Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D0786630C33411EF8AB1956C762E951A.roa
File: D0786630C33411EF8AB1956C762E951A.roa (raw, json)
Hash identifier: XE3iTmDhNklvX9ompDHQ1RKwaoceacFIQsv3nBlEBRs=
Subject key identifier: 24:36:10:DB:2D:6F:87:F7:CB:F3:42:65:27:58:A7:1F:BD:AA:C3:B2
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EB3B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D0786630C33411EF8AB1956C762E951A.roa
Signing time: Thu 26 Dec 2024 02:55:07 +0000
ROA not before: Thu 26 Dec 2024 02:55:04 +0000
ROA not after: Fri 10 Dec 2027 02:55:04 +0000
asID: 17561
IP address blocks: 156.244.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60219 (0xeb3b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 02:55:04 2024 GMT
Not After : Dec 10 02:55:04 2027 GMT
Subject: CN=676cc58b-3b6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:a4:ec:79:47:42:3e:9f:2c:dd:60:ee:19:c0:
51:54:70:44:53:81:5d:36:d7:ea:72:fa:d4:f9:59:
54:5a:c2:97:99:fd:e5:7d:6e:f7:64:29:e2:be:ef:
aa:7d:fb:cb:9f:6b:00:2a:0a:58:c4:d6:7a:b3:d9:
e0:ea:c3:4f:f5:5f:bf:76:8e:db:d0:a0:41:db:ea:
01:df:25:9e:d3:f8:06:9e:62:59:9f:d3:c8:d2:18:
7c:58:d8:a8:3f:f0:10:ab:f1:7f:98:ef:90:b4:fe:
f4:70:05:16:1c:fa:c4:eb:01:24:92:dd:e3:b6:a9:
82:a0:2b:3e:37:ef:48:02:c3:d1:65:e3:e5:71:a6:
9c:b3:b5:20:fa:ca:43:63:1a:a4:7c:67:85:37:3a:
a5:b3:99:d6:c7:2f:f6:82:a7:16:f6:c0:1b:a9:25:
ca:26:22:28:00:cd:c9:c6:18:dd:c0:82:40:98:b2:
5f:e9:61:59:a9:be:9b:93:f3:36:3f:8b:77:10:36:
a3:95:da:7a:8e:92:97:ab:c7:10:b5:9b:8f:65:16:
07:e6:30:c4:40:37:75:f0:de:bd:e1:68:6e:50:76:
9b:48:5f:0d:dc:31:65:ce:12:3a:4f:a4:9f:e6:08:
8e:6b:8f:aa:a4:63:41:87:2e:4a:24:9d:00:ae:20:
c6:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:36:10:DB:2D:6F:87:F7:CB:F3:42:65:27:58:A7:1F:BD:AA:C3:B2
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D0786630C33411EF8AB1956C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.244.153.0/24
Signature Algorithm: sha256WithRSAEncryption
22:94:50:5e:7f:3e:ca:e0:9a:65:c0:e7:14:49:bb:45:bb:3c:
2e:64:c5:5e:5c:6d:27:d7:7a:39:9b:6e:bf:c4:7f:a3:da:9a:
be:59:da:a0:c6:4c:a7:05:a8:33:6a:c9:80:7c:aa:40:6a:be:
9e:9d:d0:7b:77:c2:d5:0c:87:b3:cb:11:c5:5c:42:81:d4:0f:
ff:f1:cd:d5:36:28:e1:76:41:cd:6e:af:36:78:95:34:5e:a1:
64:bd:ab:e7:4d:b4:35:f1:ce:ac:40:4d:31:cc:34:3a:fa:04:
13:5a:af:95:08:ba:bc:ba:ff:76:24:b7:88:a2:88:96:a1:7e:
fc:1a:1a:3e:9d:cc:2c:05:2c:76:8f:31:d0:9c:06:ec:c6:1c:
d5:53:9b:e2:5e:33:17:3b:ac:27:d6:6f:63:2d:04:22:8a:47:
48:ce:9b:0c:db:b5:43:7a:85:45:b6:1a:48:95:fd:de:5c:fa:
a9:cd:47:b6:7e:0d:d4:c5:71:46:85:74:62:87:93:8f:cd:48:
d1:2b:bf:7e:98:7f:00:13:6c:27:3a:eb:26:2c:8e:0e:cd:0a:
ba:f7:21:36:14:b3:39:b8:97:26:e9:38:15:40:15:ed:a8:09:
8f:2a:8b:b7:ce:ed:07:76:fa:ff:46:a2:2e:28:4e:07:f3:80:
83:a7:d9:f8
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOs7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDI1NTA0WhcNMjcxMjEwMDI1NTA0WjAYMRYw
FAYDVQQDEw02NzZjYzU4Yi0zYjZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA46TseUdCPp8s3WDuGcBRVHBEU4FdNtfqcvrU+VlUWsKXmf3lfW73ZCni
vu+qffvLn2sAKgpYxNZ6s9ng6sNP9V+/do7b0KBB2+oB3yWe0/gGnmJZn9PI0hh8
WNioP/AQq/F/mO+QtP70cAUWHPrE6wEkkt3jtqmCoCs+N+9IAsPRZePlcaacs7Ug
+spDYxqkfGeFNzqls5nWxy/2gqcW9sAbqSXKJiIoAM3JxhjdwIJAmLJf6WFZqb6b
k/M2P4t3EDajldp6jpKXq8cQtZuPZRYH5jDEQDd18N694WhuUHabSF8N3DFlzhI6
T6Sf5giOa4+qpGNBhy5KJJ0AriDGJwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCQ2
ENstb4f3y/NCZSdYpx+9qsOyMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EMDc4NjYzMEMzMzQxMUVGOEFCMTk1NkM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPSZMA0GCSqGSIb3DQEBCwUA
A4IBAQAilFBefz7K4JplwOcUSbtFuzwuZMVeXG0n13o5m26/xH+j2pq+Wdqgxkyn
BagzasmAfKpAar6endB7d8LVDIezyxHFXEKB1A//8c3VNijhdkHNbq82eJU0XqFk
vavnTbQ18c6sQE0xzDQ6+gQTWq+VCLq8uv92JLeIooiWoX78Gho+ncwsBSx2jzHQ
nAbsxhzVU5viXjMXO6wn1m9jLQQiikdIzpsM27VDeoVFthpIlf3eXPqpzUe2fg3U
xXFGhXRih5OPzUjRK79+mH8AE2wnOusmLI4OzQq69yE2FLM5uJcm6TgVQBXtqAmP
Kou3zu0Hdvr/RqIuKE4H84CDp9n4
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:40:17 2025 by rpki-client