Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E59574DCCCCF11EF9590107A762E951A.roa
File: E59574DCCCCF11EF9590107A762E951A.roa (raw, json)
Hash identifier: A8g8lvm3ddgJ3NqI+7AFWeQRT3ojvHdRITLea9e9HT4=
Subject key identifier: 4E:21:BF:CC:24:F7:35:3D:73:14:BA:0C:61:02:0B:64:97:12:27:F0
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FAB7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E59574DCCCCF11EF9590107A762E951A.roa
Signing time: Tue 07 Jan 2025 08:17:55 +0000
ROA not before: Tue 07 Jan 2025 08:17:52 +0000
ROA not after: Fri 18 Apr 2025 08:17:52 +0000
asID: 132839
IP address blocks: 156.242.192.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64183 (0xfab7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 08:17:52 2025 GMT
Not After : Apr 18 08:17:52 2025 GMT
Subject: CN=677ce333-d979
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:6f:36:65:15:f4:8c:05:75:78:26:a5:e4:b5:
ad:6d:6b:11:59:40:6a:80:81:bd:db:07:8b:f9:66:
36:ce:37:a2:da:18:6b:ae:00:ab:71:95:23:5f:ab:
8c:a2:6f:79:c0:c1:c0:22:eb:da:f6:04:48:56:f6:
62:ea:e3:8a:32:27:5b:8e:b8:39:c5:92:39:59:87:
64:09:6b:c7:52:b4:c6:b7:7d:82:97:c6:01:95:42:
ac:30:15:4d:83:43:eb:8b:b6:46:62:ac:82:db:ba:
e3:cb:ba:20:89:76:0f:b9:36:67:3c:d2:bd:02:45:
91:5d:c7:29:17:fe:f5:f9:40:c2:73:be:53:40:b1:
f5:b5:84:95:a3:e6:e5:4a:28:79:e7:31:02:39:0d:
dc:4b:2c:74:ef:0d:10:2e:21:d9:9b:e1:7f:90:3d:
47:0b:94:bb:3c:28:7a:df:1d:70:e4:eb:f3:96:e3:
4a:a7:b8:3d:eb:17:e8:d4:d4:c3:f1:7a:87:dc:c3:
0d:1a:1a:6c:e3:db:53:d4:ff:91:7a:9b:4a:17:8a:
f2:30:72:76:58:fa:d1:e4:f5:6d:6f:9c:94:6d:5c:
e9:32:ea:da:12:50:5f:64:37:36:82:4a:b5:77:2d:
9e:e5:41:b6:6e:48:79:9a:5c:16:a9:89:89:04:eb:
eb:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:21:BF:CC:24:F7:35:3D:73:14:BA:0C:61:02:0B:64:97:12:27:F0
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E59574DCCCCF11EF9590107A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.242.192.0/19
Signature Algorithm: sha256WithRSAEncryption
12:b0:21:a7:3b:7e:69:e1:ba:05:28:e9:54:6d:d7:ae:aa:50:
46:45:16:f2:70:54:cd:04:fe:3f:3f:53:74:18:8e:42:31:71:
27:f4:a8:4f:0b:cc:0c:7f:05:82:bf:ed:e4:bd:fc:0d:8a:e9:
fe:06:bc:4d:e0:70:35:21:c4:e8:46:75:55:91:d0:b1:15:2d:
4e:0f:40:18:1d:88:ad:36:14:9e:25:ec:41:33:1e:f8:46:ed:
9f:3f:a2:f2:f9:dd:3b:82:5e:e9:f6:21:e5:10:b3:1c:df:28:
bb:43:23:10:1e:a4:e3:93:b3:25:7e:b5:08:d4:80:27:c3:4f:
c8:c7:30:5a:18:3a:97:a1:47:a8:49:88:83:0a:1b:63:a3:33:
c7:db:29:f8:cb:c9:34:65:59:e7:4b:62:ac:63:8e:44:59:2f:
2d:e7:7d:30:a8:55:66:4f:31:70:ea:95:bb:ab:dd:e5:c3:5b:
ef:97:df:42:58:32:2c:bf:3e:2e:30:e9:9a:1c:19:61:00:0c:
a8:e8:1b:7e:0c:52:a9:e1:33:9b:05:e9:7b:41:46:59:02:11:
8e:32:0d:86:d8:15:f8:d3:f3:da:54:bb:b0:d5:57:d8:b5:b1:
9a:9c:c5:16:f8:05:f8:22:e2:fb:39:57:2a:6b:85:78:c6:a4:
5c:18:c8:8f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPq3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDgxNzUyWhcNMjUwNDE4MDgxNzUyWjAYMRYw
FAYDVQQDEw02NzdjZTMzMy1kOTc5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqW82ZRX0jAV1eCal5LWtbWsRWUBqgIG92weL+WY2zjei2hhrrgCrcZUj
X6uMom95wMHAIuva9gRIVvZi6uOKMidbjrg5xZI5WYdkCWvHUrTGt32Cl8YBlUKs
MBVNg0Pri7ZGYqyC27rjy7ogiXYPuTZnPNK9AkWRXccpF/71+UDCc75TQLH1tYSV
o+blSih55zECOQ3cSyx07w0QLiHZm+F/kD1HC5S7PCh63x1w5OvzluNKp7g96xfo
1NTD8XqH3MMNGhps49tT1P+ReptKF4ryMHJ2WPrR5PVtb5yUbVzpMuraElBfZDc2
gkq1dy2e5UG2bkh5mlwWqYmJBOvr9QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFE4h
v8wk9zU9cxS6DGECC2SXEifwMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FNTk1NzREQ0NDQ0YxMUVGOTU5MDEwN0E3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFnPLAMA0GCSqGSIb3DQEBCwUA
A4IBAQASsCGnO35p4boFKOlUbdeuqlBGRRbycFTNBP4/P1N0GI5CMXEn9KhPC8wM
fwWCv+3kvfwNiun+BrxN4HA1IcToRnVVkdCxFS1OD0AYHYitNhSeJexBMx74Ru2f
P6Ly+d07gl7p9iHlELMc3yi7QyMQHqTjk7MlfrUI1IAnw0/IxzBaGDqXoUeoSYiD
ChtjozPH2yn4y8k0ZVnnS2KsY45EWS8t530wqFVmTzFw6pW7q93lw1vvl99CWDIs
vz4uMOmaHBlhAAyo6Bt+DFKp4TObBel7QUZZAhGOMg2G2BX40/PaVLuw1VfYtbGa
nMUW+AX4IuL7OVcqa4V4xqRcGMiP
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:49:24 2025 by rpki-client