Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B7C90A3EC95811EFBE7E886A762E951A.roa
File: B7C90A3EC95811EFBE7E886A762E951A.roa (raw, json)
Hash identifier: YpMlyyeEf1bhvhzsmnzhJNIp5ZwrF71bsdWvbtymDWw=
Subject key identifier: 40:8B:60:10:72:BD:69:4C:76:5A:8B:06:34:45:84:C3:53:8E:BC:8C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F410
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B7C90A3EC95811EFBE7E886A762E951A.roa
Signing time: Thu 02 Jan 2025 22:27:15 +0000
ROA not before: Thu 02 Jan 2025 22:27:11 +0000
ROA not after: Mon 13 Dec 2027 22:27:11 +0000
asID: 17561
IP address blocks: 156.226.161.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62480 (0xf410)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 2 22:27:11 2025 GMT
Not After : Dec 13 22:27:11 2027 GMT
Subject: CN=677712c3-6942
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:20:da:1d:5c:05:66:e9:ab:b1:6f:b4:2d:7c:
80:47:33:c2:27:eb:e3:d5:ea:db:6c:ea:c5:03:b9:
06:45:51:de:84:e0:f1:08:a3:cf:7f:08:15:4a:4e:
b2:fc:63:ba:d3:b8:24:a3:51:4f:0b:14:a1:65:f0:
80:0a:87:30:72:a7:3d:16:cd:5f:5f:7e:ac:e5:3c:
cf:a0:07:c1:0d:9a:9b:9c:d3:34:db:dd:20:db:ab:
e9:31:f7:be:1d:75:bc:fa:cd:1e:cc:0d:82:bd:49:
3e:52:b6:34:44:00:18:06:96:d2:9d:de:0f:d0:12:
f0:a4:fa:4d:7b:3d:45:e3:62:28:de:7d:e1:b5:4f:
82:f5:c4:cc:65:c3:5b:29:d5:23:99:da:de:43:21:
2c:f7:40:57:1d:c8:95:07:b9:bf:38:46:4e:5c:a5:
27:fb:bc:de:be:12:ec:1f:2b:3c:91:21:36:26:2e:
25:95:9d:f6:43:6d:38:ca:93:b5:63:70:65:72:38:
6d:e6:cb:ee:91:8b:59:68:2c:37:26:98:31:cd:d9:
69:59:19:3a:a8:79:df:a3:be:c6:c7:d2:b2:ca:b2:
ff:1d:0c:eb:25:2b:1a:d6:32:97:ac:d6:07:9e:45:
04:95:5b:73:a4:fb:6d:35:09:1e:53:2f:91:54:50:
dd:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:8B:60:10:72:BD:69:4C:76:5A:8B:06:34:45:84:C3:53:8E:BC:8C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B7C90A3EC95811EFBE7E886A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.226.161.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:ab:d8:76:4b:75:01:90:e2:bc:74:3e:79:05:44:6b:23:eb:
0c:a7:ca:f8:a2:c3:24:ff:40:b3:1f:fe:b9:ce:34:d5:5a:07:
f7:dc:fe:3e:49:af:53:5f:08:d7:8a:20:71:1d:ca:4b:fb:38:
3d:dc:a3:fa:1a:96:36:f7:68:42:f1:7a:19:a6:eb:55:51:37:
04:a5:a7:ca:fe:7a:23:d1:55:b1:5c:57:51:e7:e7:44:2e:2a:
28:d8:eb:f6:bd:ba:2a:62:80:94:e1:c1:11:ab:48:e9:01:81:
8e:48:c4:2d:cb:6b:52:62:90:f2:1d:e4:9a:16:fa:b5:65:6c:
ec:66:66:23:b4:ed:1a:23:0b:df:3f:b7:66:0b:a8:7a:09:db:
24:15:21:58:d2:40:5c:64:ce:a8:56:64:2f:63:05:c5:43:6a:
2b:39:5b:5b:1e:ae:ee:59:8e:a6:d9:94:6b:11:97:fb:6f:bc:
44:0b:cf:58:7f:a3:4e:5d:a8:9a:b4:74:dc:a5:43:b3:2b:e3:
49:ed:40:0e:c5:a9:73:05:44:05:e3:be:7a:e4:eb:07:e0:b7:
9b:e6:3f:62:4e:9d:15:92:cc:e7:bd:73:eb:04:b5:89:e0:4f:
2b:76:b7:41:d3:aa:7d:11:13:0e:cf:4a:6b:16:bf:b1:5d:13:
eb:8f:e8:9e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPQQMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAyMjIyNzExWhcNMjcxMjEzMjIyNzExWjAYMRYw
FAYDVQQDEw02Nzc3MTJjMy02OTQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqSDaHVwFZumrsW+0LXyARzPCJ+vj1erbbOrFA7kGRVHehODxCKPPfwgV
Sk6y/GO607gko1FPCxShZfCACocwcqc9Fs1fX36s5TzPoAfBDZqbnNM0290g26vp
Mfe+HXW8+s0ezA2CvUk+UrY0RAAYBpbSnd4P0BLwpPpNez1F42Io3n3htU+C9cTM
ZcNbKdUjmdreQyEs90BXHciVB7m/OEZOXKUn+7zevhLsHys8kSE2Ji4llZ32Q204
ypO1Y3Blcjht5svukYtZaCw3JpgxzdlpWRk6qHnfo77Gx9KyyrL/HQzrJSsa1jKX
rNYHnkUElVtzpPttNQkeUy+RVFDdIQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFECL
YBByvWlMdlqLBjRFhMNTjryMMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CN0M5MEEzRUM5NTgxMUVGQkU3RTg4NkE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOKhMA0GCSqGSIb3DQEBCwUA
A4IBAQBMq9h2S3UBkOK8dD55BURrI+sMp8r4osMk/0CzH/65zjTVWgf33P4+Sa9T
XwjXiiBxHcpL+zg93KP6GpY292hC8XoZputVUTcEpafK/noj0VWxXFdR5+dELioo
2Ov2vboqYoCU4cERq0jpAYGOSMQty2tSYpDyHeSaFvq1ZWzsZmYjtO0aIwvfP7dm
C6h6CdskFSFY0kBcZM6oVmQvYwXFQ2orOVtbHq7uWY6m2ZRrEZf7b7xEC89Yf6NO
XaiatHTcpUOzK+NJ7UAOxalzBUQF47565OsH4Leb5j9iTp0VksznvXPrBLWJ4E8r
drdB06p9ERMOz0prFr+xXRPrj+ie
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:50:15 2025 by rpki-client