Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F06D480ACF0211EF92F5A58A762E951A.roa
File: F06D480ACF0211EF92F5A58A762E951A.roa (raw, json)
Hash identifier: pny0kZNGaQsKbn0PN8IXaDzmTnNRUf1JG8VRb+rAYHA=
Subject key identifier: CA:F1:C3:89:31:BF:3E:2C:9B:77:17:0E:93:50:8C:3F:E1:D2:B8:FA
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0104E1
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F06D480ACF0211EF92F5A58A762E951A.roa
Signing time: Fri 10 Jan 2025 03:28:20 +0000
ROA not before: Fri 10 Jan 2025 03:28:17 +0000
ROA not after: Mon 10 Mar 2025 03:28:17 +0000
asID: 21859
IP address blocks: 156.238.113.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66785 (0x104e1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 10 03:28:17 2025 GMT
Not After : Mar 10 03:28:17 2025 GMT
Subject: CN=678093d4-df9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:02:e9:93:d5:70:fa:d6:fd:4d:d9:b2:56:e4:
af:03:bc:a1:e4:e8:2a:d7:26:9a:36:6d:9c:80:9d:
e7:f0:56:24:78:6f:91:f3:f8:45:0a:8c:a2:a8:02:
dd:ee:34:89:37:24:5c:5d:81:43:5a:e8:47:a8:65:
62:31:af:0c:f7:20:5c:24:e4:b9:f4:0f:d4:ba:c7:
d8:e2:14:a1:f7:e7:aa:71:16:16:ae:43:49:0a:64:
39:40:58:06:6d:21:15:cf:96:f0:5e:5a:6e:b0:20:
24:cb:ed:58:76:e0:4e:18:bd:93:1b:7a:ec:24:74:
db:0a:9e:5f:41:d6:f8:64:35:57:dd:66:ee:a9:c8:
39:79:fd:3f:b0:57:19:dd:44:f6:4f:e1:0c:b9:92:
b8:11:30:9e:6e:93:d3:ab:15:be:8b:53:8b:d9:c7:
d9:d0:05:16:33:41:c6:4d:53:06:75:66:2b:33:3e:
a3:2d:0a:07:aa:90:1c:ff:a8:73:bd:7f:0a:e9:f2:
e5:4d:c5:3f:70:a3:16:e7:ac:21:90:b9:38:eb:09:
98:da:4b:64:37:e1:52:8e:ec:00:28:1f:1b:18:20:
56:2e:36:1e:e7:bf:c4:fd:76:43:93:6f:22:ef:08:
1b:ec:1a:92:b8:77:a8:40:2b:6b:41:9c:79:67:09:
cb:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:F1:C3:89:31:BF:3E:2C:9B:77:17:0E:93:50:8C:3F:E1:D2:B8:FA
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F06D480ACF0211EF92F5A58A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.113.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:ba:5a:c4:51:b2:52:6c:ec:64:e0:bc:00:79:30:10:a7:cf:
ac:0b:29:ea:18:5a:29:8b:5e:9b:ad:23:98:b4:1f:4a:8e:78:
cc:fa:1c:fc:ed:8d:e9:d6:9d:f7:97:af:ba:ac:0e:0e:d8:26:
32:de:f2:e0:b8:db:e1:ad:12:96:61:ed:c2:cb:d1:08:fa:91:
53:c6:1a:2d:b9:4f:34:1c:07:f2:71:9b:95:0b:24:31:21:67:
a1:e8:68:88:2d:ae:25:90:04:33:55:6b:5d:d4:f6:80:26:e9:
59:b4:17:8c:51:be:27:12:8d:aa:1e:0d:d8:3a:7f:7a:e8:88:
b2:24:34:9e:b4:15:2d:70:4d:4d:d1:a4:cd:2c:1e:af:13:9e:
bd:8e:71:56:50:88:d9:43:0a:64:b4:85:7d:18:35:01:b5:ca:
66:ad:01:2c:db:11:e1:b6:4b:1d:ee:49:66:e4:ed:c8:db:b2:
e7:01:c2:31:96:d9:fa:38:58:28:b2:00:b8:bc:90:14:92:f0:
10:13:97:45:4e:a3:d6:79:94:a1:4c:c5:a3:c5:bc:81:e1:3b:
3b:ba:79:8c:a3:61:d5:2b:1d:38:c6:48:06:47:bd:7a:74:78:
6c:82:75:37:39:52:b3:c7:74:b5:2e:04:39:3e:7e:93:ab:5e:
dc:6a:78:fc
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQThMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTEwMDMyODE3WhcNMjUwMzEwMDMyODE3WjAYMRYw
FAYDVQQDEw02NzgwOTNkNC1kZjlkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqQLpk9Vw+tb9TdmyVuSvA7yh5Ogq1yaaNm2cgJ3n8FYkeG+R8/hFCoyi
qALd7jSJNyRcXYFDWuhHqGViMa8M9yBcJOS59A/UusfY4hSh9+eqcRYWrkNJCmQ5
QFgGbSEVz5bwXlpusCAky+1YduBOGL2TG3rsJHTbCp5fQdb4ZDVX3Wbuqcg5ef0/
sFcZ3UT2T+EMuZK4ETCebpPTqxW+i1OL2cfZ0AUWM0HGTVMGdWYrMz6jLQoHqpAc
/6hzvX8K6fLlTcU/cKMW56whkLk46wmY2ktkN+FSjuwAKB8bGCBWLjYe57/E/XZD
k28i7wgb7BqSuHeoQCtrQZx5ZwnLMwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMrx
w4kxvz4sm3cXDpNQjD/h0rj6MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GMDZENDgwQUNGMDIxMUVGOTJGNUE1OEE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO5xMA0GCSqGSIb3DQEBCwUA
A4IBAQBMulrEUbJSbOxk4LwAeTAQp8+sCynqGFopi16brSOYtB9KjnjM+hz87Y3p
1p33l6+6rA4O2CYy3vLguNvhrRKWYe3Cy9EI+pFTxhotuU80HAfycZuVCyQxIWeh
6GiILa4lkAQzVWtd1PaAJulZtBeMUb4nEo2qHg3YOn966IiyJDSetBUtcE1N0aTN
LB6vE569jnFWUIjZQwpktIV9GDUBtcpmrQEs2xHhtksd7klm5O3I27LnAcIxltn6
OFgosgC4vJAUkvAQE5dFTqPWeZShTMWjxbyB4Ts7unmMo2HVKx04xkgGR716dHhs
gnU3OVKzx3S1LgQ5Pn6Tq17canj8
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:52:51 2025 by rpki-client