Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E941BAD4BB7A11EF800D4CA7762E951A.roa
File: E941BAD4BB7A11EF800D4CA7762E951A.roa (raw, json)
Hash identifier: mGgXg3quAotVGmNB11y4h6KvcqxeGGYaLkrRpIyCWJQ=
Subject key identifier: 9A:1A:C1:55:6D:3E:84:95:A7:D6:F1:F1:80:FD:8E:AD:19:69:D9:35
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E41C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E941BAD4BB7A11EF800D4CA7762E951A.roa
Signing time: Mon 16 Dec 2024 06:56:45 +0000
ROA not before: Mon 16 Dec 2024 06:56:41 +0000
ROA not after: Tue 04 Mar 2025 06:56:41 +0000
asID: 138152
IP address blocks: 156.232.10.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58396 (0xe41c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 16 06:56:41 2024 GMT
Not After : Mar 4 06:56:41 2025 GMT
Subject: CN=675fcf2c-7067
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:56:5d:06:f2:30:c4:78:d3:fe:02:74:eb:50:
ff:21:5a:d3:5f:85:f5:b4:e6:22:cb:47:31:99:e4:
0d:5b:ef:9e:62:f6:fd:9e:bc:bc:5f:31:c3:d9:ec:
54:8b:45:1a:85:68:7d:4d:70:7d:51:fd:f3:a8:cd:
f9:81:01:19:61:15:2d:92:99:eb:fb:9d:3d:18:41:
48:1a:b0:b0:82:43:79:e0:ef:18:7a:06:90:1e:b6:
fc:28:86:b4:80:50:2f:3a:3d:4a:e9:1a:5a:fa:18:
2d:86:c9:2f:cd:70:cb:f3:b6:a5:35:6c:44:07:af:
07:3e:d6:6f:ad:77:94:06:c0:f3:96:50:0a:66:2c:
e2:28:60:3e:28:0b:a4:f7:25:91:ce:ec:56:fa:80:
a5:3b:a2:95:87:0e:90:ed:35:49:38:23:85:66:fe:
1a:79:01:5e:bc:57:00:4c:9c:bf:cd:fc:fb:f2:bd:
0c:95:cf:13:14:20:b6:78:1c:63:32:ce:b1:47:72:
bc:80:ee:e5:ed:e4:52:ad:47:79:62:56:53:6c:45:
f8:e9:78:11:0f:d5:2a:b2:9a:05:3b:6f:5e:bd:09:
e1:49:de:32:18:9d:90:c5:a7:2e:bd:2f:23:3f:75:
ba:b8:d2:8d:9d:7c:c3:58:ff:57:0d:73:a2:80:d1:
73:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:1A:C1:55:6D:3E:84:95:A7:D6:F1:F1:80:FD:8E:AD:19:69:D9:35
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E941BAD4BB7A11EF800D4CA7762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.232.10.0/23
Signature Algorithm: sha256WithRSAEncryption
2a:58:6e:40:4a:c0:05:27:f6:59:a6:b1:eb:75:5b:b2:4e:13:
1d:75:5a:42:fa:46:ed:af:37:2c:c2:69:53:d8:cf:ea:cc:4e:
46:19:2a:39:60:7d:c7:b0:51:cf:81:75:d6:01:03:20:87:08:
dd:73:ee:2a:c7:a7:ad:16:3b:63:fc:d7:4f:67:db:14:81:3b:
42:b9:c9:04:23:99:fc:7e:21:e5:01:43:a8:61:5e:c1:fa:2f:
da:58:62:a8:91:68:e7:e6:de:47:b8:a0:66:23:37:41:9a:98:
34:6e:5d:4f:f2:62:73:f8:44:96:f8:35:d7:fa:ce:09:13:3f:
e4:47:cb:6e:fd:46:c5:dc:bc:49:55:93:e4:82:8c:e8:cd:99:
74:7e:d6:80:f6:62:e5:c9:01:b5:a2:64:32:44:17:86:f1:9a:
2f:0e:f3:56:10:a4:c0:10:f3:53:4f:85:f9:f5:32:7e:f6:4b:
29:14:2e:62:f8:45:b1:a2:a2:d1:f1:01:06:4c:ba:a1:05:20:
c8:c8:44:77:da:99:e4:a9:39:bf:a4:b4:e8:75:f5:ed:30:4c:
86:0a:5e:34:38:2f:6f:fa:2c:5a:af:c0:1b:1e:c0:4b:28:cd:
ff:25:7f:cd:e1:36:56:7a:3e:ca:1e:96:5c:b0:67:5d:18:78:
12:70:40:2b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOQcMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjE2MDY1NjQxWhcNMjUwMzA0MDY1NjQxWjAYMRYw
FAYDVQQDEw02NzVmY2YyYy03MDY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxlZdBvIwxHjT/gJ061D/IVrTX4X1tOYiy0cxmeQNW++eYvb9nry8XzHD
2exUi0UahWh9TXB9Uf3zqM35gQEZYRUtkpnr+509GEFIGrCwgkN54O8YegaQHrb8
KIa0gFAvOj1K6Rpa+hgthskvzXDL87alNWxEB68HPtZvrXeUBsDzllAKZiziKGA+
KAuk9yWRzuxW+oClO6KVhw6Q7TVJOCOFZv4aeQFevFcATJy/zfz78r0Mlc8TFCC2
eBxjMs6xR3K8gO7l7eRSrUd5YlZTbEX46XgRD9UqspoFO29evQnhSd4yGJ2Qxacu
vS8jP3W6uNKNnXzDWP9XDXOigNFztwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJoa
wVVtPoSVp9bx8YD9jq0Zadk1MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FOTQxQkFENEJCN0ExMUVGODAwRDRDQTc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnOgKMA0GCSqGSIb3DQEBCwUA
A4IBAQAqWG5ASsAFJ/ZZprHrdVuyThMddVpC+kbtrzcswmlT2M/qzE5GGSo5YH3H
sFHPgXXWAQMghwjdc+4qx6etFjtj/NdPZ9sUgTtCuckEI5n8fiHlAUOoYV7B+i/a
WGKokWjn5t5HuKBmIzdBmpg0bl1P8mJz+ESW+DXX+s4JEz/kR8tu/UbF3LxJVZPk
gozozZl0ftaA9mLlyQG1omQyRBeG8ZovDvNWEKTAEPNTT4X59TJ+9kspFC5i+EWx
oqLR8QEGTLqhBSDIyER32pnkqTm/pLTodfXtMEyGCl40OC9v+ixar8AbHsBLKM3/
JX/N4TZWej7KHpZcsGddGHgScEAr
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:42:46 2025 by rpki-client