Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D931D554CCC611EFB567DF40762E951A.roa
File: D931D554CCC611EFB567DF40762E951A.roa (raw, json)
Hash identifier: L+YIG1UadczzOkyq0eNuaF7XKgISvIihiDXWE2Ykrhs=
Subject key identifier: 6C:C7:DD:5B:2A:6A:7A:F4:6E:AC:BA:38:67:F1:E0:77:D3:E2:68:56
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FA5C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D931D554CCC611EFB567DF40762E951A.roa
Signing time: Tue 07 Jan 2025 07:13:09 +0000
ROA not before: Tue 07 Jan 2025 07:13:06 +0000
ROA not after: Thu 13 Feb 2025 07:13:06 +0000
asID: 150519
IP address blocks: 156.240.100.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64092 (0xfa5c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 07:13:06 2025 GMT
Not After : Feb 13 07:13:06 2025 GMT
Subject: CN=677cd405-cb9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:92:fa:eb:c5:73:d1:7e:b4:1d:5a:05:17:2e:
8f:4d:74:4d:0e:a0:ff:c8:ce:89:8b:26:a8:e2:9f:
db:7f:b4:f3:00:3e:bf:83:10:81:ff:5f:e4:d4:64:
fd:50:63:91:f3:d1:af:2f:bb:a0:65:89:5a:c0:f1:
fd:5f:c8:09:7b:23:27:e5:c1:e6:4c:b5:7c:58:20:
d2:41:2b:b3:09:77:bc:a4:b0:20:8c:ab:69:0a:bb:
80:6b:c5:f0:ed:22:4f:ad:dd:4c:90:44:2a:ba:31:
54:18:2d:63:5c:6f:7e:38:ad:76:73:3f:9c:d8:05:
0b:ca:bd:31:52:e3:26:af:98:5d:0a:32:89:39:5b:
14:9e:4a:61:bd:3a:81:84:95:78:f2:46:75:0b:04:
24:9d:1b:63:52:65:aa:4d:a7:0d:20:79:69:61:3a:
f9:ea:90:58:2a:8b:f9:bc:96:22:28:61:1e:77:02:
e1:95:f1:22:1d:53:14:2c:ff:2a:f0:35:b4:43:5d:
47:08:15:c5:e5:5a:a1:ec:0a:90:66:b8:7e:bd:78:
48:2c:ea:96:ed:7e:4d:39:9f:90:87:61:c1:7d:6e:
0d:3b:b9:91:71:11:c3:c7:88:ed:b1:d1:ad:fa:09:
9b:bb:40:76:eb:b7:14:27:98:98:c6:0f:ed:2c:9b:
82:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:C7:DD:5B:2A:6A:7A:F4:6E:AC:BA:38:67:F1:E0:77:D3:E2:68:56
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D931D554CCC611EFB567DF40762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.240.100.0/24
Signature Algorithm: sha256WithRSAEncryption
18:5a:b5:3f:aa:88:89:b4:0a:da:66:74:ed:1d:7b:61:c1:7b:
9b:0f:86:8a:d4:dd:6e:b2:97:29:e7:b9:e2:34:ce:e2:a8:71:
e1:b9:75:28:58:10:e3:78:f1:70:ec:4b:5d:70:3b:55:8f:0f:
a3:0d:b2:97:94:83:bb:96:22:2b:a3:33:68:06:af:e7:c8:de:
01:0e:c4:21:2e:4c:04:00:4b:2c:e2:68:de:ff:3d:9f:9b:0e:
db:9f:6a:06:1a:10:4d:19:59:9f:ca:e0:5e:ca:c4:a6:4a:bc:
c9:e3:19:a7:a0:4d:a5:7b:6e:2c:5d:b3:87:f0:66:31:d1:42:
e9:90:6c:2b:22:74:93:25:da:be:1f:1d:fc:69:e5:e5:3c:d8:
35:b0:c5:ef:51:12:b7:3a:b7:9e:48:da:3c:08:3a:a3:61:76:
3a:20:47:8d:e3:c1:34:be:f2:a8:10:42:64:e5:fb:6f:f6:3c:
8d:91:0b:29:1c:49:11:23:86:79:25:c1:fd:2f:af:59:15:6b:
32:b3:7a:a3:4a:db:4d:09:ff:ec:5f:8e:fd:8c:bd:fb:86:fd:
0d:7e:10:b3:8a:44:9d:94:96:e4:3f:91:82:7a:b5:f3:ce:39:
46:30:03:c3:2c:ce:3b:ea:bb:f4:3b:20:46:9f:c3:90:8d:04:
82:8d:fd:19
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPpcMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDcxMzA2WhcNMjUwMjEzMDcxMzA2WjAYMRYw
FAYDVQQDEw02NzdjZDQwNS1jYjlhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyZL668Vz0X60HVoFFy6PTXRNDqD/yM6Jiyao4p/bf7TzAD6/gxCB/1/k
1GT9UGOR89GvL7ugZYlawPH9X8gJeyMn5cHmTLV8WCDSQSuzCXe8pLAgjKtpCruA
a8Xw7SJPrd1MkEQqujFUGC1jXG9+OK12cz+c2AULyr0xUuMmr5hdCjKJOVsUnkph
vTqBhJV48kZ1CwQknRtjUmWqTacNIHlpYTr56pBYKov5vJYiKGEedwLhlfEiHVMU
LP8q8DW0Q11HCBXF5Vqh7AqQZrh+vXhILOqW7X5NOZ+Qh2HBfW4NO7mRcRHDx4jt
sdGt+gmbu0B267cUJ5iYxg/tLJuCtQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGzH
3Vsqanr0bqy6OGfx4HfT4mhWMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EOTMxRDU1NENDQzYxMUVGQjU2N0RGNDA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPBkMA0GCSqGSIb3DQEBCwUA
A4IBAQAYWrU/qoiJtAraZnTtHXthwXubD4aK1N1uspcp57niNM7iqHHhuXUoWBDj
ePFw7EtdcDtVjw+jDbKXlIO7liIrozNoBq/nyN4BDsQhLkwEAEss4mje/z2fmw7b
n2oGGhBNGVmfyuBeysSmSrzJ4xmnoE2le24sXbOH8GYx0ULpkGwrInSTJdq+Hx38
aeXlPNg1sMXvURK3OreeSNo8CDqjYXY6IEeN48E0vvKoEEJk5ftv9jyNkQspHEkR
I4Z5JcH9L69ZFWsys3qjSttNCf/sX479jL37hv0NfhCzikSdlJbkP5GCerXzzjlG
MAPDLM476rv0OyBGn8OQjQSCjf0Z
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:44:26 2025 by rpki-client