Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C69A0B92C34211EF9F8AF348762E951A.roa
File: C69A0B92C34211EF9F8AF348762E951A.roa (raw, json)
Hash identifier: tbAKH7qZG+ADqwvc0dxLzsp5Ke4pXNf6XBInd/0a7hI=
Subject key identifier: 04:68:F4:42:40:F8:6B:B2:CF:94:85:78:74:C7:78:B5:4F:43:81:E3
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EBDF
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C69A0B92C34211EF9F8AF348762E951A.roa
Signing time: Thu 26 Dec 2024 04:35:04 +0000
ROA not before: Thu 26 Dec 2024 04:35:00 +0000
ROA not after: Fri 10 Dec 2027 04:35:00 +0000
asID: 17561
IP address blocks: 156.244.235.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60383 (0xebdf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 04:35:00 2024 GMT
Not After : Dec 10 04:35:00 2027 GMT
Subject: CN=676cdcf8-ff40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:a1:6a:9e:e0:a7:82:e7:f1:7b:3d:29:39:6b:
9e:6b:8a:d3:ae:b5:a1:9d:c0:dc:c2:89:92:19:f8:
c5:9a:c3:06:ca:3d:7c:9d:f5:1a:4d:f7:d0:59:6d:
66:c2:2f:5e:98:13:d8:04:2c:6c:4f:51:76:fc:98:
f2:6a:21:e4:08:fb:6e:ba:97:7d:b1:2d:bb:d8:36:
7b:4a:59:8e:17:02:03:7c:88:ba:f4:68:89:5d:65:
4d:8b:81:b6:9a:04:51:34:ee:ec:be:40:99:e5:ed:
6a:9d:ea:d7:ee:d6:b8:5c:fe:77:13:a8:e5:c4:20:
1b:59:1b:a6:46:82:af:c6:40:67:58:e6:4d:41:ba:
19:70:e0:19:39:69:8e:dc:16:30:ea:07:56:ad:7c:
53:40:b9:de:e6:37:51:2d:fe:73:c7:95:a7:3e:c9:
62:3f:0a:fe:a0:ed:cf:65:55:f8:a3:74:65:93:ef:
5d:38:15:5f:cf:44:bb:48:f5:3b:11:b8:f5:4c:ed:
d1:ef:4f:7a:a9:6e:00:c9:d3:9c:1b:90:35:6e:6f:
5b:b2:bb:e0:fb:3b:89:e7:cc:1b:de:f3:1b:fd:43:
18:cc:1e:3f:e8:24:ea:04:be:42:df:24:fa:56:b4:
f0:a4:fa:1b:8f:f7:96:33:de:35:86:0b:c2:fd:3b:
1e:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:68:F4:42:40:F8:6B:B2:CF:94:85:78:74:C7:78:B5:4F:43:81:E3
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C69A0B92C34211EF9F8AF348762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.244.235.0/24
Signature Algorithm: sha256WithRSAEncryption
40:96:6c:50:94:8e:7e:f8:49:8d:01:9f:3d:24:69:9e:8f:8e:
98:84:d6:18:c1:fd:9b:9a:f8:a4:4c:fa:99:b9:29:f2:c1:8c:
7e:25:d6:d4:71:d5:7c:d3:0d:d3:34:f7:50:56:27:21:fd:e5:
14:6a:06:01:61:ef:f5:64:37:b2:a3:4b:c1:4b:81:fa:ab:19:
5e:40:a9:0a:db:7d:2a:32:2e:63:bf:ed:92:43:06:a5:92:ec:
58:2e:73:06:36:ba:1d:cf:7f:92:df:3c:22:9e:2b:cf:37:89:
be:4a:68:a4:5f:58:79:f2:e2:82:8b:8d:02:4b:e0:b5:2c:23:
12:0d:60:42:12:a2:01:34:6c:25:55:3b:cd:6f:86:2e:8a:ee:
5c:63:a5:90:49:3f:09:ac:98:a4:6d:25:79:e4:c4:2a:e1:3a:
42:d2:5b:98:00:cd:3f:4e:aa:4b:d9:51:aa:c4:d5:f6:f5:0d:
7b:13:dd:5e:0c:e6:71:1e:5c:b0:6b:08:30:56:c8:50:76:a3:
3f:bd:48:f1:2a:37:93:6f:46:10:e0:29:a5:18:4b:f4:03:09:
67:20:7a:ea:64:00:9a:3a:53:fa:8f:fe:d1:bb:25:6a:92:5f:
11:96:35:78:da:6c:71:34:50:61:61:d0:f6:dd:b5:b5:36:a1:
ea:a7:6e:03
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOvfMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDQzNTAwWhcNMjcxMjEwMDQzNTAwWjAYMRYw
FAYDVQQDEw02NzZjZGNmOC1mZjQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0KFqnuCngufxez0pOWuea4rTrrWhncDcwomSGfjFmsMGyj18nfUaTffQ
WW1mwi9emBPYBCxsT1F2/JjyaiHkCPtuupd9sS272DZ7SlmOFwIDfIi69GiJXWVN
i4G2mgRRNO7svkCZ5e1qnerX7ta4XP53E6jlxCAbWRumRoKvxkBnWOZNQboZcOAZ
OWmO3BYw6gdWrXxTQLne5jdRLf5zx5WnPsliPwr+oO3PZVX4o3Rlk+9dOBVfz0S7
SPU7Ebj1TO3R7096qW4AydOcG5A1bm9bsrvg+zuJ58wb3vMb/UMYzB4/6CTqBL5C
3yT6VrTwpPobj/eWM941hgvC/TseUwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFARo
9EJA+Guyz5SFeHTHeLVPQ4HjMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DNjlBMEI5MkMzNDIxMUVGOUY4QUYzNDg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPTrMA0GCSqGSIb3DQEBCwUA
A4IBAQBAlmxQlI5++EmNAZ89JGmej46YhNYYwf2bmvikTPqZuSnywYx+JdbUcdV8
0w3TNPdQVich/eUUagYBYe/1ZDeyo0vBS4H6qxleQKkK230qMi5jv+2SQwalkuxY
LnMGNrodz3+S3zwinivPN4m+SmikX1h58uKCi40CS+C1LCMSDWBCEqIBNGwlVTvN
b4Yuiu5cY6WQST8JrJikbSV55MQq4TpC0luYAM0/TqpL2VGqxNX29Q17E91eDOZx
HlywawgwVshQdqM/vUjxKjeTb0YQ4CmlGEv0AwlnIHrqZACaOlP6j/7RuyVqkl8R
ljV42mxxNFBhYdD23bW1NqHqp24D
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:46:10 2025 by rpki-client