Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AB20F5D6C34411EF9622E053762E951A.roa
File: AB20F5D6C34411EF9622E053762E951A.roa (raw, json)
Hash identifier: kzh/a1Cu5WSAbYshQVrRrmcgD00SIL/bJEvi27txa34=
Subject key identifier: E1:CD:98:A5:13:A7:D2:E7:B2:A4:5C:68:92:F2:4B:C6:48:8A:36:65
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EBF5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AB20F5D6C34411EF9622E053762E951A.roa
Signing time: Thu 26 Dec 2024 04:48:37 +0000
ROA not before: Thu 26 Dec 2024 04:48:33 +0000
ROA not after: Fri 10 Dec 2027 04:48:33 +0000
asID: 17561
IP address blocks: 156.244.246.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60405 (0xebf5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 04:48:33 2024 GMT
Not After : Dec 10 04:48:33 2027 GMT
Subject: CN=676ce025-fee3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:14:a6:0e:84:fe:bd:ae:aa:2f:97:a5:b3:c8:
af:63:cc:c4:c0:65:c7:1c:75:2a:0a:62:16:ff:eb:
42:86:73:73:7b:83:19:bb:58:7c:7c:cc:63:9c:33:
0b:2b:46:c4:f1:07:dd:4e:50:8e:46:57:80:c1:4e:
9a:fc:d9:db:08:21:d4:f6:ef:8b:b8:82:1b:38:90:
89:96:f9:63:81:ac:50:ff:38:2d:df:bc:c2:58:7e:
23:3a:18:1d:fa:c5:31:85:d6:97:94:30:87:41:42:
1b:35:32:d9:25:2b:73:06:d5:45:a9:32:b6:e3:32:
4d:e9:13:01:4d:df:50:d5:af:05:9d:99:25:03:e9:
58:4b:28:e3:6c:10:fd:7d:7f:45:32:2d:82:3e:11:
27:47:dc:a6:06:43:a2:71:42:b0:60:ac:0b:7d:3d:
a2:b7:5d:00:cb:82:a2:ab:82:28:41:09:84:52:0e:
8b:c9:5d:71:d7:de:b6:3d:54:03:e5:76:34:37:29:
f3:89:83:f4:4a:f2:19:cf:e8:06:6f:51:75:3f:0d:
bb:be:85:37:ba:c8:bb:37:0a:14:7d:18:b3:ad:fb:
15:5a:71:cb:5e:e9:b4:0b:0c:13:5e:52:13:74:42:
49:08:00:d3:ef:fb:ca:ef:ae:7a:1f:3e:9b:ad:9c:
f4:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:CD:98:A5:13:A7:D2:E7:B2:A4:5C:68:92:F2:4B:C6:48:8A:36:65
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AB20F5D6C34411EF9622E053762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.244.246.0/24
Signature Algorithm: sha256WithRSAEncryption
66:25:28:26:2c:77:29:91:2d:1a:63:cf:4e:54:8d:6f:85:05:
46:9f:33:47:80:67:79:0d:fb:0a:2f:e5:d3:44:78:fb:71:3b:
c7:a9:93:ca:9c:01:cd:74:3e:70:24:36:b5:41:f0:70:9d:10:
aa:f7:80:e6:13:3d:90:e7:b5:e2:f3:36:7c:a4:47:cf:74:83:
e5:0f:8b:1f:8f:f4:08:7b:ea:1d:9a:e8:61:46:75:34:28:5f:
92:09:35:6f:82:65:13:79:80:5a:d8:7b:be:7c:b5:8a:cd:13:
24:1f:66:44:a6:0d:27:44:1e:da:53:0d:c1:cb:be:d8:58:6c:
26:b7:2e:53:df:5a:e7:b4:3e:1c:41:38:bb:d8:ba:7f:b4:b9:
c4:e2:5c:f5:58:ab:6a:0c:e7:10:0c:f1:87:f7:65:4f:f7:8b:
fd:3a:b8:27:9f:e3:98:5a:86:ac:86:b0:e1:c4:99:5a:d5:88:
c0:cc:6a:ef:c1:27:47:21:78:77:ac:60:fa:fa:72:fb:6e:64:
9c:cc:51:5b:be:7c:8b:08:ff:15:93:6c:fe:35:e9:d5:1f:17:
87:03:70:da:c9:34:fa:dc:cd:5a:7e:24:95:48:0d:a5:ff:f5:
5c:d7:94:09:58:c2:ea:5e:43:95:7a:e4:a1:7c:79:f1:07:11:
d9:8a:9c:59
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOv1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDQ0ODMzWhcNMjcxMjEwMDQ0ODMzWjAYMRYw
FAYDVQQDEw02NzZjZTAyNS1mZWUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuxSmDoT+va6qL5els8ivY8zEwGXHHHUqCmIW/+tChnNze4MZu1h8fMxj
nDMLK0bE8QfdTlCORleAwU6a/NnbCCHU9u+LuIIbOJCJlvljgaxQ/zgt37zCWH4j
Ohgd+sUxhdaXlDCHQUIbNTLZJStzBtVFqTK24zJN6RMBTd9Q1a8FnZklA+lYSyjj
bBD9fX9FMi2CPhEnR9ymBkOicUKwYKwLfT2it10Ay4Kiq4IoQQmEUg6LyV1x1962
PVQD5XY0NynziYP0SvIZz+gGb1F1Pw27voU3usi7NwoUfRizrfsVWnHLXum0CwwT
XlITdEJJCADT7/vK7656Hz6brZz01QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOHN
mKUTp9LnsqRcaJLyS8ZIijZlMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BQjIwRjVENkMzNDQxMUVGOTYyMkUwNTM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPT2MA0GCSqGSIb3DQEBCwUA
A4IBAQBmJSgmLHcpkS0aY89OVI1vhQVGnzNHgGd5DfsKL+XTRHj7cTvHqZPKnAHN
dD5wJDa1QfBwnRCq94DmEz2Q57Xi8zZ8pEfPdIPlD4sfj/QIe+odmuhhRnU0KF+S
CTVvgmUTeYBa2Hu+fLWKzRMkH2ZEpg0nRB7aUw3By77YWGwmty5T31rntD4cQTi7
2Lp/tLnE4lz1WKtqDOcQDPGH92VP94v9Orgnn+OYWoashrDhxJla1YjAzGrvwSdH
IXh3rGD6+nL7bmSczFFbvnyLCP8Vk2z+NenVHxeHA3DayTT63M1afiSVSA2l//Vc
15QJWMLqXkOVeuShfHnxBxHZipxZ
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:54:28 2025 by rpki-client