Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FE9520FCCC9011EFA61B1457762E951A.roa
File: FE9520FCCC9011EFA61B1457762E951A.roa (raw, json)
Hash identifier: BJJGF9Pq2mt9MUMx1DARY1huFFi01fG9kiOwFcyxjzw=
Subject key identifier: 26:D5:C6:53:D3:13:E3:56:A6:87:30:62:FC:55:66:1D:7B:A1:7D:E5
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F909
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FE9520FCCC9011EFA61B1457762E951A.roa
Signing time: Tue 07 Jan 2025 00:47:39 +0000
ROA not before: Tue 07 Jan 2025 00:00:35 +0000
ROA not after: Mon 13 Dec 2027 00:00:35 +0000
asID: 17561
IP address blocks: 156.226.251.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63753 (0xf909)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 00:00:35 2025 GMT
Not After : Dec 13 00:00:35 2027 GMT
Subject: CN=677c79ab-ca37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:06:8c:7f:7b:8f:ab:f2:5c:fe:6b:77:91:06:
a5:e2:b5:98:7d:4e:64:18:cc:3a:37:73:d3:65:c9:
cd:cd:b2:bc:e1:ea:8b:a0:0f:ad:4f:04:92:1d:13:
81:ea:dc:e3:a0:85:af:a3:85:66:ae:41:f6:36:a9:
e5:13:82:66:f9:de:ec:94:83:1d:fe:8f:36:d6:9a:
06:1e:cd:e5:13:00:85:8a:e7:35:a1:f8:90:95:e3:
42:51:8d:93:bf:43:d2:ab:9a:86:a1:53:f3:10:22:
d1:4c:9a:bf:5a:b8:d3:20:a5:04:70:00:52:d9:da:
e7:00:ab:e2:13:51:39:cc:10:dc:59:ee:43:94:6e:
b2:07:b3:51:b7:56:6f:c2:35:cc:a5:a1:b9:d4:f8:
d3:ec:af:4e:05:95:1c:43:a0:da:88:db:47:3a:ee:
15:9f:4a:29:24:38:49:3a:74:b9:22:cb:86:fc:1f:
c5:d3:58:2a:16:d6:6b:71:c1:f3:18:2b:54:89:7e:
24:87:38:ad:b6:6f:61:b4:e9:f2:d7:26:d2:df:20:
80:09:e1:73:2a:23:11:d1:e1:16:e5:18:92:28:cc:
21:5b:16:30:04:5e:ad:6d:0b:f3:b8:1e:43:ca:d5:
ec:b5:8b:9a:db:c4:1d:95:e3:4c:56:5f:46:03:41:
49:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:D5:C6:53:D3:13:E3:56:A6:87:30:62:FC:55:66:1D:7B:A1:7D:E5
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FE9520FCCC9011EFA61B1457762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.226.251.0/24
Signature Algorithm: sha256WithRSAEncryption
30:7b:d5:75:8c:f4:82:3d:e8:90:fd:f2:1c:69:60:4f:34:97:
49:c5:cb:91:ce:6b:73:d5:65:c7:81:2c:9c:a7:f3:e5:e7:9a:
47:50:dd:8b:2a:7f:19:2a:76:c3:b8:60:23:52:f1:9c:0c:e8:
96:88:df:69:9c:63:de:ef:dc:60:98:74:e4:bf:c4:8d:60:42:
9b:13:27:b8:58:66:86:0a:3a:ae:fb:e9:85:b2:9b:74:e5:1f:
6f:05:db:11:29:db:d8:63:57:dc:37:67:cb:a4:89:dd:fb:67:
cf:14:bb:8c:e5:7b:48:d1:2a:29:3c:65:83:1c:b4:23:ad:c8:
26:6e:0a:df:a7:48:dc:3a:5e:8b:a3:f8:c7:8b:74:e5:43:11:
18:1d:5b:32:c6:cd:4b:e0:c5:25:0a:12:39:da:01:8f:f5:58:
f1:7b:52:f0:3e:0a:ec:42:00:4e:96:79:6e:b5:4e:08:b5:32:
1e:bc:4d:01:ae:09:aa:03:54:ce:b4:0c:4e:65:66:e6:75:a2:
d9:be:98:9e:0c:28:0b:53:da:bf:06:97:6d:22:b4:5d:b9:38:
2b:aa:de:59:b2:22:16:10:c3:88:ca:fe:47:f2:da:73:e5:70:
91:77:0d:44:56:30:a4:2b:ea:71:06:86:fc:ac:bb:82:f5:f8:
11:45:05:b7
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPkJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDAwMDM1WhcNMjcxMjEzMDAwMDM1WjAYMRYw
FAYDVQQDEw02NzdjNzlhYi1jYTM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzgaMf3uPq/Jc/mt3kQal4rWYfU5kGMw6N3PTZcnNzbK84eqLoA+tTwSS
HROB6tzjoIWvo4VmrkH2NqnlE4Jm+d7slIMd/o821poGHs3lEwCFiuc1ofiQleNC
UY2Tv0PSq5qGoVPzECLRTJq/WrjTIKUEcABS2drnAKviE1E5zBDcWe5DlG6yB7NR
t1ZvwjXMpaG51PjT7K9OBZUcQ6DaiNtHOu4Vn0opJDhJOnS5IsuG/B/F01gqFtZr
ccHzGCtUiX4khzittm9htOny1ybS3yCACeFzKiMR0eEW5RiSKMwhWxYwBF6tbQvz
uB5DytXstYua28QdleNMVl9GA0FJEQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCbV
xlPTE+NWpocwYvxVZh17oX3lMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GRTk1MjBGQ0NDOTAxMUVGQTYxQjE0NTc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOL7MA0GCSqGSIb3DQEBCwUA
A4IBAQAwe9V1jPSCPeiQ/fIcaWBPNJdJxcuRzmtz1WXHgSycp/Pl55pHUN2LKn8Z
KnbDuGAjUvGcDOiWiN9pnGPe79xgmHTkv8SNYEKbEye4WGaGCjqu++mFspt05R9v
BdsRKdvYY1fcN2fLpInd+2fPFLuM5XtI0SopPGWDHLQjrcgmbgrfp0jcOl6Lo/jH
i3TlQxEYHVsyxs1L4MUlChI52gGP9Vjxe1LwPgrsQgBOlnlutU4ItTIevE0Brgmq
A1TOtAxOZWbmdaLZvpieDCgLU9q/BpdtIrRduTgrqt5ZsiIWEMOIyv5H8tpz5XCR
dw1EVjCkK+pxBob8rLuC9fgRRQW3
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:53:16 2025 by rpki-client