Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AD550190C33E11EFB1CF96AD762E951A.roa
File: AD550190C33E11EFB1CF96AD762E951A.roa (raw, json)
Hash identifier: eDLyJykWLPC/rPAo+2sFF1wqZjtw4ox2nf84RVIbYLw=
Subject key identifier: 06:78:23:31:B6:D7:FB:D0:B0:95:61:C0:C3:E0:F9:60:5E:A6:D3:33
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EBAF
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AD550190C33E11EFB1CF96AD762E951A.roa
Signing time: Thu 26 Dec 2024 04:05:43 +0000
ROA not before: Thu 26 Dec 2024 04:05:40 +0000
ROA not after: Fri 10 Dec 2027 04:05:40 +0000
asID: 17561
IP address blocks: 156.244.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60335 (0xebaf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 04:05:40 2024 GMT
Not After : Dec 10 04:05:40 2027 GMT
Subject: CN=676cd617-d5a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:0a:e0:e9:53:1b:57:08:d3:83:a8:17:de:93:
33:b0:65:4b:00:fa:a1:26:4b:96:0a:9c:2f:ae:bf:
32:47:60:e0:34:15:97:4d:4b:a2:6a:d6:34:f5:ab:
af:4b:55:de:fd:e0:64:2d:4f:1d:02:59:88:f4:16:
03:78:b8:c2:f3:43:60:f0:33:68:06:53:24:65:d3:
f5:f9:c3:cc:9c:19:bc:d5:06:3f:32:0e:7b:f5:26:
6f:3a:99:fc:44:97:e3:48:0a:a9:84:ce:01:a8:88:
b6:05:67:9c:eb:1e:f1:2b:22:b5:37:8d:61:12:27:
fd:90:04:ae:73:e7:26:ef:eb:37:95:dd:7e:13:09:
28:d6:de:12:f1:24:b3:d0:62:30:37:cc:e9:83:8b:
1e:2f:2d:4f:f6:55:ed:3d:e5:94:19:9f:ed:08:80:
96:39:57:47:00:f7:99:84:dc:cf:3a:c3:c3:d6:f1:
91:e5:76:c5:aa:f2:40:c2:a3:3e:c4:51:7d:0d:26:
ea:d5:8c:ac:97:35:f6:04:43:74:b8:cb:f8:61:80:
59:7e:ec:9d:c1:89:22:ee:39:99:47:8b:35:6b:8f:
d5:5a:d2:19:a6:33:17:9d:71:58:2a:43:12:93:72:
05:39:bc:4b:3d:a9:2b:e7:8a:53:ea:bb:00:03:ba:
3b:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:78:23:31:B6:D7:FB:D0:B0:95:61:C0:C3:E0:F9:60:5E:A6:D3:33
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AD550190C33E11EFB1CF96AD762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.244.211.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:c7:85:3b:7b:fa:d7:82:95:48:df:9a:6f:9d:d1:d1:08:33:
98:d1:63:80:fd:79:98:c4:a8:74:aa:35:5c:45:66:7d:f5:cf:
c1:13:ed:3a:2c:b5:47:ca:c8:9e:fe:b9:a5:cd:db:a7:95:dd:
1c:64:58:c0:a2:a1:08:a7:88:e9:da:43:35:13:bd:2f:62:aa:
b3:fd:af:6e:31:3c:40:f8:ca:5e:24:e7:ca:86:d0:80:f5:8b:
37:ee:0f:99:32:1f:11:55:22:0e:af:9f:e6:cf:8e:1f:f2:3d:
4d:65:42:d1:44:ef:1c:5a:87:6b:48:01:26:3b:5f:b3:18:92:
cd:a3:17:19:dd:0c:09:aa:d7:b2:8e:ad:c1:56:21:62:d6:ff:
f0:dd:fb:ac:51:da:ea:e1:b7:06:92:8d:9f:a9:27:34:79:6d:
44:6a:70:13:84:4f:31:6f:70:56:06:00:2b:3a:fb:7d:a3:7e:
50:f5:e5:09:3b:0f:3d:12:2b:aa:89:9d:52:ab:97:cc:c4:ec:
3b:48:53:75:fe:27:9d:ac:0d:1a:72:45:37:c3:78:dc:e1:39:
aa:54:a0:3f:c2:57:ae:83:c2:ec:ac:44:d8:e5:6b:13:d6:87:
71:db:ce:3f:2f:8b:42:04:40:04:79:3b:c2:c7:54:fe:89:96:
28:b9:c0:7a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOuvMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDQwNTQwWhcNMjcxMjEwMDQwNTQwWjAYMRYw
FAYDVQQDEw02NzZjZDYxNy1kNWE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqwrg6VMbVwjTg6gX3pMzsGVLAPqhJkuWCpwvrr8yR2DgNBWXTUuiatY0
9auvS1Xe/eBkLU8dAlmI9BYDeLjC80Ng8DNoBlMkZdP1+cPMnBm81QY/Mg579SZv
Opn8RJfjSAqphM4BqIi2BWec6x7xKyK1N41hEif9kASuc+cm7+s3ld1+Ewko1t4S
8SSz0GIwN8zpg4seLy1P9lXtPeWUGZ/tCICWOVdHAPeZhNzPOsPD1vGR5XbFqvJA
wqM+xFF9DSbq1YyslzX2BEN0uMv4YYBZfuydwYki7jmZR4s1a4/VWtIZpjMXnXFY
KkMSk3IFObxLPakr54pT6rsAA7o7IwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAZ4
IzG21/vQsJVhwMPg+WBeptMzMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BRDU1MDE5MEMzM0UxMUVGQjFDRjk2QUQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPTTMA0GCSqGSIb3DQEBCwUA
A4IBAQBMx4U7e/rXgpVI35pvndHRCDOY0WOA/XmYxKh0qjVcRWZ99c/BE+06LLVH
ysie/rmlzdunld0cZFjAoqEIp4jp2kM1E70vYqqz/a9uMTxA+MpeJOfKhtCA9Ys3
7g+ZMh8RVSIOr5/mz44f8j1NZULRRO8cWodrSAEmO1+zGJLNoxcZ3QwJqteyjq3B
ViFi1v/w3fusUdrq4bcGko2fqSc0eW1EanAThE8xb3BWBgArOvt9o35Q9eUJOw89
EiuqiZ1Sq5fMxOw7SFN1/iedrA0ackU3w3jc4TmqVKA/wleug8LsrETY5WsT1odx
284/L4tCBEAEeTvCx1T+iZYoucB6
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:58:13 2025 by rpki-client