17:
48:5d:12:81:f6:bd:f6:ce:6d:5b:ff:19:83:80:21:
ce:9c:e4:03:cb:ca:28:a9:67:22:c9:3b:da:2b:9e:
ea:76:31:79:50:fa:43:2e:d5:67:7a:db:15:8b:57:
00:1b:e1:f9:9d:43:9f:e7:b2:4d:fa:78:0b:bc:8b:
77:04:cb:6f:f0:95:8b:87:83:6e:0b:fd:8d:20:a5:
88:57:de:b0:e4:c9:5a:e4:6b:81:d2:ae:ee:1a:65:
8d:74:67:0f:46:2f:ee:e2:6d:1e:8f:17:6d:fb:19:
aa:b2:91:2e:12:a0:41:81:32:6d:c5:d3:f6:f5:66:
c8:23:8f:d7:2a:18:c0:bd:9f:70:85:bf:66:c0:d4:
f3:6d:e5:f7:da:b3:17:d4:75:c5:40:e0:ba:e9:3d:
f4:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:8D:DF:B1:60:31:D9:7B:A0:D7:1F:D6:1B:36:0D:07:79:E6:02:78
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9F680366CBD611EF938A7444762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.237.16.0/20
Signature Algorithm: sha256WithRSAEncryption
10:2c:08:de:2c:0f:29:0f:ee:8e:79:98:a8:84:44:8a:97:d3:
f1:3b:96:d9:cc:71:5f:d4:33:d1:42:aa:09:34:83:10:95:64:
a2:18:81:21:75:6a:3f:a5:d5:7d:8e:1a:9e:02:e2:4d:52:2e:
42:f7:82:5d:3a:d1:36:34:b8:97:e2:80:26:df:57:90:2d:d4:
03:3f:50:c5:2d:84:51:c9:6c:ce:a7:87:8f:22:ba:bd:63:f9:
60:dd:56:a5:a4:53:2c:da:17:6a:60:46:c0:bb:c1:88:b6:c7:
59:ff:59:2a:b8:96:49:b3:aa:ee:43:ee:35:18:e3:bb:69:2a:
70:a5:de:f2:c8:51:df:ca:7f:90:7d:85:61:fa:77:11:68:dd:
c1:7f:bd:4c:a1:be:3a:e6:3b:4f:a7:7e:7a:33:60:59:a3:11:
ce:b8:96:42:f0:40:71:e4:3b:ac:d9:b9:bb:f3:23:ab:1f:0b:
70:50:f3:62:f8:e1:89:9a:31:69:ab:63:bb:63:18:99:63:10:
75:1d:d7:52:2d:8b:6c:55:83:4f:d7:40:be:a7:6b:0d:20:61:
23:7f:95:1b:cc:5c:d3:79:09:0e:e6:b8:78:24:65:8c:5f:c4:
30:7e:07:76:76:80:d7:3d:b9:c5:cd:3f:3e:43:dd:97:07:11:
ec:b5:f9:b9
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPfYMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA2MDIzMzI5WhcNMjUwMjA5MDIzMzI5WjAYMRYw
FAYDVQQDEw02NzdiNDBmZC04YjUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwVZNILsaj2qOegJTXE3vnQiOnl4NU2zZqz/yx+8pM0yX+mMDXvgeG6wK
y02gknjmE7zx+rLnJYE2g/fd3rrdwePOhrCFgBAyfvzQL96d2u5XNNujrepyBHTX
qz7RDxPELm5BeKknuxdIXRKB9r32zm1b/xmDgCHOnOQDy8ooqWciyTvaK57qdjF5
UPpDLtVnetsVi1cAG+H5nUOf57JN+ngLvIt3BMtv8JWLh4NuC/2NIKWIV96w5Mla
5GuB0q7uGmWNdGcPRi/u4m0ejxdt+xmqspEuEqBBgTJtxdP29WbII4/XKhjAvZ9w
hb9mwNTzbeX32rMX1HXFQOC66T30pwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFB2N
37FgMdl7oNcf1hs2DQd55gJ4MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85RjY4MDM2NkNCRDYxMUVGOTM4QTc0NDQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnO0QMA0GCSqGSIb3DQEBCwUA
A4IBAQAQLAjeLA8pD+6OeZiohESKl9PxO5bZzHFf1DPRQqoJNIMQlWSiGIEhdWo/
pdV9jhqeAuJNUi5C94JdOtE2NLiX4oAm31eQLdQDP1DFLYRRyWzOp4ePIrq9Y/lg
3ValpFMs2hdqYEbAu8GItsdZ/1kquJZJs6ruQ+41GOO7aSpwpd7yyFHfyn+QfYVh
+ncRaN3Bf71Mob465jtPp356M2BZoxHOuJZC8EBx5Dus2bm78yOrHwtwUPNi+OGJ
mjFpq2O7YxiZYxB1HddSLYtsVYNP10C+p2sNIGEjf5UbzFzTeQkO5rh4JGWMX8Qw
fgd2doDXPbnFzT8+Q92XBxHstfm5
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:47:22 2025 by rpki-client