Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C5AB80F6CC9011EFB658F554762E951A.roa
File: C5AB80F6CC9011EFB658F554762E951A.roa (raw, json)
Hash identifier: ln2GrZiz9UBM8JlxghGS6iNddzXKyUUizxg+J+JJsik=
Subject key identifier: AC:12:E0:0D:0A:46:AB:EE:8B:D9:82:35:B8:38:77:C9:98:CD:4B:24
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F907
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C5AB80F6CC9011EFB658F554762E951A.roa
Signing time: Tue 07 Jan 2025 00:46:04 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Mon 13 Dec 2027 00:00:00 +0000
asID: 17561
IP address blocks: 156.226.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63751 (0xf907)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Dec 13 00:00:00 2027 GMT
Subject: CN=677c794b-58aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:a7:6b:a6:64:c3:e9:29:fd:8a:25:d5:29:cd:
44:2e:4e:82:63:37:ff:cf:23:44:ea:43:7b:2d:37:
30:05:fd:5b:5a:5c:cd:c5:9c:f1:f1:b8:b5:a4:e9:
fc:a6:bf:e6:2e:b3:58:af:01:e4:5a:2a:ad:4c:d8:
52:c1:d1:3a:b9:46:39:3b:d6:d9:e0:d0:e8:64:5e:
de:25:8c:cc:87:03:23:cd:a7:3d:d5:0f:4d:a7:12:
e7:ef:50:0a:d9:bd:37:70:af:5f:2e:88:51:93:1e:
91:3c:da:05:b1:f4:cd:55:28:42:71:33:0d:19:2f:
a1:31:c7:bf:19:d8:e0:7a:9c:f8:c2:a6:4b:1f:cb:
5a:28:d5:59:88:a7:b0:12:4e:18:3d:a7:aa:8e:23:
14:5d:1f:18:dc:c7:e9:e7:d6:89:d2:f3:af:8b:00:
21:ba:ac:ac:59:4c:53:bd:56:10:ba:1a:55:81:f5:
52:cd:75:ee:b4:5a:71:dc:1f:73:f7:2d:84:31:d0:
ea:04:da:f7:04:ae:f9:c5:d9:45:62:10:bb:1f:90:
0c:a2:00:ac:01:5b:69:27:fd:c6:44:2a:0a:9f:7e:
21:de:b2:f0:3a:83:14:a2:98:53:e3:be:75:a8:86:
39:80:9f:f7:37:b2:81:55:b7:f2:95:54:aa:9e:fe:
a3:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:12:E0:0D:0A:46:AB:EE:8B:D9:82:35:B8:38:77:C9:98:CD:4B:24
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C5AB80F6CC9011EFB658F554762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.226.250.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:fd:38:d9:8b:c9:9e:7e:8d:56:93:b2:29:58:54:ec:c1:ae:
c2:d3:5e:f5:b2:17:29:49:6b:f4:ee:c9:5c:48:2e:6e:33:a5:
4d:68:07:ff:78:e0:28:e0:42:b7:ee:8f:de:b2:3f:58:4b:5d:
c0:ca:2b:87:9b:84:b2:16:15:4b:38:10:1a:c8:9b:2c:49:5d:
a3:01:dd:b6:da:18:66:0c:02:b9:ff:b8:eb:d5:0e:76:3e:8d:
46:99:9e:fe:a4:53:f8:2e:5f:ea:23:73:6a:2e:20:52:aa:b9:
5f:b2:b9:a8:e6:44:85:e1:b9:00:c4:54:db:b2:45:c7:b1:58:
72:be:58:f3:32:42:2e:b1:b9:31:62:d5:bb:f3:bd:b7:56:23:
a2:9e:7e:bb:2e:51:20:f2:c4:47:dc:3b:b5:8c:86:17:2a:b0:
6b:19:a0:d7:88:29:ce:94:5e:8d:c9:ab:38:b1:24:f1:4b:c4:
aa:4a:85:dd:0b:cd:bf:9a:43:a1:03:be:a7:d9:1c:15:14:d0:
21:77:e8:a1:d9:f6:c7:aa:69:90:da:63:2e:7b:4d:84:27:95:
8b:16:69:8e:48:c8:5e:57:88:56:5f:63:55:4d:98:6b:a0:88:
f5:3f:b1:68:e2:4e:14:f6:c9:59:25:e0:34:78:04:ea:7f:e8:
31:6a:63:b7
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPkHMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDAwMDAwWhcNMjcxMjEzMDAwMDAwWjAYMRYw
FAYDVQQDEw02NzdjNzk0Yi01OGFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtqdrpmTD6Sn9iiXVKc1ELk6CYzf/zyNE6kN7LTcwBf1bWlzNxZzx8bi1
pOn8pr/mLrNYrwHkWiqtTNhSwdE6uUY5O9bZ4NDoZF7eJYzMhwMjzac91Q9NpxLn
71AK2b03cK9fLohRkx6RPNoFsfTNVShCcTMNGS+hMce/Gdjgepz4wqZLH8taKNVZ
iKewEk4YPaeqjiMUXR8Y3Mfp59aJ0vOviwAhuqysWUxTvVYQuhpVgfVSzXXutFpx
3B9z9y2EMdDqBNr3BK75xdlFYhC7H5AMogCsAVtpJ/3GRCoKn34h3rLwOoMUophT
4751qIY5gJ/3N7KBVbfylVSqnv6jhQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKwS
4A0KRqvui9mCNbg4d8mYzUskMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DNUFCODBGNkNDOTAxMUVGQjY1OEY1NTQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOL6MA0GCSqGSIb3DQEBCwUA
A4IBAQCd/TjZi8mefo1Wk7IpWFTswa7C0171shcpSWv07slcSC5uM6VNaAf/eOAo
4EK37o/esj9YS13AyiuHm4SyFhVLOBAayJssSV2jAd222hhmDAK5/7jr1Q52Po1G
mZ7+pFP4Ll/qI3NqLiBSqrlfsrmo5kSF4bkAxFTbskXHsVhyvljzMkIusbkxYtW7
8723ViOinn67LlEg8sRH3Du1jIYXKrBrGaDXiCnOlF6Nyas4sSTxS8SqSoXdC82/
mkOhA76n2RwVFNAhd+ih2fbHqmmQ2mMue02EJ5WLFmmOSMheV4hWX2NVTZhroIj1
P7Fo4k4U9slZJeA0eATqf+gxamO3
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:49:10 2025 by rpki-client