Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E96413FAC33A11EFA1917A92762E951A.roa
File: E96413FAC33A11EFA1917A92762E951A.roa (raw, json)
Hash identifier: 6l2ucTRKivur+rkd7JP1ropsUGD9mPwFpLv0kGjlYSk=
Subject key identifier: 49:E0:3D:C0:60:7A:4E:F1:10:30:88:86:08:B2:DE:1B:58:2C:31:52
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EB83
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E96413FAC33A11EFA1917A92762E951A.roa
Signing time: Thu 26 Dec 2024 03:38:46 +0000
ROA not before: Thu 26 Dec 2024 03:38:43 +0000
ROA not after: Wed 10 Dec 2025 03:38:43 +0000
asID: 984
IP address blocks: 156.244.189.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60291 (0xeb83)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 03:38:43 2024 GMT
Not After : Dec 10 03:38:43 2025 GMT
Subject: CN=676ccfc6-08fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:61:44:4d:b8:ca:9a:b3:0c:e9:36:3d:fc:29:
9a:9e:a6:92:53:5c:2d:df:6e:43:82:72:5d:2a:fd:
35:b1:81:c6:d1:8e:4a:8a:93:95:64:2a:53:3a:54:
b5:64:d4:fb:6a:b9:f7:fa:d7:d9:6e:ec:3b:21:f1:
1c:49:64:e7:9c:fc:01:7a:0f:01:e9:72:64:ba:e5:
29:13:89:5f:10:2b:a7:37:51:88:ed:b0:d8:5a:8d:
26:e4:3f:e0:84:75:40:68:6b:63:4a:6e:3f:7d:14:
56:da:6f:41:7d:c4:a3:48:e4:85:eb:b9:08:5f:95:
6f:c6:a6:37:24:c9:34:41:c0:9a:2d:5f:86:57:95:
12:f2:87:95:04:87:da:cc:d4:1a:59:16:84:62:19:
86:ba:0b:15:f4:16:40:37:80:9c:47:51:c4:4f:94:
82:b4:16:0c:87:8f:bc:e6:9d:e4:af:32:c7:77:2d:
d6:17:82:68:9b:13:97:f6:b8:70:26:72:bf:c0:91:
aa:c0:5a:3c:85:2f:35:18:a5:60:89:c5:79:4c:1f:
63:59:37:38:44:56:d5:b4:af:91:dc:51:d9:32:fe:
8b:1c:26:8d:a0:40:50:5a:e0:63:72:51:eb:d8:f3:
87:ce:18:89:5c:9b:52:42:e4:f5:e2:01:7d:f6:dc:
f3:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:E0:3D:C0:60:7A:4E:F1:10:30:88:86:08:B2:DE:1B:58:2C:31:52
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E96413FAC33A11EFA1917A92762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.244.189.0/24
Signature Algorithm: sha256WithRSAEncryption
75:72:3c:65:04:81:97:91:36:6e:94:7b:ad:1e:17:b8:68:a3:
34:68:ef:bf:58:f3:00:75:eb:c9:a4:a8:ed:d3:a4:7c:fe:53:
cf:52:41:7e:b2:92:7b:63:d2:a1:69:13:8a:3f:7c:e2:f4:66:
df:77:02:bd:2b:e3:d1:3b:de:b4:44:c3:fc:28:2c:8b:72:5c:
2b:ab:e7:cf:c8:ef:ac:cc:e0:94:43:6c:4b:b0:93:17:6c:84:
26:cc:de:eb:0a:e0:45:2b:0f:4a:e4:4a:1a:73:aa:b5:d0:be:
04:9f:81:88:74:37:b7:de:f2:fe:b2:8c:7e:38:77:a8:70:d2:
a0:ce:04:bb:be:91:2a:ea:a6:78:ef:4d:8a:7a:52:68:13:de:
7f:85:e7:bd:77:ef:32:e2:57:e6:b4:16:7a:be:cf:45:88:be:
ad:92:dd:f0:b1:4e:67:44:26:ee:3a:1b:07:15:43:16:c5:4a:
98:ec:93:dc:df:ef:c5:22:9a:98:2b:10:a4:6a:60:7e:95:72:
72:16:d7:b3:84:86:97:ea:e2:06:0a:48:ea:56:f4:e9:61:81:
29:2b:14:3d:0f:ad:80:0c:2f:cd:eb:29:ae:87:b2:cb:f2:69:
2b:66:59:a2:a8:bb:5e:e0:38:e3:18:7a:ea:12:92:9f:cc:b6:
d0:85:9e:f4
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOuDMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDMzODQzWhcNMjUxMjEwMDMzODQzWjAYMRYw
FAYDVQQDEw02NzZjY2ZjNi0wOGZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6GFETbjKmrMM6TY9/CmanqaSU1wt325DgnJdKv01sYHG0Y5KipOVZCpT
OlS1ZNT7arn3+tfZbuw7IfEcSWTnnPwBeg8B6XJkuuUpE4lfECunN1GI7bDYWo0m
5D/ghHVAaGtjSm4/fRRW2m9BfcSjSOSF67kIX5VvxqY3JMk0QcCaLV+GV5US8oeV
BIfazNQaWRaEYhmGugsV9BZAN4CcR1HET5SCtBYMh4+85p3krzLHdy3WF4JomxOX
9rhwJnK/wJGqwFo8hS81GKVgicV5TB9jWTc4RFbVtK+R3FHZMv6LHCaNoEBQWuBj
clHr2POHzhiJXJtSQuT14gF99tzzWQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEng
PcBgek7xEDCIhgiy3htYLDFSMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FOTY0MTNGQUMzM0ExMUVGQTE5MTdBOTI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPS9MA0GCSqGSIb3DQEBCwUA
A4IBAQB1cjxlBIGXkTZulHutHhe4aKM0aO+/WPMAdevJpKjt06R8/lPPUkF+spJ7
Y9KhaROKP3zi9GbfdwK9K+PRO960RMP8KCyLclwrq+fPyO+szOCUQ2xLsJMXbIQm
zN7rCuBFKw9K5Eoac6q10L4En4GIdDe33vL+sox+OHeocNKgzgS7vpEq6qZ4702K
elJoE95/hee9d+8y4lfmtBZ6vs9FiL6tkt3wsU5nRCbuOhsHFUMWxUqY7JPc3+/F
IpqYKxCkamB+lXJyFtezhIaX6uIGCkjqVvTpYYEpKxQ9D62ADC/N6ymuh7LL8mkr
ZlmiqLte4DjjGHrqEpKfzLbQhZ70
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:48:10 2025 by rpki-client