Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A87A2D42C32711EF8D608C89762E951A.roa
File: A87A2D42C32711EF8D608C89762E951A.roa (raw, json)
Hash identifier: xSorYQcmklbMK51HOrbC4oWebyEDVIdOwsaueEUYcx0=
Subject key identifier: B4:93:6C:DF:47:54:62:C1:4F:0A:62:DD:C9:FE:6D:B1:48:BF:F9:12
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EA9D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A87A2D42C32711EF8D608C89762E951A.roa
Signing time: Thu 26 Dec 2024 01:20:57 +0000
ROA not before: Thu 26 Dec 2024 01:20:53 +0000
ROA not after: Fri 10 Dec 2027 01:20:53 +0000
asID: 17561
IP address blocks: 156.243.142.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60061 (0xea9d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 01:20:53 2024 GMT
Not After : Dec 10 01:20:53 2027 GMT
Subject: CN=676caf79-4c71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:2e:41:ec:fe:97:0a:ea:c9:43:f8:d3:3e:b6:
6a:91:86:47:08:2a:e6:c9:3f:fc:eb:00:08:dd:da:
4a:2f:f4:fe:4d:0e:4b:d5:cb:86:15:4a:70:cd:de:
eb:d5:c5:b5:9f:72:37:20:f5:6d:4c:99:84:86:0d:
09:43:40:11:8d:e1:2a:39:17:fc:2a:e8:be:fa:d2:
5e:79:b2:d0:39:02:cc:7c:81:b2:a5:44:d1:9c:ea:
0f:85:af:49:23:6b:08:7c:45:ad:95:4d:9a:ed:e2:
09:c3:db:26:44:4a:e8:51:4d:a1:68:3a:c9:da:df:
52:4c:8f:e9:3b:bf:47:a2:ba:b3:b7:e5:34:07:66:
b6:77:48:2a:ee:37:61:23:84:ae:f2:24:10:b2:95:
e3:41:be:a3:4d:26:3a:fc:71:57:b3:84:76:83:93:
72:ab:4c:5b:be:97:37:a5:88:1b:fe:cc:da:73:85:
ce:81:f8:55:35:a7:0d:b2:1b:5e:50:38:a3:d9:d7:
38:40:0e:68:02:0a:0f:35:54:b6:bb:1c:83:88:68:
39:da:24:5d:ce:52:4e:c9:97:7b:fc:39:64:61:05:
91:fb:ba:43:99:f7:42:58:b0:c1:f7:5a:bd:a5:e7:
29:c6:c9:a9:5e:e9:31:06:b7:94:84:46:d2:9a:ea:
f4:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:93:6C:DF:47:54:62:C1:4F:0A:62:DD:C9:FE:6D:B1:48:BF:F9:12
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A87A2D42C32711EF8D608C89762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.142.0/24
Signature Algorithm: sha256WithRSAEncryption
45:8d:96:a6:1d:c5:01:f4:99:55:61:50:d8:f2:92:a3:33:04:
9e:96:a3:2a:68:12:75:27:ff:05:a9:bf:da:43:2f:08:21:f6:
1d:ea:1a:c9:94:45:f5:af:59:7d:c7:e3:1c:09:a9:56:2a:6f:
a7:7e:c4:8a:c0:9f:1c:c8:14:ad:27:fa:8a:98:63:b5:34:d4:
b7:06:9d:9d:10:79:c1:8c:a9:36:ca:62:9d:e3:67:14:66:cd:
6d:c9:ca:a1:aa:3a:8c:6c:25:16:30:98:10:4d:68:56:3c:23:
13:de:b6:94:9c:91:0d:a9:bc:4c:39:b3:5b:20:2a:51:73:9c:
7c:80:3c:6c:9b:c0:a0:ac:f2:76:1f:c5:f7:e5:de:52:c6:94:
42:7a:be:71:05:b1:ef:d4:73:ed:5d:26:9d:78:54:16:5e:f0:
1a:92:9c:f0:18:2b:b6:f3:f0:85:cb:9b:45:1a:ff:e2:53:14:
09:e3:e7:4f:fe:5e:59:e6:cc:a6:e0:b6:45:af:9d:7f:db:00:
c3:68:0a:51:a0:c2:ad:ed:20:e9:7e:bc:5e:5c:51:15:dd:ca:
e6:1f:0f:d0:4f:e9:03:31:d8:0c:e7:d5:26:65:b4:7d:37:78:
e7:a2:d4:06:74:c0:5e:f2:05:36:1b:a1:b7:2d:58:a1:08:bf:
72:df:14:7f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOqdMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDEyMDUzWhcNMjcxMjEwMDEyMDUzWjAYMRYw
FAYDVQQDEw02NzZjYWY3OS00YzcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArS5B7P6XCurJQ/jTPrZqkYZHCCrmyT/86wAI3dpKL/T+TQ5L1cuGFUpw
zd7r1cW1n3I3IPVtTJmEhg0JQ0ARjeEqORf8Kui++tJeebLQOQLMfIGypUTRnOoP
ha9JI2sIfEWtlU2a7eIJw9smREroUU2haDrJ2t9STI/pO79Horqzt+U0B2a2d0gq
7jdhI4Su8iQQspXjQb6jTSY6/HFXs4R2g5Nyq0xbvpc3pYgb/szac4XOgfhVNacN
shteUDij2dc4QA5oAgoPNVS2uxyDiGg52iRdzlJOyZd7/DlkYQWR+7pDmfdCWLDB
91q9pecpxsmpXukxBreUhEbSmur0SwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLST
bN9HVGLBTwpi3cn+bbFIv/kSMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BODdBMkQ0MkMzMjcxMUVGOEQ2MDhDODk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPOOMA0GCSqGSIb3DQEBCwUA
A4IBAQBFjZamHcUB9JlVYVDY8pKjMwSelqMqaBJ1J/8Fqb/aQy8IIfYd6hrJlEX1
r1l9x+McCalWKm+nfsSKwJ8cyBStJ/qKmGO1NNS3Bp2dEHnBjKk2ymKd42cUZs1t
ycqhqjqMbCUWMJgQTWhWPCMT3raUnJENqbxMObNbICpRc5x8gDxsm8CgrPJ2H8X3
5d5SxpRCer5xBbHv1HPtXSadeFQWXvAakpzwGCu28/CFy5tFGv/iUxQJ4+dP/l5Z
5sym4LZFr51/2wDDaApRoMKt7SDpfrxeXFEV3crmHw/QT+kDMdgM59UmZbR9N3jn
otQGdMBe8gU2G6G3LVihCL9y3xR/
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:59:12 2025 by rpki-client