Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B39A6AACC34511EFBBA05D5A762E951A.roa
File: B39A6AACC34511EFBBA05D5A762E951A.roa (raw, json)
Hash identifier: sL/Sn2YGOIGV1tMy7BGAym/tjkD77x/BZ5KuFY7iDK4=
Subject key identifier: 17:75:CF:4E:A9:EA:92:5E:31:10:C2:16:1B:15:D4:B3:EB:CE:92:77
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EC01
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B39A6AACC34511EFBBA05D5A762E951A.roa
Signing time: Thu 26 Dec 2024 04:56:01 +0000
ROA not before: Thu 26 Dec 2024 04:55:57 +0000
ROA not after: Wed 10 Dec 2025 04:55:57 +0000
asID: 984
IP address blocks: 156.244.252.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60417 (0xec01)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 04:55:57 2024 GMT
Not After : Dec 10 04:55:57 2025 GMT
Subject: CN=676ce1e0-44e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:57:a5:ae:b6:85:ea:27:d3:a9:59:bd:d3:01:
a3:79:ea:23:ff:c1:3a:7f:db:4d:3a:60:c8:dc:84:
c8:12:e7:f2:44:36:ae:59:97:7f:74:68:7b:a9:e5:
47:fb:9f:20:d9:02:a4:13:e9:9c:97:08:f5:e9:4d:
60:b0:73:05:3d:3b:46:ec:05:36:81:d8:87:7a:52:
74:38:69:d6:b1:11:d0:33:c6:0c:a0:f5:d1:a5:e3:
b1:4b:11:50:c7:46:1f:13:bf:a8:50:c8:db:f6:99:
d3:05:03:c0:65:62:cb:5e:63:4e:71:db:b2:55:0c:
2b:b6:9f:0e:27:40:8d:b8:b1:4a:e1:24:28:eb:2d:
d0:c3:38:b4:f9:cf:8d:c2:57:70:1f:04:e7:6e:09:
9d:2c:5b:5c:30:1a:59:fa:f4:13:f8:93:65:2a:ba:
1c:62:79:4e:7c:f8:a9:4f:a2:1d:46:2f:17:94:44:
a7:6c:72:51:2e:a6:04:16:d9:f9:79:42:bc:be:10:
b3:92:8a:e8:3d:91:79:3e:62:7c:63:c6:05:e6:dc:
27:43:72:d1:42:e2:2e:48:ea:51:df:6d:11:55:da:
c8:f9:08:4f:4e:3e:49:8e:11:ee:0f:b6:f4:68:45:
2d:c6:65:a6:6c:8f:2a:d1:d9:6b:e7:48:96:07:85:
28:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:75:CF:4E:A9:EA:92:5E:31:10:C2:16:1B:15:D4:B3:EB:CE:92:77
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B39A6AACC34511EFBBA05D5A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.244.252.0/24
Signature Algorithm: sha256WithRSAEncryption
47:37:17:e1:4c:15:21:aa:06:a7:72:d9:45:bc:24:2f:c8:ee:
47:43:4f:b0:de:a2:b7:52:be:e2:31:36:b2:d3:c3:b9:a6:43:
cf:53:bf:a9:3e:73:22:73:5a:31:ca:2b:91:30:2a:fd:6e:55:
8e:a6:fa:f4:7f:04:27:f4:0b:d5:9b:be:5c:f8:6e:7b:8a:b6:
d9:3a:2a:76:e0:e5:34:b5:4a:e7:c7:77:5f:aa:83:3a:52:df:
e0:d5:1d:aa:b2:41:3b:81:db:81:17:14:c7:f7:42:78:4a:58:
3f:0d:63:17:8d:86:cf:fa:d7:7b:99:81:0c:14:29:b0:65:08:
c4:fc:74:9b:8a:d6:c3:e9:09:34:a5:68:52:7a:1c:a9:95:fd:
95:ef:93:01:ea:bd:9e:34:09:05:5c:df:eb:53:aa:68:1d:f4:
27:c5:db:68:07:60:f3:d9:3e:7b:45:51:34:c6:84:a1:20:93:
15:a5:0f:91:3d:45:dc:cc:c4:c2:f5:fd:1c:1e:1f:23:99:4e:
6a:e0:62:79:72:9f:02:14:9e:7a:ec:97:89:be:18:89:5d:d0:
e4:8b:48:9c:a0:b4:06:c9:9c:45:5e:86:57:0d:71:d9:2a:60:
cd:52:fc:77:e4:d7:16:de:8f:35:c5:10:d0:f2:b4:c0:20:bd:
6d:90:12:07
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOwBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDQ1NTU3WhcNMjUxMjEwMDQ1NTU3WjAYMRYw
FAYDVQQDEw02NzZjZTFlMC00NGUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAy1elrraF6ifTqVm90wGjeeoj/8E6f9tNOmDI3ITIEufyRDauWZd/dGh7
qeVH+58g2QKkE+mclwj16U1gsHMFPTtG7AU2gdiHelJ0OGnWsRHQM8YMoPXRpeOx
SxFQx0YfE7+oUMjb9pnTBQPAZWLLXmNOcduyVQwrtp8OJ0CNuLFK4SQo6y3Qwzi0
+c+NwldwHwTnbgmdLFtcMBpZ+vQT+JNlKrocYnlOfPipT6IdRi8XlESnbHJRLqYE
Ftn5eUK8vhCzkoroPZF5PmJ8Y8YF5twnQ3LRQuIuSOpR320RVdrI+QhPTj5JjhHu
D7b0aEUtxmWmbI8q0dlr50iWB4UoIwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBd1
z06p6pJeMRDCFhsV1LPrzpJ3MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CMzlBNkFBQ0MzNDUxMUVGQkJBMDVENUE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPT8MA0GCSqGSIb3DQEBCwUA
A4IBAQBHNxfhTBUhqganctlFvCQvyO5HQ0+w3qK3Ur7iMTay08O5pkPPU7+pPnMi
c1oxyiuRMCr9blWOpvr0fwQn9AvVm75c+G57irbZOip24OU0tUrnx3dfqoM6Ut/g
1R2qskE7gduBFxTH90J4Slg/DWMXjYbP+td7mYEMFCmwZQjE/HSbitbD6Qk0pWhS
ehyplf2V75MB6r2eNAkFXN/rU6poHfQnxdtoB2Dz2T57RVE0xoShIJMVpQ+RPUXc
zMTC9f0cHh8jmU5q4GJ5cp8CFJ567JeJvhiJXdDki0icoLQGyZxFXoZXDXHZKmDN
Uvx35NcW3o81xRDQ8rTAIL1tkBIH
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:53:49 2025 by rpki-client