Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B68A436CC99511EFAF361283762E951A.roa
File: B68A436CC99511EFAF361283762E951A.roa (raw, json)
Hash identifier: ci/Xq3yyny2oX0t+nhtrE6W16YrJ0nERSZSgOc5fY+c=
Subject key identifier: B3:8A:A1:D4:97:68:D2:3B:47:93:A4:D1:98:A4:F5:86:09:1B:51:5D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F60F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B68A436CC99511EFAF361283762E951A.roa
Signing time: Fri 03 Jan 2025 05:43:52 +0000
ROA not before: Fri 03 Jan 2025 05:43:48 +0000
ROA not after: Mon 13 Dec 2027 05:43:48 +0000
asID: 17561
IP address blocks: 156.233.140.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62991 (0xf60f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 05:43:48 2025 GMT
Not After : Dec 13 05:43:48 2027 GMT
Subject: CN=67777918-7fe2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:d5:75:cf:49:c4:76:95:3f:4c:e0:82:22:e9:
f3:19:17:c1:5f:10:21:af:e8:93:2e:5a:54:fc:1e:
3f:c4:c8:c2:20:1e:16:c4:93:ec:14:ef:aa:78:2d:
1e:54:bb:17:1e:fa:8f:f8:6d:02:26:10:22:3e:ab:
ef:3a:e3:7e:2c:6e:52:7f:4c:9b:41:3b:2f:cc:79:
a7:16:9b:e9:75:6c:b8:7b:37:08:05:5e:53:6d:50:
a4:a5:8b:a1:cd:0d:58:f6:b1:ae:3c:72:e0:c8:88:
eb:97:5d:00:33:ae:5d:d4:94:20:1c:41:4e:7c:02:
67:9e:89:6e:de:cd:1a:a0:b7:e3:4f:4b:99:0e:92:
0d:c8:47:3c:2d:6b:9f:0e:4a:d4:43:00:ca:c2:29:
fc:01:13:e9:1d:1f:1e:78:bc:ea:07:5a:7c:8a:07:
bd:dc:e9:76:92:38:0d:73:72:eb:e2:49:26:7b:61:
70:c2:c6:66:0d:5a:c1:36:c2:6c:68:08:60:f0:23:
eb:b0:fc:12:2a:e9:06:41:af:bc:0f:bf:d7:5f:26:
72:e5:96:86:43:02:5a:68:ab:63:8b:97:38:c9:a5:
5e:1e:ec:43:16:de:45:f4:08:a9:c6:a3:a9:db:d0:
f8:bd:be:bb:bf:ea:02:f2:ce:43:e3:ac:bd:cd:c2:
db:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:8A:A1:D4:97:68:D2:3B:47:93:A4:D1:98:A4:F5:86:09:1B:51:5D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B68A436CC99511EFAF361283762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.140.0/24
Signature Algorithm: sha256WithRSAEncryption
84:8f:ee:5d:24:e9:6e:a6:0c:c3:e3:c1:49:41:c1:1b:a6:d0:
04:81:d0:f3:dc:d3:df:25:6c:0b:35:80:a4:a8:53:df:04:a2:
c2:5e:13:b3:95:65:fd:93:60:8d:f9:c2:00:c1:d7:57:21:6c:
c6:d0:55:8d:e1:24:2f:58:f1:e7:78:bd:e5:41:92:ed:a8:55:
bb:93:dd:ae:62:86:bd:4f:21:91:bc:92:49:b7:44:fd:e9:05:
e2:ef:c1:68:ab:b3:dd:43:71:f8:db:f6:51:ab:02:ec:62:74:
68:58:65:75:0a:d1:4a:37:3d:1f:28:69:1c:7a:df:07:4c:5d:
2b:99:4c:e4:1a:5c:74:fa:ac:c5:31:0a:61:1b:b7:26:27:6b:
3f:dc:cb:26:6a:ab:df:0a:dc:42:ba:e6:97:00:85:74:42:bd:
b5:05:40:cf:04:4e:6d:0a:8a:cb:11:ce:8e:1c:c8:99:1b:76:
81:46:c2:cc:48:58:82:71:c0:31:85:99:28:2e:d5:f4:cb:93:
60:74:e0:91:98:ce:9e:af:5a:2b:f2:ab:7a:a9:b0:7e:0c:c7:
d8:5f:2d:80:52:d0:9e:c1:c1:3b:da:0b:da:b4:36:04:75:1a:
98:49:2d:45:f3:23:41:54:16:8b:f8:94:87:16:d8:4f:69:bf:
cd:4a:b5:01
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPYPMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDU0MzQ4WhcNMjcxMjEzMDU0MzQ4WjAYMRYw
FAYDVQQDEw02Nzc3NzkxOC03ZmUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4tV1z0nEdpU/TOCCIunzGRfBXxAhr+iTLlpU/B4/xMjCIB4WxJPsFO+q
eC0eVLsXHvqP+G0CJhAiPqvvOuN+LG5Sf0ybQTsvzHmnFpvpdWy4ezcIBV5TbVCk
pYuhzQ1Y9rGuPHLgyIjrl10AM65d1JQgHEFOfAJnnolu3s0aoLfjT0uZDpINyEc8
LWufDkrUQwDKwin8ARPpHR8eeLzqB1p8ige93Ol2kjgNc3Lr4kkme2FwwsZmDVrB
NsJsaAhg8CPrsPwSKukGQa+8D7/XXyZy5ZaGQwJaaKtji5c4yaVeHuxDFt5F9Aip
xqOp29D4vb67v+oC8s5D46y9zcLb/wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLOK
odSXaNI7R5Ok0Zik9YYJG1FdMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CNjhBNDM2Q0M5OTUxMUVGQUYzNjEyODM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOmMMA0GCSqGSIb3DQEBCwUA
A4IBAQCEj+5dJOlupgzD48FJQcEbptAEgdDz3NPfJWwLNYCkqFPfBKLCXhOzlWX9
k2CN+cIAwddXIWzG0FWN4SQvWPHneL3lQZLtqFW7k92uYoa9TyGRvJJJt0T96QXi
78Foq7PdQ3H42/ZRqwLsYnRoWGV1CtFKNz0fKGkcet8HTF0rmUzkGlx0+qzFMQph
G7cmJ2s/3MsmaqvfCtxCuuaXAIV0Qr21BUDPBE5tCorLEc6OHMiZG3aBRsLMSFiC
ccAxhZkoLtX0y5NgdOCRmM6er1or8qt6qbB+DMfYXy2AUtCewcE72gvatDYEdRqY
SS1F8yNBVBaL+JSHFthPab/NSrUB
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:37:55 2025 by rpki-client