Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B646C9DCAB3311EF984E5AA0762E951A.roa
File: B646C9DCAB3311EF984E5AA0762E951A.roa (raw, json)
Hash identifier: RUvimUUFj3AmFjmUhh2UHPhz9mNSytwAp0v69lig6vc=
Subject key identifier: 77:3E:9B:C0:57:54:8F:27:22:D7:3C:70:50:57:65:11:1A:B0:0B:14
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: DA7E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B646C9DCAB3311EF984E5AA0762E951A.roa
Signing time: Mon 25 Nov 2024 13:46:46 +0000
ROA not before: Mon 25 Nov 2024 13:46:42 +0000
ROA not after: Sat 03 Jan 2026 13:46:42 +0000
asID: 139057
IP address blocks: 156.246.20.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 55934 (0xda7e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Nov 25 13:46:42 2024 GMT
Not After : Jan 3 13:46:42 2026 GMT
Subject: CN=67447fc6-9826
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:2e:37:d1:64:23:cf:99:76:e7:aa:02:5e:4c:
b3:78:d1:76:a1:29:e8:24:87:a6:4c:68:20:93:77:
83:db:51:83:7e:5b:72:72:dc:47:4e:be:c7:5a:72:
b4:d2:45:6f:22:e8:fb:4d:47:59:23:56:85:44:e6:
4f:25:90:12:bd:cb:4b:6d:66:29:7c:eb:37:56:4d:
ab:ff:b0:f0:2e:15:b9:a8:04:81:eb:f5:4f:1c:7a:
75:9b:24:ff:e5:bb:f6:b3:19:af:24:36:f3:2b:9f:
14:78:5f:69:99:5d:07:57:7d:09:3f:b4:cb:d4:13:
8b:af:89:f8:67:f5:8d:8a:e6:47:16:87:f7:ba:7d:
b7:24:22:60:89:7d:67:22:c0:e8:a5:49:64:25:4e:
ec:01:91:49:01:68:fc:95:70:78:4b:a2:33:41:aa:
56:9a:f2:38:9f:ff:2e:a7:ff:bb:1c:de:a0:e7:00:
d6:28:9e:4f:04:06:ef:fa:fa:8e:26:59:a0:d4:c2:
d3:fd:3c:55:56:64:03:83:1e:c9:fa:dd:62:f4:63:
fe:9a:17:58:c4:bd:29:8e:c5:4c:9a:de:af:7d:0b:
ef:f3:b0:e1:d7:be:7a:a9:60:9c:dd:56:15:16:3a:
ce:3d:d4:7b:96:a4:d8:67:c8:e4:c4:aa:d6:81:b1:
27:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:3E:9B:C0:57:54:8F:27:22:D7:3C:70:50:57:65:11:1A:B0:0B:14
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B646C9DCAB3311EF984E5AA0762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.246.20.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:42:d4:03:43:23:f3:de:e2:f9:19:1c:a2:05:07:80:46:6e:
66:b6:e0:be:e4:3e:b5:ac:98:eb:58:8d:3f:f1:26:74:83:cf:
74:a3:d7:ff:81:30:f2:c1:ea:0b:d2:68:46:4c:05:bf:6b:b4:
c3:71:60:56:d1:6b:37:0d:87:13:62:fa:1c:9b:31:f4:c2:5e:
2a:99:98:3c:a5:0e:d0:d2:68:7e:f4:fd:e9:94:1b:72:62:c6:
91:2c:75:c3:6b:28:47:a9:cb:49:f5:26:dc:0d:c4:f3:0f:4c:
3b:fd:38:49:6c:d6:1b:a9:89:f5:2d:f2:79:8e:46:f6:ec:f3:
ac:11:86:e7:8d:0e:7e:56:78:24:9e:26:7e:8d:13:66:24:88:
8e:4b:55:e9:59:da:71:52:2e:fc:81:33:b3:91:dc:e9:2b:c8:
7f:67:b1:b2:a1:de:1b:11:3f:2a:60:29:e8:9f:4b:1a:bd:34:
92:97:5f:48:99:4e:73:19:7d:c6:77:58:de:d3:27:ef:89:b1:
1f:c0:5f:26:ee:34:12:b7:b3:d9:f6:a7:7e:97:9d:70:16:75:
1d:08:36:25:ea:60:cf:43:50:60:9e:d5:fa:43:c0:46:51:64:
82:83:5c:b1:80:11:00:d1:63:8a:8e:24:b6:c6:d4:04:98:78:
83:f9:a5:7c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANp+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTI1MTM0NjQyWhcNMjYwMTAzMTM0NjQyWjAYMRYw
FAYDVQQDEw02NzQ0N2ZjNi05ODI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzC430WQjz5l256oCXkyzeNF2oSnoJIemTGggk3eD21GDfltyctxHTr7H
WnK00kVvIuj7TUdZI1aFROZPJZASvctLbWYpfOs3Vk2r/7DwLhW5qASB6/VPHHp1
myT/5bv2sxmvJDbzK58UeF9pmV0HV30JP7TL1BOLr4n4Z/WNiuZHFof3un23JCJg
iX1nIsDopUlkJU7sAZFJAWj8lXB4S6IzQapWmvI4n/8up/+7HN6g5wDWKJ5PBAbv
+vqOJlmg1MLT/TxVVmQDgx7J+t1i9GP+mhdYxL0pjsVMmt6vfQvv87Dh1756qWCc
3VYVFjrOPdR7lqTYZ8jkxKrWgbEnOwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHc+
m8BXVI8nItc8cFBXZREasAsUMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CNjQ2QzlEQ0FCMzMxMUVGOTg0RTVBQTA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPYUMA0GCSqGSIb3DQEBCwUA
A4IBAQB8QtQDQyPz3uL5GRyiBQeARm5mtuC+5D61rJjrWI0/8SZ0g890o9f/gTDy
weoL0mhGTAW/a7TDcWBW0Ws3DYcTYvocmzH0wl4qmZg8pQ7Q0mh+9P3plBtyYsaR
LHXDayhHqctJ9SbcDcTzD0w7/ThJbNYbqYn1LfJ5jkb27POsEYbnjQ5+VngkniZ+
jRNmJIiOS1XpWdpxUi78gTOzkdzpK8h/Z7Gyod4bET8qYCnon0savTSSl19ImU5z
GX3Gd1je0yfvibEfwF8m7jQSt7PZ9qd+l51wFnUdCDYl6mDPQ1BgntX6Q8BGUWSC
g1yxgBEA0WOKjiS2xtQEmHiD+aV8
-----END CERTIFICATE-----
Generated at Wed Feb 5 08:47:14 2025 by rpki-client