Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AC0B3BFAC95711EF9982A565762E951A.roa
File: AC0B3BFAC95711EF9982A565762E951A.roa (raw, json)
Hash identifier: qZXcR87Id/ec9SeePUJ8YdF45AjgrV/niODXOknRahU=
Subject key identifier: 9C:AF:39:E9:D2:34:CF:27:14:DD:09:E4:C6:5D:71:EB:EC:6D:89:20
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F406
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AC0B3BFAC95711EF9982A565762E951A.roa
Signing time: Thu 02 Jan 2025 22:19:46 +0000
ROA not before: Thu 02 Jan 2025 22:19:42 +0000
ROA not after: Mon 13 Dec 2027 22:19:42 +0000
asID: 17561
IP address blocks: 156.226.156.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62470 (0xf406)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 2 22:19:42 2025 GMT
Not After : Dec 13 22:19:42 2027 GMT
Subject: CN=67771102-bb3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:0b:52:3d:dd:aa:ca:09:80:23:c8:0c:14:a3:
f0:5d:52:47:f0:d4:ff:cc:b8:ea:91:3b:40:9a:89:
47:2a:d2:40:85:31:76:10:24:7b:35:61:d1:8d:45:
61:76:34:84:7a:06:d9:72:7f:23:78:29:4e:e0:f0:
aa:2c:9c:cd:23:75:4b:49:0b:6f:45:59:8c:e5:9f:
2c:d4:88:28:14:03:25:d8:bc:2f:6f:0b:24:a4:66:
99:e3:4c:59:be:a9:bf:f8:f5:9d:6d:77:84:94:68:
71:c7:81:38:37:d9:41:89:93:9f:f6:32:69:78:27:
6e:e3:bb:7e:1a:49:09:01:f3:7e:ea:3a:d1:ca:40:
de:1a:96:2d:6c:95:4d:f5:95:e6:ee:fd:4b:fa:e7:
91:f2:6f:02:0b:0d:a1:3c:79:59:11:da:5b:ab:60:
c5:c7:dc:8f:7d:f1:36:6c:4d:c8:0c:ae:29:6c:f2:
2d:c0:bd:cd:d1:8c:94:f6:cc:6f:08:d5:fd:1a:98:
43:3d:e7:56:5c:41:e2:7e:5d:b5:31:d3:da:c4:df:
a1:bd:f9:0c:dc:61:0f:70:db:9a:23:5c:23:0d:14:
11:9a:ac:40:e6:c9:a1:9a:f4:8b:13:c5:b5:e2:07:
dd:f2:3c:c8:f2:a4:90:51:07:4a:73:1b:d9:5c:95:
d4:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:AF:39:E9:D2:34:CF:27:14:DD:09:E4:C6:5D:71:EB:EC:6D:89:20
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AC0B3BFAC95711EF9982A565762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.226.156.0/24
Signature Algorithm: sha256WithRSAEncryption
32:38:4f:87:5c:1b:46:38:fc:02:70:a0:1c:33:25:b2:a6:94:
a9:61:f6:f2:8a:f8:e7:96:65:be:8f:f9:49:e9:8a:85:f8:74:
16:ee:da:11:fb:fa:da:33:1a:28:e9:66:d0:8b:4e:e1:bd:e5:
85:32:b0:43:39:af:24:c2:98:5b:ff:7a:28:4a:8d:32:b5:b7:
24:2f:b7:89:ab:a1:8c:c0:2c:33:97:19:8a:7e:23:ad:1c:86:
4e:35:0a:d5:e6:1e:53:6d:21:e5:67:5c:69:03:66:a8:40:11:
a6:b8:d0:53:6b:42:ea:83:6a:95:9e:48:92:d6:1f:0e:c5:f1:
6d:41:12:87:38:3c:d7:9c:cf:36:a6:8c:64:0c:e9:a5:17:a5:
ee:c8:f9:12:b2:15:a8:30:5d:96:b4:65:89:ef:7c:5f:b7:04:
65:f0:f2:bd:b2:28:71:b5:db:d1:43:ed:d9:09:ef:86:4e:13:
ef:a4:72:d5:9b:d8:a8:e4:3c:8a:70:25:6f:3c:a0:2a:cb:d3:
a2:d2:fc:14:41:ee:9f:ee:89:de:d0:97:3e:54:d8:18:94:29:
e6:2a:8c:70:86:61:9a:c6:34:05:16:ba:bb:2f:bf:f1:df:36:
64:6c:9f:f5:f9:ee:c1:16:6c:81:52:ad:a7:08:01:4c:e0:b9:
2d:63:f0:b3
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPQGMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAyMjIxOTQyWhcNMjcxMjEzMjIxOTQyWjAYMRYw
FAYDVQQDEw02Nzc3MTEwMi1iYjNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApwtSPd2qygmAI8gMFKPwXVJH8NT/zLjqkTtAmolHKtJAhTF2ECR7NWHR
jUVhdjSEegbZcn8jeClO4PCqLJzNI3VLSQtvRVmM5Z8s1IgoFAMl2LwvbwskpGaZ
40xZvqm/+PWdbXeElGhxx4E4N9lBiZOf9jJpeCdu47t+GkkJAfN+6jrRykDeGpYt
bJVN9ZXm7v1L+ueR8m8CCw2hPHlZEdpbq2DFx9yPffE2bE3IDK4pbPItwL3N0YyU
9sxvCNX9GphDPedWXEHifl21MdPaxN+hvfkM3GEPcNuaI1wjDRQRmqxA5smhmvSL
E8W14gfd8jzI8qSQUQdKcxvZXJXUtQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJyv
OenSNM8nFN0J5MZdcevsbYkgMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BQzBCM0JGQUM5NTcxMUVGOTk4MkE1NjU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOKcMA0GCSqGSIb3DQEBCwUA
A4IBAQAyOE+HXBtGOPwCcKAcMyWyppSpYfbyivjnlmW+j/lJ6YqF+HQW7toR+/ra
Mxoo6WbQi07hveWFMrBDOa8kwphb/3ooSo0ytbckL7eJq6GMwCwzlxmKfiOtHIZO
NQrV5h5TbSHlZ1xpA2aoQBGmuNBTa0Lqg2qVnkiS1h8OxfFtQRKHODzXnM82poxk
DOmlF6XuyPkSshWoMF2WtGWJ73xftwRl8PK9sihxtdvRQ+3ZCe+GThPvpHLVm9io
5DyKcCVvPKAqy9Oi0vwUQe6f7one0Jc+VNgYlCnmKoxwhmGaxjQFFrq7L7/x3zZk
bJ/1+e7BFmyBUq2nCAFM4LktY/Cz
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:55:08 2025 by rpki-client