Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B10E86C0C2A411EF9B4A555B762E951A.roa
File: B10E86C0C2A411EF9B4A555B762E951A.roa (raw, json)
Hash identifier: ty/12fjiC7OqOubssQcb4HeTvACKnBYCxMwgr9O16f0=
Subject key identifier: 0D:4E:ED:24:03:F7:51:4F:F4:1F:60:90:AA:85:DE:62:4E:D5:78:77
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E9F9
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B10E86C0C2A411EF9B4A555B762E951A.roa
Signing time: Wed 25 Dec 2024 09:43:27 +0000
ROA not before: Wed 25 Dec 2024 09:43:24 +0000
ROA not after: Sat 15 Feb 2025 09:43:24 +0000
asID: 55320
IP address blocks: 156.244.24.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59897 (0xe9f9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 25 09:43:24 2024 GMT
Not After : Feb 15 09:43:24 2025 GMT
Subject: CN=676bd3bf-dff2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:8e:80:06:2a:32:46:43:78:90:b1:d3:08:51:
71:f5:aa:99:77:a0:22:40:4f:dc:7f:b3:d7:93:09:
c2:d4:9e:6b:99:d0:70:b4:33:d3:ec:69:37:d5:a3:
c3:d1:de:13:ee:66:b9:99:13:45:13:3d:41:c9:7b:
e8:91:e5:bd:66:09:b6:8c:c4:54:ea:30:6a:23:f1:
19:ad:cc:3b:5c:b2:52:d8:03:f0:a2:b5:39:67:24:
99:ea:6f:d5:8f:e0:29:58:5d:13:95:6e:7a:7c:ca:
73:8d:eb:6f:b9:c3:7f:41:5a:f4:66:cd:ba:80:54:
67:50:6a:85:2c:0b:1e:33:ec:7d:ff:59:db:8f:48:
17:5a:39:46:c9:e6:3e:d9:4c:94:bc:24:97:93:cd:
fb:00:62:8a:58:31:b9:68:35:bc:a1:20:5b:8e:d4:
a6:b9:cc:f9:0a:ca:bd:2a:29:7e:0b:6b:4a:06:2d:
18:8a:c2:5c:43:07:2b:26:c7:92:d7:58:3b:48:fc:
80:21:d8:74:80:30:ea:02:db:6a:b9:23:c4:36:e9:
d9:8f:2f:19:24:3b:4c:04:a2:77:d0:c3:9e:43:0e:
1a:39:1c:0e:89:4d:c2:e2:d3:a6:22:90:95:54:b8:
b5:01:11:b5:8d:68:fa:52:7d:5d:13:64:b3:a8:44:
e7:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:4E:ED:24:03:F7:51:4F:F4:1F:60:90:AA:85:DE:62:4E:D5:78:77
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B10E86C0C2A411EF9B4A555B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.244.24.0/24
Signature Algorithm: sha256WithRSAEncryption
96:c2:bf:31:4d:cc:06:5a:e8:eb:d7:5c:6a:3b:3e:e1:e1:8c:
0f:7d:fe:7f:f5:41:a2:56:c1:5b:a0:dc:86:81:2b:1f:e7:c1:
90:fd:a4:c2:01:2a:1e:82:62:88:29:fe:17:b3:48:6d:29:73:
12:0a:0c:5a:44:f6:75:c1:9b:da:a4:67:f8:77:30:45:e5:93:
4d:fa:80:fa:2e:83:db:30:85:bf:58:b1:43:13:3a:74:56:96:
86:37:b7:e4:fe:af:22:5e:0a:82:b4:e1:2e:cc:21:72:e4:18:
fb:07:37:82:c9:1b:bd:9e:cb:5f:e7:68:56:cf:40:81:31:e4:
b0:69:d4:df:d3:95:e4:c0:af:e1:32:fe:78:08:e0:a3:ad:c2:
3c:3c:11:90:d5:1e:98:11:77:ee:bb:a2:9e:a1:8e:8a:65:ad:
f3:e0:3a:2f:5b:97:5f:58:ab:5a:7a:3b:4a:86:46:76:40:84:
ff:2b:f2:8d:b6:17:1b:b8:99:5d:4f:5e:a2:f6:f0:13:9f:f9:
27:85:2b:1f:39:6e:11:86:47:be:06:ed:e2:b4:ea:c9:ea:48:
32:f2:35:07:61:4c:58:71:c4:56:55:31:59:1b:b0:f0:63:0d:
44:bb:98:b3:92:e5:8c:a2:24:df:08:06:cd:df:98:7a:37:50:
0c:7d:84:b4
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOn5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI1MDk0MzI0WhcNMjUwMjE1MDk0MzI0WjAYMRYw
FAYDVQQDEw02NzZiZDNiZi1kZmYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvo6ABioyRkN4kLHTCFFx9aqZd6AiQE/cf7PXkwnC1J5rmdBwtDPT7Gk3
1aPD0d4T7ma5mRNFEz1ByXvokeW9Zgm2jMRU6jBqI/EZrcw7XLJS2APworU5ZySZ
6m/Vj+ApWF0TlW56fMpzjetvucN/QVr0Zs26gFRnUGqFLAseM+x9/1nbj0gXWjlG
yeY+2UyUvCSXk837AGKKWDG5aDW8oSBbjtSmucz5Csq9Kil+C2tKBi0YisJcQwcr
JseS11g7SPyAIdh0gDDqAttquSPENunZjy8ZJDtMBKJ30MOeQw4aORwOiU3C4tOm
IpCVVLi1ARG1jWj6Un1dE2SzqETnywIDAQABo4ICojCCAp4wHQYDVR0OBBYEFA1O
7SQD91FP9B9gkKqF3mJO1Xh3MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CMTBFODZDMEMyQTQxMUVGOUI0QTU1NUI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPQYMA0GCSqGSIb3DQEBCwUA
A4IBAQCWwr8xTcwGWujr11xqOz7h4YwPff5/9UGiVsFboNyGgSsf58GQ/aTCASoe
gmKIKf4Xs0htKXMSCgxaRPZ1wZvapGf4dzBF5ZNN+oD6LoPbMIW/WLFDEzp0VpaG
N7fk/q8iXgqCtOEuzCFy5Bj7BzeCyRu9nstf52hWz0CBMeSwadTf05XkwK/hMv54
COCjrcI8PBGQ1R6YEXfuu6KeoY6KZa3z4DovW5dfWKtaejtKhkZ2QIT/K/KNthcb
uJldT16i9vATn/knhSsfOW4Rhke+Bu3itOrJ6kgy8jUHYUxYccRWVTFZG7DwYw1E
u5izkuWMoiTfCAbN35h6N1AMfYS0
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:55:25 2025 by rpki-client