Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F26CD0C4CC1111EFBC9ECDBE762E951A.roa
File: F26CD0C4CC1111EFBC9ECDBE762E951A.roa (raw, json)
Hash identifier: czu/qzPIff6Bb8zVOX5bocViV78g4hJbGXa4n+1PR40=
Subject key identifier: 09:58:89:FC:5A:9A:A1:53:7B:5E:9C:62:DB:00:2A:A6:5E:24:A3:17
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F86B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F26CD0C4CC1111EFBC9ECDBE762E951A.roa
Signing time: Mon 06 Jan 2025 09:38:12 +0000
ROA not before: Mon 06 Jan 2025 09:38:09 +0000
ROA not after: Thu 06 Feb 2025 09:38:09 +0000
asID: 200373
IP address blocks: 156.233.88.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 06 Feb 2025 09:38:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63595 (0xf86b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 6 09:38:09 2025 GMT
Not After : Feb 6 09:38:09 2025 GMT
Subject: CN=677ba484-2be8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:90:0e:8d:b6:30:0b:94:e8:67:81:37:f5:13:
22:0b:9c:21:83:1a:3e:db:8a:e3:52:35:2e:98:61:
c7:14:f7:af:58:fe:28:d4:5a:e2:3e:c8:5c:88:06:
7e:c5:f2:0c:84:99:e9:5d:20:bf:0a:1d:29:f6:35:
ce:ea:5c:a8:e0:34:b9:dc:3a:8a:ee:4c:29:1e:07:
18:c9:0e:a3:71:d7:51:6a:7a:05:59:da:01:9f:c7:
78:c9:38:37:3e:29:df:b1:9b:3f:43:eb:26:83:ab:
46:d5:fa:20:7f:c0:03:1c:4e:f4:bd:f6:dd:af:e9:
0a:a8:21:d8:07:ff:bd:9e:e3:09:26:cd:df:2d:e4:
48:ef:f2:09:23:4d:2b:a5:a9:1d:b0:51:db:f1:07:
a4:ed:c8:03:a7:8a:a3:0d:25:17:52:73:e0:b1:c4:
b9:84:52:e9:24:de:25:8b:e1:a4:21:c7:9b:2f:72:
5c:a3:af:22:5f:fe:36:70:c1:0e:08:4c:96:3a:00:
77:b5:42:92:cb:57:97:12:a4:e1:2e:cf:7a:af:96:
be:ec:b4:bf:d6:d4:fc:00:c8:68:b3:a1:92:56:de:
e7:8e:8d:db:b8:2d:68:8b:53:07:c4:01:3a:e4:44:
cd:c0:af:71:98:21:82:75:c7:9c:ef:ff:54:2c:72:
75:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:58:89:FC:5A:9A:A1:53:7B:5E:9C:62:DB:00:2A:A6:5E:24:A3:17
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F26CD0C4CC1111EFBC9ECDBE762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.88.0/21
Signature Algorithm: sha256WithRSAEncryption
0b:14:89:d6:83:16:05:b0:84:cb:d9:eb:44:80:c3:0d:57:ac:
18:09:5e:ae:a8:4f:5a:fd:41:67:83:b5:e8:7b:e2:53:b4:76:
53:14:a5:4b:aa:a5:24:8d:b5:db:8e:9c:57:df:81:f3:5b:3b:
42:6d:ef:ee:d6:07:e1:f3:c1:31:0a:e5:8f:4c:1a:3a:cc:07:
5e:15:16:0d:88:c4:bd:29:30:aa:34:e1:33:7a:9a:3c:f8:da:
d6:1c:9d:f7:c7:05:7f:50:db:74:04:f0:d4:58:49:f3:2c:c5:
d5:49:5f:30:8c:48:db:dd:71:1a:3a:0d:5b:1f:25:58:4a:63:
6e:36:36:a4:3b:1d:c5:d8:23:51:ff:7e:3e:a7:7b:21:40:af:
f5:86:50:30:bc:13:5f:95:ed:ea:51:11:61:3f:65:4d:e5:b7:
0c:4e:e8:d5:0d:23:51:5d:fc:ff:22:41:f4:df:24:e9:ad:78:
bc:f4:16:73:36:36:8a:90:0e:99:e2:dd:5e:22:c0:a8:ac:33:
d7:82:03:34:3a:2f:a5:2f:47:90:fe:2b:75:7a:d4:94:7f:2e:
a7:69:60:58:e0:16:ba:15:3c:30:1d:85:5c:fb:34:65:e4:73:
3b:3d:3d:ed:82:19:29:97:10:24:51:97:e6:52:c5:07:11:fe:
8b:bc:e5:be
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPhrMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA2MDkzODA5WhcNMjUwMjA2MDkzODA5WjAYMRYw
FAYDVQQDEw02NzdiYTQ4NC0yYmU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0JAOjbYwC5ToZ4E39RMiC5whgxo+24rjUjUumGHHFPevWP4o1FriPshc
iAZ+xfIMhJnpXSC/Ch0p9jXO6lyo4DS53DqK7kwpHgcYyQ6jcddRanoFWdoBn8d4
yTg3PinfsZs/Q+smg6tG1fogf8ADHE70vfbdr+kKqCHYB/+9nuMJJs3fLeRI7/IJ
I00rpakdsFHb8Qek7cgDp4qjDSUXUnPgscS5hFLpJN4li+GkIcebL3Jco68iX/42
cMEOCEyWOgB3tUKSy1eXEqThLs96r5a+7LS/1tT8AMhos6GSVt7njo3buC1oi1MH
xAE65ETNwK9xmCGCdcec7/9ULHJ15wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAlY
ifxamqFTe16cYtsAKqZeJKMXMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GMjZDRDBDNENDMTExMUVGQkM5RUNEQkU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnOlYMA0GCSqGSIb3DQEBCwUA
A4IBAQALFInWgxYFsITL2etEgMMNV6wYCV6uqE9a/UFng7Xoe+JTtHZTFKVLqqUk
jbXbjpxX34HzWztCbe/u1gfh88ExCuWPTBo6zAdeFRYNiMS9KTCqNOEzepo8+NrW
HJ33xwV/UNt0BPDUWEnzLMXVSV8wjEjb3XEaOg1bHyVYSmNuNjakOx3F2CNR/34+
p3shQK/1hlAwvBNfle3qURFhP2VN5bcMTujVDSNRXfz/IkH03yTprXi89BZzNjaK
kA6Z4t1eIsCorDPXggM0Oi+lL0eQ/it1etSUfy6naWBY4Ba6FTwwHYVc+zRl5HM7
PT3tghkplxAkUZfmUsUHEf6LvOW+
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:52:46 2025 by rpki-client