Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F614B14CCCD911EF8C84D1B9762E951A.roa
File: F614B14CCCD911EF8C84D1B9762E951A.roa (raw, json)
Hash identifier: CdT6/eMbnAuv2dKLI515nSDfVlNf5BLxgY9tBBT1VOg=
Subject key identifier: 76:96:CB:CC:61:8E:3B:26:F8:AE:67:CC:29:3F:43:9D:4D:C1:4A:E5
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FB44
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F614B14CCCD911EF8C84D1B9762E951A.roa
Signing time: Tue 07 Jan 2025 09:29:58 +0000
ROA not before: Tue 07 Jan 2025 09:29:54 +0000
ROA not after: Mon 13 Dec 2027 09:29:54 +0000
asID: 17561
IP address blocks: 156.233.194.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64324 (0xfb44)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 09:29:54 2025 GMT
Not After : Dec 13 09:29:54 2027 GMT
Subject: CN=677cf416-561c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:e7:69:c9:05:b7:9b:18:4c:f5:16:91:22:45:
99:b1:5a:16:6d:e5:99:52:23:89:50:ca:c3:8f:3c:
a3:e4:2a:85:db:84:a2:ca:d1:f7:71:a3:44:28:3d:
84:e9:e0:8e:41:8b:45:fc:ff:66:02:9a:9d:1a:b7:
a2:f9:28:33:19:74:20:71:67:41:ef:0d:b8:45:c2:
c3:7c:50:73:34:e1:e6:e1:67:e6:2d:bd:7a:92:e6:
67:bd:09:04:61:c9:f9:f6:a5:58:e9:19:1c:2a:5e:
c0:38:43:93:ca:2e:d7:47:85:f1:22:49:dd:32:2c:
a2:2f:a8:2a:df:0f:db:5f:c7:ee:89:e2:5b:ac:c0:
4d:05:7e:95:57:1b:87:f5:18:97:41:fb:08:47:20:
56:6d:3a:0f:98:de:d5:1b:84:55:5f:0e:03:fa:aa:
81:a6:26:92:31:78:05:92:2b:a2:7b:ba:54:76:aa:
5a:57:3a:00:92:8e:9a:ed:68:04:fa:89:cb:5c:ee:
d2:14:d3:71:c4:a2:17:65:a2:53:ae:a5:23:84:e8:
42:03:c4:76:81:66:c3:b1:a6:a7:4d:b7:84:c2:26:
3c:a5:6c:7c:c8:d5:08:00:ed:3b:9b:fc:9c:b3:62:
a1:23:69:a4:ba:4b:96:c1:a6:9f:9c:34:7a:21:4a:
e2:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:96:CB:CC:61:8E:3B:26:F8:AE:67:CC:29:3F:43:9D:4D:C1:4A:E5
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F614B14CCCD911EF8C84D1B9762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.194.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:53:2f:d1:49:36:14:f4:21:af:59:9e:db:ca:90:3e:67:62:
84:9e:34:63:75:47:78:88:a4:ac:8f:74:30:5d:e8:45:73:a3:
9d:e3:91:d5:67:2d:59:c2:f9:ba:d2:09:ba:e6:87:b9:eb:12:
7d:b6:05:51:af:bb:cb:f7:97:d2:70:e1:6e:b5:a6:a5:cf:f8:
64:68:81:69:a3:ab:6f:cc:d2:ed:23:c1:dd:f6:82:05:38:c4:
2d:83:0d:70:7b:b8:53:0b:b8:97:65:78:59:5e:68:c3:66:f0:
20:9d:9e:da:0e:ad:54:ec:36:49:3d:f8:28:96:91:08:75:69:
f9:7f:f3:e4:e5:96:b6:01:24:ae:9b:ea:42:e5:3c:36:47:c6:
a6:f3:16:8c:aa:d6:c6:d0:f9:79:eb:dc:bd:5e:66:80:d7:d0:
3e:bf:68:04:f1:23:32:84:04:2d:73:45:df:3b:78:a6:24:15:
21:0c:09:64:a8:00:b2:39:9a:4d:07:01:6d:47:60:16:91:d2:
c8:f6:af:c5:1e:2b:99:e7:8e:1e:67:00:72:ac:3f:e7:ab:f8:
58:95:46:c3:ac:b6:87:0d:42:35:89:05:ff:a9:f0:2a:7f:cb:
3b:8c:ff:63:67:d9:ee:ec:dc:14:bb:7c:52:e9:a0:c1:9b:82:
31:73:f7:19
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPtEMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDkyOTU0WhcNMjcxMjEzMDkyOTU0WjAYMRYw
FAYDVQQDEw02NzdjZjQxNi01NjFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2udpyQW3mxhM9RaRIkWZsVoWbeWZUiOJUMrDjzyj5CqF24SiytH3caNE
KD2E6eCOQYtF/P9mApqdGrei+SgzGXQgcWdB7w24RcLDfFBzNOHm4WfmLb16kuZn
vQkEYcn59qVY6RkcKl7AOEOTyi7XR4XxIkndMiyiL6gq3w/bX8fuieJbrMBNBX6V
VxuH9RiXQfsIRyBWbToPmN7VG4RVXw4D+qqBpiaSMXgFkiuie7pUdqpaVzoAko6a
7WgE+onLXO7SFNNxxKIXZaJTrqUjhOhCA8R2gWbDsaanTbeEwiY8pWx8yNUIAO07
m/ycs2KhI2mkukuWwaafnDR6IUriCQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHaW
y8xhjjsm+K5nzCk/Q51NwUrlMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GNjE0QjE0Q0NDRDkxMUVGOEM4NEQxQjk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOnCMA0GCSqGSIb3DQEBCwUA
A4IBAQB/Uy/RSTYU9CGvWZ7bypA+Z2KEnjRjdUd4iKSsj3QwXehFc6Od45HVZy1Z
wvm60gm65oe56xJ9tgVRr7vL95fScOFutaalz/hkaIFpo6tvzNLtI8Hd9oIFOMQt
gw1we7hTC7iXZXhZXmjDZvAgnZ7aDq1U7DZJPfgolpEIdWn5f/Pk5Za2ASSum+pC
5Tw2R8am8xaMqtbG0Pl569y9XmaA19A+v2gE8SMyhAQtc0XfO3imJBUhDAlkqACy
OZpNBwFtR2AWkdLI9q/FHiuZ544eZwByrD/nq/hYlUbDrLaHDUI1iQX/qfAqf8s7
jP9jZ9nu7NwUu3xS6aDBm4Ixc/cZ
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:54:33 2025 by rpki-client