Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C19EC228CD0511EFB3B01D4E762E951A.roa
File: C19EC228CD0511EFB3B01D4E762E951A.roa (raw, json)
Hash identifier: kGHjWYDS5VapqG1yxaCIV/rGuByuNQdVF/gu45U0LF0=
Subject key identifier: F6:15:9D:95:2B:10:08:44:39:E3:68:9A:86:75:3E:6D:55:17:E1:20
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FC97
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C19EC228CD0511EFB3B01D4E762E951A.roa
Signing time: Tue 07 Jan 2025 14:43:28 +0000
ROA not before: Tue 07 Jan 2025 14:43:24 +0000
ROA not after: Mon 13 Dec 2027 14:43:24 +0000
asID: 17561
IP address blocks: 156.239.29.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64663 (0xfc97)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 14:43:24 2025 GMT
Not After : Dec 13 14:43:24 2027 GMT
Subject: CN=677d3d90-77d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:e5:12:64:71:76:1d:d6:e3:fc:99:aa:a7:09:
1a:ee:fb:a1:5b:19:d4:e9:8e:75:25:f9:18:48:3d:
7a:01:b0:fc:2e:6a:ff:aa:32:dd:ab:bf:9e:81:c6:
88:6e:9c:83:6e:e5:e9:23:85:46:6f:46:c5:d0:f2:
e6:e7:dd:b4:8f:0e:77:c4:69:cc:4e:1c:f1:fc:03:
56:77:12:8d:de:95:cf:8e:a5:0f:02:de:83:5e:a0:
c9:54:9e:73:89:45:21:d3:dc:45:c5:33:f7:14:86:
bf:22:1e:1a:31:e0:97:7a:fe:76:22:1a:31:32:0b:
3c:8f:65:6a:af:25:a2:7f:5d:2d:27:21:34:37:ad:
d6:61:a5:e9:68:31:6a:25:9e:20:0c:43:e4:f4:68:
6a:6f:a8:d8:d5:c5:0b:a1:47:9e:de:95:24:1d:4a:
fc:dc:dd:82:0a:a6:70:ed:04:b1:ec:b9:21:8f:04:
5f:55:e2:33:b6:a6:77:66:c5:a4:ca:26:c2:f4:c0:
47:59:88:97:91:47:ac:a7:cf:19:f5:cd:4e:97:3a:
b1:be:e1:f4:e7:a3:28:b7:60:5e:cd:9e:2b:cd:4f:
51:1a:71:2b:2a:b3:c7:1d:fd:a5:60:0f:c2:80:3c:
ad:92:77:05:c3:ed:fe:ad:22:41:96:4a:85:b4:7c:
c0:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:15:9D:95:2B:10:08:44:39:E3:68:9A:86:75:3E:6D:55:17:E1:20
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C19EC228CD0511EFB3B01D4E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.239.29.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:b7:c6:8d:8f:32:a3:72:6b:00:f0:a5:3d:7f:d9:ad:25:09:
94:9b:bd:3f:9b:24:e4:a9:60:39:2f:51:18:da:e3:f5:a5:7d:
a9:f6:45:fb:37:ef:59:3c:81:ad:7a:c4:dd:3a:c9:1d:dc:de:
9f:7b:6e:49:0f:c5:00:5c:61:85:87:f6:42:81:55:18:0a:13:
ff:f1:1a:2b:d1:71:f4:94:75:a2:44:29:d0:fa:48:ea:b4:04:
4c:e3:c0:d1:9b:32:e2:75:02:20:3b:ff:eb:a1:e5:8c:3d:1f:
0a:5b:05:60:38:0c:aa:7b:51:ef:b4:05:a0:c6:42:5e:bf:26:
f6:bf:f4:79:5d:9f:8a:4c:8b:c7:f9:1a:bd:67:ca:73:c1:fe:
6c:5c:33:03:0f:e0:3b:1b:cd:da:f7:3c:31:bb:ef:38:64:d6:
99:92:71:6d:d6:de:70:9b:31:76:51:f0:0e:30:63:b2:83:ad:
67:86:e6:f6:89:e2:61:1b:e4:9c:8f:ac:ca:05:8a:bc:2c:c4:
e0:90:7a:e4:65:d4:74:92:c3:96:d4:5e:91:dc:b1:cf:fc:ff:
ce:ae:46:22:d0:5a:1c:09:c5:85:01:c1:ce:09:67:3a:20:aa:
40:ff:14:b3:95:f1:82:5b:8d:ff:a9:20:5c:9b:7f:b8:02:f7:
fb:4b:3a:f9
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPyXMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTQ0MzI0WhcNMjcxMjEzMTQ0MzI0WjAYMRYw
FAYDVQQDEw02NzdkM2Q5MC03N2Q5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAs+USZHF2Hdbj/Jmqpwka7vuhWxnU6Y51JfkYSD16AbD8Lmr/qjLdq7+e
gcaIbpyDbuXpI4VGb0bF0PLm5920jw53xGnMThzx/ANWdxKN3pXPjqUPAt6DXqDJ
VJ5ziUUh09xFxTP3FIa/Ih4aMeCXev52IhoxMgs8j2VqryWif10tJyE0N63WYaXp
aDFqJZ4gDEPk9Ghqb6jY1cULoUee3pUkHUr83N2CCqZw7QSx7LkhjwRfVeIztqZ3
ZsWkyibC9MBHWYiXkUesp88Z9c1OlzqxvuH056Mot2BezZ4rzU9RGnErKrPHHf2l
YA/CgDytkncFw+3+rSJBlkqFtHzAjQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPYV
nZUrEAhEOeNomoZ1Pm1VF+EgMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DMTlFQzIyOENEMDUxMUVGQjNCMDFENEU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO8dMA0GCSqGSIb3DQEBCwUA
A4IBAQCLt8aNjzKjcmsA8KU9f9mtJQmUm70/myTkqWA5L1EY2uP1pX2p9kX7N+9Z
PIGtesTdOskd3N6fe25JD8UAXGGFh/ZCgVUYChP/8Ror0XH0lHWiRCnQ+kjqtARM
48DRmzLidQIgO//roeWMPR8KWwVgOAyqe1HvtAWgxkJevyb2v/R5XZ+KTIvH+Rq9
Z8pzwf5sXDMDD+A7G83a9zwxu+84ZNaZknFt1t5wmzF2UfAOMGOyg61nhub2ieJh
G+Scj6zKBYq8LMTgkHrkZdR0ksOW1F6R3LHP/P/OrkYi0FocCcWFAcHOCWc6IKpA
/xSzlfGCW43/qSBcm3+4Avf7Szr5
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:38:42 2025 by rpki-client