Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A41EF0E0C34311EFB3B79B4D762E951A.roa
File: A41EF0E0C34311EFB3B79B4D762E951A.roa (raw, json)
Hash identifier: mAmbDNkI+tsY+w5ylXUSwoYLshBYqcEqkOl0nDtlANU=
Subject key identifier: 31:7D:67:C5:EE:E7:C5:3B:C1:DE:22:EF:58:AC:06:13:4B:D4:10:C0
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EBE9
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A41EF0E0C34311EFB3B79B4D762E951A.roa
Signing time: Thu 26 Dec 2024 04:41:15 +0000
ROA not before: Thu 26 Dec 2024 04:41:12 +0000
ROA not after: Fri 10 Dec 2027 04:41:12 +0000
asID: 17561
IP address blocks: 156.244.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60393 (0xebe9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 04:41:12 2024 GMT
Not After : Dec 10 04:41:12 2027 GMT
Subject: CN=676cde6b-a8c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:d1:d3:16:e7:c1:78:9f:38:73:de:0f:bb:11:
df:de:d5:d4:84:6e:ef:9e:d9:22:88:e7:ad:64:15:
55:c3:45:5d:f5:2c:45:4a:53:50:94:28:d6:7b:8c:
cc:32:2e:ec:b1:0c:08:f4:d1:f6:40:07:eb:d7:7b:
69:2f:2c:84:28:a4:74:15:0d:0d:f6:09:26:29:34:
ba:db:cd:55:d9:93:16:3e:c2:ee:65:b9:67:67:eb:
51:05:21:72:fe:67:7f:47:6d:1f:03:2a:95:fe:55:
e3:f0:90:cf:0b:3f:32:e8:a8:1a:60:80:bb:01:59:
77:5c:38:ad:16:50:8c:01:73:da:e2:ad:29:39:f2:
5e:fd:f2:bb:61:c4:66:58:b0:4c:b9:c3:b0:20:fa:
e9:9c:95:02:88:05:db:c6:d1:3d:27:9b:85:16:58:
ab:2a:41:93:22:9c:e8:8c:9a:b7:bd:54:7b:fd:5c:
76:84:25:dc:4b:28:ac:9e:7b:fd:88:4f:43:b9:de:
d9:76:1b:36:9f:90:6c:e1:c1:e7:d9:6c:f1:83:63:
5d:75:6c:9c:5e:94:ea:9e:0d:64:ec:0a:d3:37:00:
cb:fe:96:c1:1d:67:73:d6:d4:16:fa:7a:2d:fd:c1:
74:40:d0:c4:7e:07:b6:9a:8b:ff:43:cb:36:34:d9:
de:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:7D:67:C5:EE:E7:C5:3B:C1:DE:22:EF:58:AC:06:13:4B:D4:10:C0
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A41EF0E0C34311EFB3B79B4D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.244.240.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:e3:2d:62:42:06:2d:1a:cd:42:0a:b4:e3:1c:fd:c1:c0:63:
82:fc:a9:76:a7:d2:f8:3d:2b:d4:98:be:c2:93:dc:10:69:37:
cf:50:a6:52:2b:28:4b:a5:40:46:db:b9:6e:7e:19:e3:e9:c0:
48:f2:36:b1:24:e3:40:b9:6a:c6:30:76:e8:9f:64:bb:ad:cd:
ca:00:14:b2:85:d6:76:37:1a:fd:48:27:cf:98:50:e6:10:6f:
6f:f1:4f:e5:b2:f0:60:4d:f4:99:ce:f8:49:c9:d0:fc:14:4f:
3d:5b:f2:2e:b2:af:fb:25:b3:7e:43:84:5b:02:c1:f9:b0:00:
ec:12:4d:17:0f:a7:9e:da:17:3a:95:1b:31:fc:22:a7:11:34:
dd:b7:11:0e:06:b6:3b:ae:97:19:1d:24:08:75:d6:ac:31:f2:
08:ff:85:6a:16:17:64:78:15:7a:85:9e:73:ea:71:03:dc:e9:
17:5b:d2:cb:aa:6b:36:f4:2f:ff:f6:95:0a:e2:25:ca:bd:a4:
e9:d8:60:cf:19:3a:d8:2c:27:44:e6:01:73:1b:e0:c4:db:ba:
c4:ad:dd:97:eb:24:c8:82:3f:2f:e7:0e:bb:28:b4:7e:4b:e8:
ce:b3:d7:12:6c:70:64:e7:d1:58:db:36:34:61:4d:b5:34:95:
d9:de:46:9a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOvpMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDQ0MTEyWhcNMjcxMjEwMDQ0MTEyWjAYMRYw
FAYDVQQDEw02NzZjZGU2Yi1hOGM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAutHTFufBeJ84c94PuxHf3tXUhG7vntkiiOetZBVVw0Vd9SxFSlNQlCjW
e4zMMi7ssQwI9NH2QAfr13tpLyyEKKR0FQ0N9gkmKTS6281V2ZMWPsLuZblnZ+tR
BSFy/md/R20fAyqV/lXj8JDPCz8y6KgaYIC7AVl3XDitFlCMAXPa4q0pOfJe/fK7
YcRmWLBMucOwIPrpnJUCiAXbxtE9J5uFFlirKkGTIpzojJq3vVR7/Vx2hCXcSyis
nnv9iE9Dud7Zdhs2n5Bs4cHn2Wzxg2NddWycXpTqng1k7ArTNwDL/pbBHWdz1tQW
+not/cF0QNDEfge2mov/Q8s2NNnenQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDF9
Z8Xu58U7wd4i71isBhNL1BDAMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BNDFFRjBFMEMzNDMxMUVGQjNCNzlCNEQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPTwMA0GCSqGSIb3DQEBCwUA
A4IBAQCf4y1iQgYtGs1CCrTjHP3BwGOC/Kl2p9L4PSvUmL7Ck9wQaTfPUKZSKyhL
pUBG27lufhnj6cBI8jaxJONAuWrGMHbon2S7rc3KABSyhdZ2Nxr9SCfPmFDmEG9v
8U/lsvBgTfSZzvhJydD8FE89W/Iusq/7JbN+Q4RbAsH5sADsEk0XD6ee2hc6lRsx
/CKnETTdtxEOBrY7rpcZHSQIddasMfII/4VqFhdkeBV6hZ5z6nED3OkXW9LLqms2
9C//9pUK4iXKvaTp2GDPGTrYLCdE5gFzG+DE27rErd2X6yTIgj8v5w67KLR+S+jO
s9cSbHBk59FY2zY0YU21NJXZ3kaa
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:57:33 2025 by rpki-client