Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B7E7AEA6D24711EFADF848B2762E951A.roa
File: B7E7AEA6D24711EFADF848B2762E951A.roa (raw, json)
Hash identifier: /+nk0Em1juOkMJ5Dg5btm5Ps7u3rjL/f6PqgyhRGHKA=
Subject key identifier: 9F:56:86:95:35:50:55:C3:76:7E:B5:70:0A:3B:16:CC:42:9C:B1:E5
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0106DE
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B7E7AEA6D24711EFADF848B2762E951A.roa
Signing time: Tue 14 Jan 2025 07:18:14 +0000
ROA not before: Tue 14 Jan 2025 07:18:10 +0000
ROA not after: Tue 18 Feb 2025 07:18:10 +0000
asID: 214413
IP address blocks: 156.226.132.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67294 (0x106de)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 14 07:18:10 2025 GMT
Not After : Feb 18 07:18:10 2025 GMT
Subject: CN=67860fb6-a4c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b4:a0:56:1d:7c:c1:6e:fe:bd:27:6e:6c:1c:
38:29:f7:e3:27:3c:ab:ea:96:14:6a:57:bf:64:66:
8b:6b:43:ae:0f:a0:65:80:3c:b0:b1:98:b8:bb:1d:
0b:b2:65:1b:d2:cb:12:4e:2a:66:51:4a:55:ab:f8:
c5:ed:c9:ef:f8:8b:0a:83:05:8c:dd:7f:44:46:ab:
3f:3b:3b:48:c5:34:b0:86:7e:c9:fe:f4:d2:0b:a8:
b0:2e:94:16:59:3a:3a:bc:4a:02:18:52:1c:31:34:
fe:1d:bf:26:f5:7a:a5:f7:17:4d:35:18:1d:d4:46:
eb:73:17:a9:e0:31:0c:dc:9b:38:e1:70:01:67:7b:
fc:5a:b7:3c:41:e8:f5:8c:2d:84:7e:46:5c:f9:6d:
8f:8f:c5:6a:c0:85:18:a8:00:c0:21:33:57:95:9d:
da:29:64:12:d9:0e:e0:ef:da:71:8a:ca:56:b7:7a:
7c:b7:be:ef:4c:11:7e:21:1d:59:2c:17:a3:ae:12:
a2:dc:55:15:f2:41:5f:d3:53:60:15:b8:1a:bd:d9:
72:36:6c:2e:23:8c:30:36:2c:93:73:5c:f9:0b:a0:
99:c3:2b:61:27:08:c6:f1:23:b4:89:88:6c:56:71:
4a:40:29:51:b7:46:22:e6:4c:ca:ed:b8:e0:85:67:
91:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:56:86:95:35:50:55:C3:76:7E:B5:70:0A:3B:16:CC:42:9C:B1:E5
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B7E7AEA6D24711EFADF848B2762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.226.132.0/24
Signature Algorithm: sha256WithRSAEncryption
56:43:03:9d:11:41:97:18:2d:d1:6e:70:a7:1a:db:71:b0:05:
4e:8e:db:0d:cb:18:60:2e:c6:0f:06:0e:90:ce:92:bf:c2:5d:
1d:d0:5e:51:b9:60:35:ef:4c:ce:ab:ff:1e:3f:88:47:66:4e:
d3:64:d7:aa:1c:fe:71:da:a9:dc:d4:45:f5:fc:61:6d:ea:7f:
96:0d:08:3d:2d:0e:87:b2:3f:73:0e:c2:62:87:53:a2:bb:54:
c9:01:03:cf:36:00:94:43:67:ff:b5:5d:df:7e:d7:c7:35:95:
81:6e:ba:50:da:e5:6c:c6:bd:03:66:04:35:41:bc:0b:4d:5e:
af:5f:73:4e:cd:fc:8d:f1:7e:35:c3:8c:d4:2f:00:bf:95:2c:
9a:c4:89:7e:0f:ab:dd:3d:32:64:8d:55:2e:3f:bb:69:cb:b5:
7c:8c:e4:5c:6d:8a:43:ae:2c:4e:a1:50:9c:8e:a7:b0:8c:99:
22:67:98:9b:69:ab:b5:26:46:f6:37:cc:94:d7:01:d7:da:d1:
dd:f3:95:32:69:03:b9:a1:81:3b:fe:24:6c:ba:c2:c6:6a:eb:
d8:6e:6b:ae:84:31:3a:12:19:d9:42:f9:52:f7:4f:39:0d:81:
5a:fb:c7:96:76:4c:a3:35:aa:8e:68:42:2d:df:cc:4b:30:67:
18:09:39:e9
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQbeMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE0MDcxODEwWhcNMjUwMjE4MDcxODEwWjAYMRYw
FAYDVQQDEw02Nzg2MGZiNi1hNGMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAr7SgVh18wW7+vSdubBw4KffjJzyr6pYUale/ZGaLa0OuD6BlgDywsZi4
ux0LsmUb0ssSTipmUUpVq/jF7cnv+IsKgwWM3X9ERqs/OztIxTSwhn7J/vTSC6iw
LpQWWTo6vEoCGFIcMTT+Hb8m9Xql9xdNNRgd1Ebrcxep4DEM3Js44XABZ3v8Wrc8
Qej1jC2EfkZc+W2Pj8VqwIUYqADAITNXlZ3aKWQS2Q7g79pxispWt3p8t77vTBF+
IR1ZLBejrhKi3FUV8kFf01NgFbgavdlyNmwuI4wwNiyTc1z5C6CZwythJwjG8SO0
iYhsVnFKQClRt0Yi5kzK7bjghWeRrwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJ9W
hpU1UFXDdn61cAo7FsxCnLHlMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CN0U3QUVBNkQyNDcxMUVGQURGODQ4QjI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOKEMA0GCSqGSIb3DQEBCwUA
A4IBAQBWQwOdEUGXGC3RbnCnGttxsAVOjtsNyxhgLsYPBg6QzpK/wl0d0F5RuWA1
70zOq/8eP4hHZk7TZNeqHP5x2qnc1EX1/GFt6n+WDQg9LQ6Hsj9zDsJih1Oiu1TJ
AQPPNgCUQ2f/tV3fftfHNZWBbrpQ2uVsxr0DZgQ1QbwLTV6vX3NOzfyN8X41w4zU
LwC/lSyaxIl+D6vdPTJkjVUuP7tpy7V8jORcbYpDrixOoVCcjqewjJkiZ5ibaau1
Jkb2N8yU1wHX2tHd85UyaQO5oYE7/iRsusLGauvYbmuuhDE6EhnZQvlS9085DYFa
+8eWdkyjNaqOaEIt38xLMGcYCTnp
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:55:33 2025 by rpki-client