Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A0F0E7D8C95211EF8AA88145762E951A.roa
File: A0F0E7D8C95211EF8AA88145762E951A.roa (raw, json)
Hash identifier: ZL/J8mjj7NCwRioxPtR0k0gcQLGAhr02XqPtxwknhvc=
Subject key identifier: 4A:03:14:8B:9C:9A:8C:8E:9A:09:07:41:27:B2:83:E3:37:8B:19:FE
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F3D6
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A0F0E7D8C95211EF8AA88145762E951A.roa
Signing time: Thu 02 Jan 2025 21:43:40 +0000
ROA not before: Thu 02 Jan 2025 21:43:36 +0000
ROA not after: Mon 13 Dec 2027 21:43:36 +0000
asID: 17561
IP address blocks: 156.226.130.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62422 (0xf3d6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 2 21:43:36 2025 GMT
Not After : Dec 13 21:43:36 2027 GMT
Subject: CN=6777088c-c792
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:58:b6:38:54:cc:fc:97:28:15:1b:b6:bf:1c:
51:a4:1d:aa:51:08:e5:c4:91:08:e0:15:29:bd:c6:
b1:9e:b0:5d:79:fb:d2:84:98:51:e2:10:90:ae:07:
bc:d9:9f:63:bb:4c:be:b0:14:1c:fb:02:63:63:01:
55:dd:6c:be:c4:c0:32:ec:04:a0:2f:22:16:da:c2:
4c:d1:19:95:11:84:eb:74:e7:f8:c1:b2:5d:d3:26:
45:41:c2:36:70:d0:df:a9:10:66:58:52:fc:47:8c:
8e:4a:87:e8:9d:9a:f6:80:c8:7d:69:78:06:49:85:
b4:fc:dc:ad:56:94:54:71:f9:4d:3f:ab:6d:b2:f2:
ba:7f:3e:90:fa:1c:2e:03:bb:33:c2:2c:3d:63:b5:
1e:d1:db:8b:eb:81:5f:42:4c:cf:68:35:22:b8:d8:
a8:86:8b:36:88:00:8e:34:0d:63:b0:b8:35:37:2d:
51:49:23:fd:79:5e:ec:59:15:5f:16:d4:50:81:ef:
97:42:c7:b3:74:1f:b4:b4:b4:e6:97:92:74:58:d8:
f2:ce:90:99:30:29:d8:ba:bd:88:d4:2b:be:7f:26:
fe:4c:d5:3f:38:18:7f:15:b0:d0:d1:6f:8a:4b:93:
32:0e:6b:44:1a:72:d7:cf:29:06:52:d6:20:87:a5:
0c:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:03:14:8B:9C:9A:8C:8E:9A:09:07:41:27:B2:83:E3:37:8B:19:FE
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A0F0E7D8C95211EF8AA88145762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.226.130.0/24
Signature Algorithm: sha256WithRSAEncryption
12:df:88:13:44:10:f5:06:44:e8:6e:f8:2a:62:04:f0:56:77:
92:1a:06:6f:f8:2b:a1:fd:97:00:b9:fd:28:7f:1c:f8:1c:f0:
ce:d4:31:0e:bb:43:57:ab:3f:18:65:f8:3d:ac:b3:09:fd:d4:
56:ee:f2:f1:47:28:5b:46:ee:21:17:d7:d4:e3:d6:9b:6b:7a:
ac:1a:66:ee:75:20:f9:a4:98:6c:f4:b1:e0:66:1e:17:3f:66:
35:6c:aa:9d:b1:b2:d3:0f:52:6a:5a:03:e6:ab:58:33:12:19:
82:70:63:c8:47:b4:4c:77:2a:f8:74:f5:d4:b3:77:84:55:28:
69:aa:c2:2a:ea:fc:64:db:d1:ac:e2:01:1d:41:6c:d4:40:8d:
6a:e3:c6:01:86:63:1a:6d:6e:a6:51:0d:b5:9f:35:4d:00:d0:
db:d1:a5:05:7c:47:6f:cb:4b:42:c5:0f:ca:48:0f:5a:3d:02:
6c:49:08:1a:30:23:39:d5:0e:06:59:03:5b:ac:5b:cb:2a:5b:
e3:90:17:fe:a1:41:90:7b:ae:c9:8c:03:3c:8b:3c:85:14:32:
d8:f1:8c:c3:67:41:6d:1f:97:6c:d2:60:c1:0f:49:21:a0:76:
68:23:c5:86:6d:7f:d9:1c:5d:dc:7e:51:7f:54:7a:43:f9:89:
ee:b8:b7:12
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPPWMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAyMjE0MzM2WhcNMjcxMjEzMjE0MzM2WjAYMRYw
FAYDVQQDEw02Nzc3MDg4Yy1jNzkyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0li2OFTM/JcoFRu2vxxRpB2qUQjlxJEI4BUpvcaxnrBdefvShJhR4hCQ
rge82Z9ju0y+sBQc+wJjYwFV3Wy+xMAy7ASgLyIW2sJM0RmVEYTrdOf4wbJd0yZF
QcI2cNDfqRBmWFL8R4yOSofonZr2gMh9aXgGSYW0/NytVpRUcflNP6ttsvK6fz6Q
+hwuA7szwiw9Y7Ue0duL64FfQkzPaDUiuNiohos2iACONA1jsLg1Ny1RSSP9eV7s
WRVfFtRQge+XQsezdB+0tLTml5J0WNjyzpCZMCnYur2I1Cu+fyb+TNU/OBh/FbDQ
0W+KS5MyDmtEGnLXzykGUtYgh6UMYwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEoD
FIucmoyOmgkHQSeyg+M3ixn+MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BMEYwRTdEOEM5NTIxMUVGOEFBODgxNDU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOKCMA0GCSqGSIb3DQEBCwUA
A4IBAQAS34gTRBD1BkTobvgqYgTwVneSGgZv+Cuh/ZcAuf0ofxz4HPDO1DEOu0NX
qz8YZfg9rLMJ/dRW7vLxRyhbRu4hF9fU49aba3qsGmbudSD5pJhs9LHgZh4XP2Y1
bKqdsbLTD1JqWgPmq1gzEhmCcGPIR7RMdyr4dPXUs3eEVShpqsIq6vxk29Gs4gEd
QWzUQI1q48YBhmMabW6mUQ21nzVNANDb0aUFfEdvy0tCxQ/KSA9aPQJsSQgaMCM5
1Q4GWQNbrFvLKlvjkBf+oUGQe67JjAM8izyFFDLY8YzDZ0FtH5ds0mDBD0khoHZo
I8WGbX/ZHF3cflF/VHpD+YnuuLcS
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:52:18 2025 by rpki-client