Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F139E986CD0F11EF83E2818D762E951A.roa
File: F139E986CD0F11EF83E2818D762E951A.roa (raw, json)
Hash identifier: wchWl/8UcmBMpbgQr4hoshGfTgCMtGjzmgumubxF92A=
Subject key identifier: 61:D0:1F:AF:1E:33:00:8B:BB:3C:43:EA:76:3A:78:99:36:62:55:19
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FCE9
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F139E986CD0F11EF83E2818D762E951A.roa
Signing time: Tue 07 Jan 2025 15:56:23 +0000
ROA not before: Tue 07 Jan 2025 15:56:19 +0000
ROA not after: Mon 13 Dec 2027 15:56:19 +0000
asID: 17561
IP address blocks: 156.239.151.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64745 (0xfce9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 15:56:19 2025 GMT
Not After : Dec 13 15:56:19 2027 GMT
Subject: CN=677d4ea7-673b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:4a:be:a7:1e:a0:7a:f4:51:9a:c9:c3:43:56:
ad:8c:e5:2f:03:cb:ac:38:89:20:46:47:0b:a4:d8:
8d:01:48:64:b4:f6:38:d8:d2:cf:a5:2b:99:86:65:
6e:e5:c1:68:5c:08:1d:cb:53:25:08:67:2c:16:5a:
db:ce:14:8b:d5:e0:66:7f:50:f2:1f:f0:6b:ca:3d:
ea:a4:a3:24:b1:9b:df:da:9e:0d:55:a2:76:e7:b9:
d9:a4:66:f6:b0:49:9e:a2:c8:56:8a:09:53:65:c8:
7d:9c:2b:88:34:9a:d5:e9:39:35:a6:60:17:4e:dd:
1a:52:26:f5:0f:a4:16:eb:73:0b:eb:a3:6f:4f:f1:
a3:f3:62:fa:3e:71:5f:73:53:0b:9f:c7:56:fd:e9:
cc:f0:ce:a5:4c:84:5f:f8:1b:1c:39:64:50:92:87:
d3:8e:de:bc:11:3e:84:e4:f9:6b:6b:54:18:9b:7c:
60:e5:37:29:4e:9b:0c:6c:97:48:ce:0e:a9:ca:e5:
dc:7e:4f:36:1b:86:3d:71:4b:1e:f6:cd:e7:c7:81:
2f:6f:d3:59:a1:06:0a:26:c2:ad:87:97:eb:ff:81:
36:fe:15:4a:61:55:80:6c:2a:a1:58:33:10:e5:96:
c3:eb:16:7a:e0:b5:59:a3:3a:e5:8b:8c:e2:7e:0d:
e8:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:D0:1F:AF:1E:33:00:8B:BB:3C:43:EA:76:3A:78:99:36:62:55:19
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F139E986CD0F11EF83E2818D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.239.151.0/24
Signature Algorithm: sha256WithRSAEncryption
47:15:56:09:5f:07:56:02:41:95:d7:74:72:1d:fa:d2:13:69:
90:21:9b:14:f9:8c:5c:a5:6e:85:18:96:d2:5b:f9:bf:98:ea:
aa:9f:2e:3e:c3:f1:94:ee:61:f1:d2:d6:0c:03:a5:27:8b:ec:
b5:06:3c:7c:ec:f4:a4:45:5c:ab:ef:53:60:3f:c1:79:b1:76:
15:6d:3c:26:58:6e:be:1d:55:6b:27:90:00:50:55:ab:8e:a6:
bb:38:2c:ad:ab:0d:b1:33:19:78:df:6d:e0:6a:b6:4a:72:d8:
0f:6c:79:52:61:c5:48:d9:1d:4e:86:29:2a:b6:81:97:e8:6f:
72:84:bf:7b:20:b8:0e:b8:3a:59:44:71:7a:8f:aa:d9:d7:2a:
d6:c7:63:9a:5a:56:87:ac:b4:0c:6c:b3:a4:72:06:bb:92:1b:
22:0c:5d:09:f8:e6:ee:22:ce:81:6f:63:83:ea:d3:d0:a2:37:
8b:f1:08:f7:0b:42:7d:5a:ef:02:1d:d6:d8:61:29:a9:35:85:
93:d7:a7:da:86:2c:6a:ea:30:c9:c6:62:f2:2c:24:4b:8c:43:
e0:c5:1f:91:f2:87:bb:b9:8f:6b:6f:e6:1e:af:84:6e:8d:1e:
ca:82:a8:41:bf:f6:b5:66:35:25:d5:dc:9c:10:f8:db:f7:4b:
ce:50:77:04
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPzpMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTU1NjE5WhcNMjcxMjEzMTU1NjE5WjAYMRYw
FAYDVQQDEw02NzdkNGVhNy02NzNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzkq+px6gevRRmsnDQ1atjOUvA8usOIkgRkcLpNiNAUhktPY42NLPpSuZ
hmVu5cFoXAgdy1MlCGcsFlrbzhSL1eBmf1DyH/Bryj3qpKMksZvf2p4NVaJ257nZ
pGb2sEmeoshWiglTZch9nCuINJrV6Tk1pmAXTt0aUib1D6QW63ML66NvT/Gj82L6
PnFfc1MLn8dW/enM8M6lTIRf+BscOWRQkofTjt68ET6E5Plra1QYm3xg5TcpTpsM
bJdIzg6pyuXcfk82G4Y9cUse9s3nx4Evb9NZoQYKJsKth5fr/4E2/hVKYVWAbCqh
WDMQ5ZbD6xZ64LVZozrli4zifg3oNQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGHQ
H68eMwCLuzxD6nY6eJk2YlUZMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GMTM5RTk4NkNEMEYxMUVGODNFMjgxOEQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO+XMA0GCSqGSIb3DQEBCwUA
A4IBAQBHFVYJXwdWAkGV13RyHfrSE2mQIZsU+YxcpW6FGJbSW/m/mOqqny4+w/GU
7mHx0tYMA6Uni+y1Bjx87PSkRVyr71NgP8F5sXYVbTwmWG6+HVVrJ5AAUFWrjqa7
OCytqw2xMxl4323garZKctgPbHlSYcVI2R1OhikqtoGX6G9yhL97ILgOuDpZRHF6
j6rZ1yrWx2OaWlaHrLQMbLOkcga7khsiDF0J+ObuIs6Bb2OD6tPQojeL8Qj3C0J9
Wu8CHdbYYSmpNYWT16fahixq6jDJxmLyLCRLjEPgxR+R8oe7uY9rb+Yer4RujR7K
gqhBv/a1ZjUl1dycEPjb90vOUHcE
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:56:43 2025 by rpki-client