Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A71EEE4CCF0211EF8DBB9188762E951A.roa
File: A71EEE4CCF0211EF8DBB9188762E951A.roa (raw, json)
Hash identifier: 7578QeXAA/QIQyaJgB0xpLH7Ya01fwAEVRMYtAZ7aas=
Subject key identifier: D8:5B:F8:30:44:6B:78:D9:EE:9A:21:94:C8:B9:07:17:43:95:18:4E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0104DF
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A71EEE4CCF0211EF8DBB9188762E951A.roa
Signing time: Fri 10 Jan 2025 03:26:17 +0000
ROA not before: Fri 10 Jan 2025 03:26:14 +0000
ROA not after: Sat 10 May 2025 03:26:14 +0000
asID: 140925
IP address blocks: 156.238.112.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66783 (0x104df)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 10 03:26:14 2025 GMT
Not After : May 10 03:26:14 2025 GMT
Subject: CN=67809359-cee1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:60:bd:5f:01:e9:a8:e8:78:fb:11:e1:ff:ab:
52:01:53:56:c1:bb:e2:41:68:d6:b3:f8:96:39:26:
72:ae:45:a4:da:6c:6c:2f:53:b4:e4:3d:e6:3d:80:
ec:10:3f:4d:37:b1:ee:36:a3:12:92:34:0a:52:de:
8c:82:c7:1a:7f:f4:76:4e:be:75:08:48:d3:7f:87:
09:d8:70:22:1a:d7:a4:f3:d5:37:97:d9:ae:b2:62:
81:af:b9:34:88:9b:90:7b:14:b2:e3:ee:41:88:a8:
ed:ea:c8:b0:60:65:5c:4f:30:c9:e1:98:1d:a4:51:
ff:fc:81:0d:7d:01:43:0a:95:90:38:14:a3:f8:de:
72:f9:97:13:a2:4c:f3:e3:9e:b4:93:77:5f:8c:a7:
49:ea:44:16:3c:36:45:43:cf:67:5f:48:5a:41:91:
e2:11:4a:64:a3:9d:a3:90:74:cc:d2:0e:c4:36:4c:
b1:e6:e1:70:ee:49:9f:9e:b0:5f:9f:4e:22:84:da:
fe:ac:2f:a4:d9:50:52:94:8c:b0:6f:b2:7c:bc:2c:
d1:3c:6a:32:70:17:60:fe:74:b0:23:16:05:ff:68:
1e:f7:fe:81:c7:f6:0f:ee:08:57:4c:5a:6d:a1:d4:
ad:c2:eb:01:05:6d:01:fc:02:2f:96:7f:2a:9e:fc:
b3:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:5B:F8:30:44:6B:78:D9:EE:9A:21:94:C8:B9:07:17:43:95:18:4E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A71EEE4CCF0211EF8DBB9188762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.112.0/24
Signature Algorithm: sha256WithRSAEncryption
88:21:a8:0b:f5:6a:ad:e9:9f:bc:46:9e:34:c4:10:d8:16:09:
b8:4e:d9:c0:e8:f6:69:9e:35:67:4f:8e:97:47:a3:89:a7:cf:
3a:ca:ea:f4:06:73:25:b3:70:94:9b:57:b4:3e:e1:e1:8d:f6:
3f:d8:c3:3e:f4:2c:15:07:b1:65:12:84:39:a1:a4:36:47:e4:
6c:88:0e:ca:85:c9:ea:86:22:09:97:9b:a5:35:34:54:c6:84:
66:eb:92:68:a1:8f:7f:85:b7:28:47:cb:3c:6c:df:e6:67:9e:
b6:ad:dd:40:d2:04:66:ba:0a:6e:32:41:90:f2:62:62:9e:87:
e5:e2:79:06:9a:62:fc:64:5e:59:09:2a:02:de:3b:54:c7:31:
50:45:c6:82:73:07:5c:f4:0a:18:c5:d8:4b:e1:8b:01:9c:c9:
d8:74:0a:75:db:8f:94:69:75:80:b0:37:72:ce:62:c4:d6:9e:
36:36:e3:b3:4c:34:5f:24:6a:7b:93:39:38:c3:88:5f:a8:66:
c7:4c:af:94:b1:7f:f4:32:64:0c:19:ed:c5:a5:8d:aa:bb:64:
0d:d0:ea:7d:eb:db:1c:13:26:94:39:e6:93:bf:b0:94:cc:28:
a8:3d:6e:b5:3b:d0:05:5a:d4:24:a3:b4:49:8d:7e:4a:be:64:
78:a9:7e:92
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQTfMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTEwMDMyNjE0WhcNMjUwNTEwMDMyNjE0WjAYMRYw
FAYDVQQDEw02NzgwOTM1OS1jZWUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAx2C9XwHpqOh4+xHh/6tSAVNWwbviQWjWs/iWOSZyrkWk2mxsL1O05D3m
PYDsED9NN7HuNqMSkjQKUt6Mgscaf/R2Tr51CEjTf4cJ2HAiGtek89U3l9musmKB
r7k0iJuQexSy4+5BiKjt6siwYGVcTzDJ4ZgdpFH//IENfQFDCpWQOBSj+N5y+ZcT
okzz4560k3dfjKdJ6kQWPDZFQ89nX0haQZHiEUpko52jkHTM0g7ENkyx5uFw7kmf
nrBfn04ihNr+rC+k2VBSlIywb7J8vCzRPGoycBdg/nSwIxYF/2ge9/6Bx/YP7ghX
TFptodStwusBBW0B/AIvln8qnvyzdQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNhb
+DBEa3jZ7pohlMi5BxdDlRhOMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BNzFFRUU0Q0NGMDIxMUVGOERCQjkxODg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO5wMA0GCSqGSIb3DQEBCwUA
A4IBAQCIIagL9Wqt6Z+8Rp40xBDYFgm4TtnA6PZpnjVnT46XR6OJp886yur0BnMl
s3CUm1e0PuHhjfY/2MM+9CwVB7FlEoQ5oaQ2R+RsiA7KhcnqhiIJl5ulNTRUxoRm
65JooY9/hbcoR8s8bN/mZ562rd1A0gRmugpuMkGQ8mJinofl4nkGmmL8ZF5ZCSoC
3jtUxzFQRcaCcwdc9AoYxdhL4YsBnMnYdAp124+UaXWAsDdyzmLE1p42NuOzTDRf
JGp7kzk4w4hfqGbHTK+UsX/0MmQMGe3FpY2qu2QN0Op969scEyaUOeaTv7CUzCio
PW61O9AFWtQko7RJjX5KvmR4qX6S
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:50:22 2025 by rpki-client