Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A446EB24C33211EF89BE325B762E951A.roa
File: A446EB24C33211EF89BE325B762E951A.roa (raw, json)
Hash identifier: 6BDwDE1I5mE6Ajd6En0phL19ck9eNZdFTshwIpNr1gI=
Subject key identifier: AC:06:A5:2C:5C:62:3B:80:AC:27:08:38:C1:28:AB:BB:5E:18:D1:4A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EB21
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A446EB24C33211EF89BE325B762E951A.roa
Signing time: Thu 26 Dec 2024 02:39:34 +0000
ROA not before: Thu 26 Dec 2024 02:39:31 +0000
ROA not after: Wed 10 Dec 2025 02:39:31 +0000
asID: 984
IP address blocks: 156.244.140.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60193 (0xeb21)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 02:39:31 2024 GMT
Not After : Dec 10 02:39:31 2025 GMT
Subject: CN=676cc1e6-5a9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:0d:5f:51:95:05:28:79:b0:14:18:f9:05:9d:
34:c2:bc:7e:76:e7:83:47:a7:d6:ef:d9:fc:3b:3a:
6e:be:95:d7:9a:0b:5c:50:dc:77:91:dd:d9:d6:a5:
34:47:2a:e1:b4:5e:5f:6b:44:1d:5b:fe:f8:72:f1:
d9:a9:16:b5:71:90:75:87:d3:ca:99:7a:de:76:62:
3e:35:ec:3d:92:d6:d9:df:a9:6b:78:76:14:e4:1e:
34:8f:a3:8c:93:d8:e2:9e:87:9e:c7:40:65:9f:96:
b5:37:7f:09:29:f2:db:78:61:3f:4f:93:26:ad:31:
cb:86:6c:56:55:b3:c1:e4:a0:84:f1:5c:be:86:ed:
61:d6:76:87:01:5a:2e:ea:74:0a:a9:84:7b:f6:ce:
0e:05:21:10:8a:1f:92:f4:7c:09:64:46:68:24:ae:
bd:8b:16:05:01:e9:11:43:f2:c0:62:0f:6b:d2:1a:
01:38:04:bf:3c:5d:aa:07:ef:0d:32:b5:2c:49:31:
8e:42:bb:b8:ce:e8:d7:23:40:f7:f2:b9:be:3d:b2:
f3:33:02:57:c2:d2:53:64:87:16:c6:a4:72:0e:6b:
1b:16:7c:f7:84:45:33:e0:5a:e3:2b:95:5f:32:e8:
84:2e:76:a9:ea:b7:e8:76:80:75:95:11:69:2e:19:
61:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:06:A5:2C:5C:62:3B:80:AC:27:08:38:C1:28:AB:BB:5E:18:D1:4A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A446EB24C33211EF89BE325B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.244.140.0/24
Signature Algorithm: sha256WithRSAEncryption
27:7e:e1:9b:66:4a:39:ad:46:ca:dd:e5:7b:df:49:aa:fc:14:
bf:79:e4:0a:01:25:01:85:10:1a:f0:f0:6a:02:e5:27:55:6b:
5e:98:61:c8:6d:92:64:fc:dd:14:05:64:f3:a9:b2:2b:6a:a5:
4b:86:db:30:66:cf:d1:ea:ee:91:29:71:06:c7:b6:ac:55:7c:
d3:44:da:bc:03:d6:2b:95:93:79:5f:2a:b9:ae:24:95:93:e1:
64:1c:f2:7f:16:c4:7c:c0:5c:96:05:eb:a5:1d:10:48:55:7e:
b1:1b:be:38:f9:64:50:fa:93:ab:86:33:1f:7d:f0:ec:3e:f9:
dc:25:e1:50:7f:95:25:5f:70:75:66:62:1c:28:7e:38:11:7f:
04:ee:99:a9:66:61:72:83:11:81:ec:2b:de:ce:d6:99:4c:c6:
b2:bd:9c:81:98:fb:58:36:ca:e2:44:70:8f:74:17:ec:b9:5c:
f6:0e:c6:55:1f:19:c4:0c:7e:9c:fc:d1:2d:45:ca:a8:ef:3b:
05:06:bc:b8:d5:68:8e:e1:f9:f4:18:28:12:fb:04:35:da:77:
b1:9a:e0:62:c0:aa:6c:a8:a9:e4:80:5c:ce:58:0b:b2:e1:71:
18:32:bf:cc:4f:da:6d:4e:26:00:0d:23:94:08:b7:d6:f7:0c:
32:6b:a6:5f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOshMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDIzOTMxWhcNMjUxMjEwMDIzOTMxWjAYMRYw
FAYDVQQDEw02NzZjYzFlNi01YTlmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0A1fUZUFKHmwFBj5BZ00wrx+dueDR6fW79n8OzpuvpXXmgtcUNx3kd3Z
1qU0RyrhtF5fa0QdW/74cvHZqRa1cZB1h9PKmXredmI+New9ktbZ36lreHYU5B40
j6OMk9jinoeex0Bln5a1N38JKfLbeGE/T5MmrTHLhmxWVbPB5KCE8Vy+hu1h1naH
AVou6nQKqYR79s4OBSEQih+S9HwJZEZoJK69ixYFAekRQ/LAYg9r0hoBOAS/PF2q
B+8NMrUsSTGOQru4zujXI0D38rm+PbLzMwJXwtJTZIcWxqRyDmsbFnz3hEUz4Frj
K5VfMuiELnap6rfodoB1lRFpLhlhbwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKwG
pSxcYjuArCcIOMEoq7teGNFKMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BNDQ2RUIyNEMzMzIxMUVGODlCRTMyNUI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPSMMA0GCSqGSIb3DQEBCwUA
A4IBAQAnfuGbZko5rUbK3eV730mq/BS/eeQKASUBhRAa8PBqAuUnVWtemGHIbZJk
/N0UBWTzqbIraqVLhtswZs/R6u6RKXEGx7asVXzTRNq8A9YrlZN5Xyq5riSVk+Fk
HPJ/FsR8wFyWBeulHRBIVX6xG744+WRQ+pOrhjMfffDsPvncJeFQf5UlX3B1ZmIc
KH44EX8E7pmpZmFygxGB7CveztaZTMayvZyBmPtYNsriRHCPdBfsuVz2DsZVHxnE
DH6c/NEtRcqo7zsFBry41WiO4fn0GCgS+wQ12nexmuBiwKpsqKnkgFzOWAuy4XEY
Mr/MT9ptTiYADSOUCLfW9wwya6Zf
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:59:27 2025 by rpki-client