Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/017D3534C28C11EFBFD69CBE762E951A.roa
File: 017D3534C28C11EFBFD69CBE762E951A.roa (raw, json)
Hash identifier: mZpgQwOnfyCc97YjPo7iIVcxS2Qj9jQ/bQui60IoAuo=
Subject key identifier: 11:45:C4:9F:38:61:46:20:EE:68:83:1D:E9:6B:7A:7B:D0:A8:67:B1
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E96F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/017D3534C28C11EFBFD69CBE762E951A.roa
Signing time: Wed 25 Dec 2024 06:46:45 +0000
ROA not before: Wed 25 Dec 2024 06:46:41 +0000
ROA not after: Wed 10 Dec 2025 06:46:41 +0000
asID: 984
IP address blocks: 156.228.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59759 (0xe96f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 25 06:46:41 2024 GMT
Not After : Dec 10 06:46:41 2025 GMT
Subject: CN=676baa55-69c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:8a:0a:ae:eb:b7:97:90:32:9b:51:e2:3c:3a:
a1:dc:df:0f:e8:2b:95:f0:2b:e5:f0:d9:bb:cc:91:
d0:eb:fb:bc:be:52:aa:89:be:73:a6:a0:7c:f9:f8:
e4:fe:9c:44:5c:ce:be:5c:36:9c:0c:7c:f8:ee:f7:
ea:89:52:a1:a5:3e:30:51:c1:ed:1d:66:54:4d:25:
cb:53:9f:73:c4:6d:ec:d9:63:b1:12:7d:1f:ad:32:
2c:f9:7e:aa:fd:dc:2d:ec:97:aa:af:62:8f:d0:c9:
11:b7:3c:2e:fa:51:7a:64:64:68:b1:24:92:a3:de:
22:9f:09:6a:0b:c4:07:7c:f0:09:39:61:d6:1e:e0:
19:27:8d:69:ed:e4:88:41:ac:c9:61:d6:e6:75:f2:
22:d4:27:fa:ec:f6:ee:2c:9e:70:19:a3:b4:28:9a:
1c:43:d6:80:b2:d3:ff:55:27:78:a9:cb:20:e9:a3:
73:f6:c2:2d:13:9e:cf:83:2f:2a:1e:89:e3:74:20:
6c:68:c3:52:6a:b3:b8:4b:10:4d:67:ec:c2:a1:34:
7c:c7:10:bf:b3:8d:5a:21:e4:42:02:7d:c0:16:f8:
9e:70:00:af:03:2f:4f:1f:21:ae:98:56:4e:fb:50:
c0:10:15:5b:d9:b7:45:9c:04:46:dc:42:ea:4c:2d:
b1:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:45:C4:9F:38:61:46:20:EE:68:83:1D:E9:6B:7A:7B:D0:A8:67:B1
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/017D3534C28C11EFBFD69CBE762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.207.0/24
Signature Algorithm: sha256WithRSAEncryption
32:ec:df:27:dd:cc:7b:e6:a2:af:c5:19:fc:16:e7:c1:14:be:
78:72:64:58:40:26:2c:1c:94:a0:d7:33:06:80:5d:14:f7:52:
6a:a7:5f:93:d5:b5:93:54:d2:34:3d:c9:71:a4:92:d3:0f:20:
01:cd:c9:93:7f:d7:4f:23:25:4d:67:24:45:ec:e3:58:0e:75:
70:f2:56:4e:de:7c:f7:b6:fb:55:c3:96:c6:0d:dc:f0:b1:b1:
c2:62:2f:80:c8:16:1b:5e:10:27:af:c5:a6:c5:80:50:7f:b1:
92:01:32:76:9c:e1:e3:7f:8d:77:b1:7f:e3:01:85:71:41:6c:
b4:8f:8f:42:52:d1:2c:73:c2:79:a8:c1:4d:c2:b5:4a:52:fd:
da:50:9c:57:83:6c:d6:8d:67:3a:6b:0f:fc:b6:89:a2:23:bf:
99:3b:38:36:80:ec:b1:c3:98:37:9d:bb:de:d9:07:47:16:66:
c0:0a:6d:2c:8e:18:04:51:d0:1d:4d:7f:3f:e2:65:07:76:c6:
83:7a:b3:0c:e1:d6:cb:7e:34:40:d1:32:19:f4:f5:61:71:a4:
6c:5b:28:55:5d:41:85:d9:28:75:ee:30:49:8c:fe:d0:c2:e0:
27:50:f6:99:94:a9:66:ad:4a:6a:09:03:ee:e2:35:c8:12:b5:
ad:0d:d0:e9
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOlvMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI1MDY0NjQxWhcNMjUxMjEwMDY0NjQxWjAYMRYw
FAYDVQQDEw02NzZiYWE1NS02OWM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqIoKruu3l5Aym1HiPDqh3N8P6CuV8Cvl8Nm7zJHQ6/u8vlKqib5zpqB8
+fjk/pxEXM6+XDacDHz47vfqiVKhpT4wUcHtHWZUTSXLU59zxG3s2WOxEn0frTIs
+X6q/dwt7Jeqr2KP0MkRtzwu+lF6ZGRosSSSo94inwlqC8QHfPAJOWHWHuAZJ41p
7eSIQazJYdbmdfIi1Cf67PbuLJ5wGaO0KJocQ9aAstP/VSd4qcsg6aNz9sItE57P
gy8qHonjdCBsaMNSarO4SxBNZ+zCoTR8xxC/s41aIeRCAn3AFviecACvAy9PHyGu
mFZO+1DAEBVb2bdFnARG3ELqTC2xMwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBFF
xJ84YUYg7miDHelrenvQqGexMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wMTdEMzUzNEMyOEMxMUVGQkZENjlDQkU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOTPMA0GCSqGSIb3DQEBCwUA
A4IBAQAy7N8n3cx75qKvxRn8FufBFL54cmRYQCYsHJSg1zMGgF0U91Jqp1+T1bWT
VNI0PclxpJLTDyABzcmTf9dPIyVNZyRF7ONYDnVw8lZO3nz3tvtVw5bGDdzwsbHC
Yi+AyBYbXhAnr8WmxYBQf7GSATJ2nOHjf413sX/jAYVxQWy0j49CUtEsc8J5qMFN
wrVKUv3aUJxXg2zWjWc6aw/8tomiI7+ZOzg2gOyxw5g3nbve2QdHFmbACm0sjhgE
UdAdTX8/4mUHdsaDerMM4dbLfjRA0TIZ9PVhcaRsWyhVXUGF2Sh17jBJjP7QwuAn
UPaZlKlmrUpqCQPu4jXIErWtDdDp
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:58:40 2025 by rpki-client