Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DA0D3D38C99711EF9354F68F762E951A.roa
File: DA0D3D38C99711EF9354F68F762E951A.roa (raw, json)
Hash identifier: wJL2AnxuU6+RcYkGAQbtdCkueU0ggj65+Wrd91HgO7U=
Subject key identifier: F1:0B:9B:14:AD:45:03:F1:E4:6E:22:29:2F:73:97:2C:36:8F:D4:30
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F623
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DA0D3D38C99711EF9354F68F762E951A.roa
Signing time: Fri 03 Jan 2025 05:59:11 +0000
ROA not before: Fri 03 Jan 2025 05:59:07 +0000
ROA not after: Mon 13 Dec 2027 05:59:07 +0000
asID: 17561
IP address blocks: 156.233.150.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63011 (0xf623)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 05:59:07 2025 GMT
Not After : Dec 13 05:59:07 2027 GMT
Subject: CN=67777caf-a89e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:24:8b:d9:68:19:8c:52:d4:48:09:1c:8b:17:
7e:d5:9b:4c:81:c4:ec:76:1c:82:4f:f6:b3:4d:98:
38:d4:7a:a6:4c:46:e2:8c:7a:82:46:12:d2:05:f5:
7b:18:08:27:ed:89:f6:7c:33:1f:e6:99:ab:6b:5b:
6b:9f:57:b6:32:54:e2:ed:e2:21:e0:d0:9d:90:5f:
d1:b9:dc:9d:46:ec:91:7b:0e:5c:13:a9:da:fb:ba:
50:f7:85:48:63:cc:19:e2:69:a8:f4:08:e0:03:19:
86:21:05:1f:e9:47:d3:f4:a2:e9:18:a6:82:53:16:
d2:84:4c:ff:68:ca:92:0a:db:d9:5b:02:43:ce:0c:
c5:9e:3c:b6:c2:79:bd:f1:9e:73:b1:b2:17:4e:af:
f3:8b:f0:ed:de:1d:db:90:47:41:42:bd:e8:35:28:
a9:ad:47:96:35:bb:f2:f0:50:db:02:36:57:f9:52:
6e:07:9c:b1:df:f4:96:4d:98:2f:10:8f:4a:4c:a5:
d3:52:13:d1:01:fb:8a:1a:e4:4d:21:5f:8e:ce:8f:
e3:6a:8a:88:11:ab:3f:6c:d4:27:c4:db:5f:b9:bb:
9f:c7:df:14:d5:89:2b:ff:9f:1f:93:f4:8a:54:35:
54:1e:34:0a:f1:29:f1:86:a9:5c:53:3e:f6:70:76:
fc:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:0B:9B:14:AD:45:03:F1:E4:6E:22:29:2F:73:97:2C:36:8F:D4:30
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DA0D3D38C99711EF9354F68F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.150.0/24
Signature Algorithm: sha256WithRSAEncryption
18:4e:99:19:69:04:99:1e:2b:1f:41:f9:52:e1:e7:04:5f:0c:
1b:c6:f0:35:c9:d7:40:2a:0f:09:0a:ee:40:07:3e:15:c9:80:
97:e0:1f:10:8a:6e:0d:c4:bc:54:84:03:28:f7:d4:2e:bd:44:
99:50:97:0d:f0:c1:d5:54:22:6a:96:1b:52:3e:11:b6:21:1c:
f4:71:cd:db:75:66:3a:69:d6:5c:d1:10:5a:c2:9c:48:6c:1a:
78:0b:8d:44:0b:76:30:e4:7d:a6:06:27:b2:9d:ab:c3:49:d1:
f6:8f:02:0b:b1:b0:4c:fa:f7:72:0a:0d:a8:c3:8b:1d:e8:77:
3f:5b:26:df:1c:69:a6:07:9f:ac:ba:04:84:6f:83:fa:94:ae:
68:09:25:98:f7:a4:03:34:45:b5:b2:3c:c8:c5:21:9b:33:42:
43:c6:16:33:94:b1:fd:27:a0:c6:83:e7:27:50:a1:2c:13:10:
c6:02:ae:3d:c7:96:45:a7:2b:67:f3:23:ad:52:b2:a0:95:9a:
a5:99:44:a8:84:05:8c:81:6f:d5:0d:4f:ec:21:cf:04:41:b7:
e4:9a:a3:9c:b2:a7:00:27:9e:cd:a5:1b:d6:2c:ad:dd:b5:54:
bf:4d:4d:93:1a:cc:c6:11:c6:1b:aa:ca:7d:ca:22:9f:e2:d1:
21:62:e6:c9
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPYjMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDU1OTA3WhcNMjcxMjEzMDU1OTA3WjAYMRYw
FAYDVQQDEw02Nzc3N2NhZi1hODllMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvSSL2WgZjFLUSAkcixd+1ZtMgcTsdhyCT/azTZg41HqmTEbijHqCRhLS
BfV7GAgn7Yn2fDMf5pmra1trn1e2MlTi7eIh4NCdkF/RudydRuyRew5cE6na+7pQ
94VIY8wZ4mmo9AjgAxmGIQUf6UfT9KLpGKaCUxbShEz/aMqSCtvZWwJDzgzFnjy2
wnm98Z5zsbIXTq/zi/Dt3h3bkEdBQr3oNSiprUeWNbvy8FDbAjZX+VJuB5yx3/SW
TZgvEI9KTKXTUhPRAfuKGuRNIV+Ozo/jaoqIEas/bNQnxNtfubufx98U1Ykr/58f
k/SKVDVUHjQK8SnxhqlcUz72cHb8awIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPEL
mxStRQPx5G4iKS9zlyw2j9QwMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EQTBEM0QzOEM5OTcxMUVGOTM1NEY2OEY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOmWMA0GCSqGSIb3DQEBCwUA
A4IBAQAYTpkZaQSZHisfQflS4ecEXwwbxvA1yddAKg8JCu5ABz4VyYCX4B8Qim4N
xLxUhAMo99QuvUSZUJcN8MHVVCJqlhtSPhG2IRz0cc3bdWY6adZc0RBawpxIbBp4
C41EC3Yw5H2mBieynavDSdH2jwILsbBM+vdyCg2ow4sd6Hc/WybfHGmmB5+sugSE
b4P6lK5oCSWY96QDNEW1sjzIxSGbM0JDxhYzlLH9J6DGg+cnUKEsExDGAq49x5ZF
pytn8yOtUrKglZqlmUSohAWMgW/VDU/sIc8EQbfkmqOcsqcAJ57NpRvWLK3dtVS/
TU2TGszGEcYbqsp9yiKf4tEhYubJ
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:52:13 2025 by rpki-client