Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B2683078CD0F11EFAF94518A762E951A.roa
File: B2683078CD0F11EFAF94518A762E951A.roa (raw, json)
Hash identifier: Vg6n1DahXBlX8p23RTSiCOl1AeEP50AsMHX2U2FsT68=
Subject key identifier: 67:6E:15:60:D0:17:FD:94:D2:EA:F5:26:0A:A4:5E:EE:E3:55:2E:C8
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FCE7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B2683078CD0F11EFAF94518A762E951A.roa
Signing time: Tue 07 Jan 2025 15:54:37 +0000
ROA not before: Tue 07 Jan 2025 15:54:33 +0000
ROA not after: Mon 13 Dec 2027 15:54:33 +0000
asID: 17561
IP address blocks: 156.239.150.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64743 (0xfce7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 15:54:33 2025 GMT
Not After : Dec 13 15:54:33 2027 GMT
Subject: CN=677d4e3d-51bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:48:60:3c:a0:82:b1:4f:05:fd:c3:74:62:6c:
79:b6:dd:24:aa:e6:96:e6:17:89:f3:3d:0f:3c:e3:
f6:95:bf:94:f9:d0:ac:fb:5f:b3:e8:8c:a1:df:fa:
64:8d:2f:16:08:e9:4a:57:d4:93:88:f4:e2:b8:26:
15:49:15:b9:eb:98:0c:b0:41:64:23:10:22:7b:48:
11:3d:7b:9e:b1:74:4e:9b:f0:99:26:43:e1:e5:91:
d6:36:80:82:c4:c6:68:ff:e3:eb:59:a4:6f:2d:68:
39:a0:36:04:9a:5d:25:b2:27:75:83:71:32:db:54:
b1:7f:10:89:c6:ad:97:c4:87:88:21:22:c8:a7:27:
40:28:54:89:3c:0d:2b:26:ed:c8:82:f4:72:19:cc:
a8:00:fa:a9:67:ac:88:1b:8c:03:32:c9:27:56:38:
55:d6:63:04:23:11:e1:77:06:52:79:f6:93:46:69:
75:4f:d6:a6:23:01:9d:50:75:ff:99:53:dd:dd:1c:
70:8d:25:94:4a:b7:5f:8d:7e:8a:01:63:ae:54:87:
65:f6:98:71:83:8b:dc:d6:61:a2:ea:de:00:3d:73:
71:a6:ed:c9:01:3d:92:a7:1f:84:7d:ac:b0:61:81:
1e:55:8a:ba:a8:1b:c9:aa:04:0e:45:83:fc:0b:22:
9d:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:6E:15:60:D0:17:FD:94:D2:EA:F5:26:0A:A4:5E:EE:E3:55:2E:C8
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B2683078CD0F11EFAF94518A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.239.150.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:83:df:db:1e:c4:9b:ba:42:8a:12:72:21:b3:33:58:f0:61:
b3:8c:82:a8:4a:7f:8f:4b:52:6c:69:4b:4c:52:52:9b:34:86:
3a:ee:dc:ec:d2:fb:69:02:8d:9c:91:34:08:86:bb:c6:e5:1b:
ce:d1:0b:98:b9:d5:5a:6f:b8:ea:42:0f:05:bf:de:fa:2d:fa:
93:ae:39:e9:ae:c1:7c:22:2c:d2:d9:60:fc:32:1e:c7:ba:84:
15:d4:4d:65:24:fa:c7:aa:77:6b:ce:31:97:8e:0b:44:4f:2b:
0c:b6:ba:f1:aa:a0:f3:8d:e0:37:57:46:4c:30:73:62:c0:57:
d8:76:2b:bb:de:2b:ef:0f:10:91:ec:2c:99:0c:c1:6f:69:6e:
ed:f8:8e:48:f5:d2:4b:aa:af:70:86:9f:08:9c:da:96:0d:de:
cb:aa:dd:50:d3:2a:29:c8:d6:8e:c8:f1:2c:fa:39:79:af:2b:
c1:f7:b2:5d:4b:a8:72:0b:90:68:3b:dd:e2:f6:45:e7:f8:42:
43:a5:51:04:12:f8:2e:20:7c:68:c7:ad:05:4c:3b:8c:1c:a2:
e6:3b:24:48:81:09:d7:54:fd:fe:31:0b:d2:2a:fd:d6:cf:ce:
0c:b3:90:0e:c4:c5:2b:cb:8f:76:c5:dc:4c:14:e1:53:bf:8d:
90:95:cc:49
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPznMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTU1NDMzWhcNMjcxMjEzMTU1NDMzWjAYMRYw
FAYDVQQDEw02NzdkNGUzZC01MWJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwEhgPKCCsU8F/cN0Ymx5tt0kquaW5heJ8z0PPOP2lb+U+dCs+1+z6Iyh
3/pkjS8WCOlKV9STiPTiuCYVSRW565gMsEFkIxAie0gRPXuesXROm/CZJkPh5ZHW
NoCCxMZo/+PrWaRvLWg5oDYEml0lsid1g3Ey21SxfxCJxq2XxIeIISLIpydAKFSJ
PA0rJu3IgvRyGcyoAPqpZ6yIG4wDMsknVjhV1mMEIxHhdwZSefaTRml1T9amIwGd
UHX/mVPd3RxwjSWUSrdfjX6KAWOuVIdl9phxg4vc1mGi6t4APXNxpu3JAT2Spx+E
faywYYEeVYq6qBvJqgQORYP8CyKdtQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGdu
FWDQF/2U0ur1JgqkXu7jVS7IMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CMjY4MzA3OENEMEYxMUVGQUY5NDUxOEE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO+WMA0GCSqGSIb3DQEBCwUA
A4IBAQA+g9/bHsSbukKKEnIhszNY8GGzjIKoSn+PS1JsaUtMUlKbNIY67tzs0vtp
Ao2ckTQIhrvG5RvO0QuYudVab7jqQg8Fv976LfqTrjnprsF8IizS2WD8Mh7HuoQV
1E1lJPrHqndrzjGXjgtETysMtrrxqqDzjeA3V0ZMMHNiwFfYdiu73ivvDxCR7CyZ
DMFvaW7t+I5I9dJLqq9whp8InNqWDd7Lqt1Q0yopyNaOyPEs+jl5ryvB97JdS6hy
C5BoO93i9kXn+EJDpVEEEvguIHxox60FTDuMHKLmOyRIgQnXVP3+MQvSKv3Wz84M
s5AOxMUry492xdxMFOFTv42QlcxJ
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:59:00 2025 by rpki-client