Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D9626958CDC511EF918BD99D762E951A.roa
File: D9626958CDC511EF918BD99D762E951A.roa (raw, json)
Hash identifier: 20ZGftTqnwqXqvNonxDcMpMj4tZXV1MVUe4bQOzfFOw=
Subject key identifier: 6F:BC:B1:F0:F7:41:CF:AD:06:34:64:4C:6A:71:65:55:1D:50:52:41
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010199
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D9626958CDC511EF918BD99D762E951A.roa
Signing time: Wed 08 Jan 2025 13:38:31 +0000
ROA not before: Wed 08 Jan 2025 13:38:27 +0000
ROA not after: Thu 16 Dec 2027 13:38:27 +0000
asID: 17561
IP address blocks: 156.249.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65945 (0x10199)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 13:38:27 2025 GMT
Not After : Dec 16 13:38:27 2027 GMT
Subject: CN=677e7fd7-107c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:87:f9:2b:96:37:08:db:8b:c4:fe:ca:d4:e4:
70:0c:01:57:79:a4:12:f4:fc:42:ff:69:1a:19:07:
47:eb:d5:df:ef:a6:a5:b6:ec:95:1f:2f:0e:cd:95:
d1:3e:ca:a6:29:bc:fb:1c:b7:a9:3f:26:6c:43:86:
c0:62:6f:45:e1:57:e6:f8:32:6f:cb:52:3d:d6:5a:
17:a4:96:bc:84:3c:fa:a5:00:62:56:6c:3e:65:ff:
b2:dc:5e:0d:ec:fc:35:19:47:8b:4d:f9:5f:67:af:
db:e6:fd:fb:ec:43:65:ea:f5:ff:ea:36:52:15:1d:
e9:58:e6:ce:60:0a:9c:e6:a5:83:1c:4b:06:38:5f:
5d:ac:a4:2d:9a:98:94:e9:78:dc:ae:7a:9b:24:35:
7d:b6:e3:0f:52:6e:74:c4:34:09:69:92:00:00:1f:
ac:27:c2:37:45:21:fe:e0:80:3e:ef:47:81:1b:0d:
cf:93:84:13:c4:c9:bb:7a:f6:16:d9:38:2d:bd:6a:
13:11:de:f0:a0:ac:99:88:be:da:38:89:58:2c:25:
b1:c5:26:c8:63:96:09:ee:5e:3c:f5:4e:0e:29:ff:
eb:89:4d:fb:8b:d1:f5:7d:be:c7:6b:7a:e7:d2:c4:
87:d9:50:36:4a:cc:cb:c4:29:64:56:04:95:e3:0a:
a9:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:BC:B1:F0:F7:41:CF:AD:06:34:64:4C:6A:71:65:55:1D:50:52:41
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D9626958CDC511EF918BD99D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.249.0.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:61:a8:e9:5b:41:29:f7:07:ff:a3:21:b1:5d:a5:f5:f4:18:
17:82:65:18:0f:f3:cd:53:e5:be:46:ef:53:60:3a:9d:b2:07:
9d:78:da:1d:a2:5a:89:54:bd:64:ec:ac:c8:3f:fb:fd:1d:a0:
fd:f9:2e:8d:53:4c:1e:dc:de:7f:c0:78:6f:32:85:63:51:ea:
1a:8d:21:ba:65:4a:76:8f:41:45:f9:df:90:6f:bd:c3:7c:c6:
00:3f:ef:58:15:5a:d5:51:40:bb:3a:6e:af:94:39:73:92:f6:
8c:e7:58:a5:b5:4d:85:e1:df:10:9f:35:6e:58:cd:8e:56:d7:
40:26:2c:1f:f5:df:37:d5:36:db:15:c6:09:f3:72:e5:20:f9:
be:f7:c2:7f:82:d1:26:69:0f:c7:4f:46:26:37:43:c6:00:c7:
c6:29:03:f5:a4:ba:98:cd:95:00:42:97:4e:25:58:ac:57:99:
f3:2f:49:d1:ac:81:1a:a5:8d:06:a4:37:a6:21:69:4f:d8:06:
c4:99:7f:b4:7c:fa:d5:5f:a3:38:97:28:1c:ec:8b:ba:57:61:
36:95:ff:3b:85:b6:d3:c1:64:45:a1:96:c9:6a:9a:ee:7c:8e:
da:e3:d7:59:a4:e3:93:89:5d:e5:dd:32:41:06:1d:70:00:eb:
bb:4c:f6:19
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQGZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MTMzODI3WhcNMjcxMjE2MTMzODI3WjAYMRYw
FAYDVQQDEw02NzdlN2ZkNy0xMDdjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApof5K5Y3CNuLxP7K1ORwDAFXeaQS9PxC/2kaGQdH69Xf76altuyVHy8O
zZXRPsqmKbz7HLepPyZsQ4bAYm9F4Vfm+DJvy1I91loXpJa8hDz6pQBiVmw+Zf+y
3F4N7Pw1GUeLTflfZ6/b5v377ENl6vX/6jZSFR3pWObOYAqc5qWDHEsGOF9drKQt
mpiU6XjcrnqbJDV9tuMPUm50xDQJaZIAAB+sJ8I3RSH+4IA+70eBGw3Pk4QTxMm7
evYW2TgtvWoTEd7woKyZiL7aOIlYLCWxxSbIY5YJ7l489U4OKf/riU37i9H1fb7H
a3rn0sSH2VA2SszLxClkVgSV4wqpFQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFG+8
sfD3Qc+tBjRkTGpxZVUdUFJBMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EOTYyNjk1OENEQzUxMUVGOTE4QkQ5OUQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPkAMA0GCSqGSIb3DQEBCwUA
A4IBAQAKYajpW0Ep9wf/oyGxXaX19BgXgmUYD/PNU+W+Ru9TYDqdsgedeNodolqJ
VL1k7KzIP/v9HaD9+S6NU0we3N5/wHhvMoVjUeoajSG6ZUp2j0FF+d+Qb73DfMYA
P+9YFVrVUUC7Om6vlDlzkvaM51iltU2F4d8QnzVuWM2OVtdAJiwf9d831TbbFcYJ
83LlIPm+98J/gtEmaQ/HT0YmN0PGAMfGKQP1pLqYzZUAQpdOJVisV5nzL0nRrIEa
pY0GpDemIWlP2AbEmX+0fPrVX6M4lygc7Iu6V2E2lf87hbbTwWRFoZbJaprufI7a
49dZpOOTiV3l3TJBBh1wAOu7TPYZ
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:01:20 2025 by rpki-client