Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/03146E00C32511EFA6BE9E75762E951A.roa
File: 03146E00C32511EFA6BE9E75762E951A.roa (raw, json)
Hash identifier: P9irjxXrfp8jwM/wBO7W/A1fH/TAc5ckgGoRAqcsrNg=
Subject key identifier: 70:AD:CF:F2:0F:47:7B:6B:CF:D8:95:66:A9:D4:23:41:F1:1B:6A:18
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EA73
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/03146E00C32511EFA6BE9E75762E951A.roa
Signing time: Thu 26 Dec 2024 01:02:00 +0000
ROA not before: Thu 26 Dec 2024 01:01:57 +0000
ROA not after: Wed 10 Dec 2025 01:01:57 +0000
asID: 984
IP address blocks: 156.228.253.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60019 (0xea73)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 01:01:57 2024 GMT
Not After : Dec 10 01:01:57 2025 GMT
Subject: CN=676cab08-3d0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:b8:e7:03:9c:c0:2a:0b:d2:3c:bc:02:a1:e6:
c5:cb:0e:24:6a:51:a8:9a:35:c3:f0:e5:55:92:ad:
b3:8d:f0:cf:52:35:c8:02:0d:b2:ca:fe:d0:04:ea:
e6:b9:5b:7e:67:6a:9b:cb:e7:13:61:56:7f:ed:b1:
20:a0:31:63:8f:3a:6b:5e:e5:80:36:d7:1b:5e:64:
32:57:d7:72:70:ef:d8:ff:05:cc:44:9a:6a:20:30:
f1:43:45:e1:06:e6:50:ec:d7:b8:02:64:3e:75:77:
d9:60:b3:64:eb:e2:a7:90:5d:de:f8:72:c1:ee:11:
ad:13:ae:c9:d3:19:3a:1d:89:d3:4a:59:f9:86:39:
0e:97:12:c2:58:fd:08:ef:d9:bb:78:be:14:28:05:
47:70:db:46:2a:3b:69:9f:1b:9d:3a:b6:13:50:35:
20:4e:b1:34:5d:a4:5c:2a:6b:23:68:98:e7:de:2a:
c9:56:cb:e5:8a:2b:fb:63:9b:d1:ba:c9:ba:21:a9:
00:64:7d:9e:0c:52:cd:1a:fa:e8:5a:71:01:37:9d:
b2:af:7c:03:de:d6:5a:ec:59:85:60:fa:46:3f:15:
a5:8b:6b:27:b2:db:d2:ea:f8:d8:73:62:54:28:56:
fb:42:81:ca:2e:ce:b4:59:fc:01:de:db:5a:43:e6:
2c:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:AD:CF:F2:0F:47:7B:6B:CF:D8:95:66:A9:D4:23:41:F1:1B:6A:18
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/03146E00C32511EFA6BE9E75762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.253.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:e0:58:70:b1:f9:5b:56:aa:67:d1:11:06:d1:8c:97:31:dd:
21:12:7f:5a:6e:e1:c8:91:9e:d5:e4:7a:f8:ee:a0:e4:cf:e6:
e3:be:32:ed:7a:e6:69:32:34:a4:f1:1b:f3:c4:d6:ab:e3:7e:
a4:b6:39:f7:af:bb:3a:06:85:52:c6:d3:54:12:17:0c:97:ef:
de:2e:32:7b:bd:59:5e:3c:63:68:07:b2:50:b4:30:12:f7:0e:
e9:d0:1c:f3:85:bc:56:59:a4:56:e7:4c:c8:2a:1a:1d:1c:be:
c9:fd:3c:61:6a:08:84:63:6f:3d:35:6d:7f:50:9a:3e:d7:09:
3e:40:50:7f:3c:82:6f:3d:80:b9:47:7f:11:f1:66:dd:10:45:
0e:d8:02:43:b0:55:b6:28:fa:ce:fd:d2:17:b9:fc:c1:d3:a5:
c4:b3:51:06:52:ed:7a:d3:c2:73:b1:b8:f5:cb:a8:0a:28:00:
bb:04:f4:34:3d:6a:b8:b0:98:f8:86:4b:a8:2e:7a:b2:b4:5b:
34:71:c9:31:ee:62:2f:10:6a:97:e9:83:02:2f:c4:e0:a5:4d:
36:f7:30:12:ab:16:51:7a:51:b9:87:0e:57:b1:ce:84:95:1d:
9c:ce:19:6d:6e:c2:6a:a3:c1:0f:44:78:6b:d4:e4:5a:d6:e0:
4a:85:50:ee
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOpzMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDEwMTU3WhcNMjUxMjEwMDEwMTU3WjAYMRYw
FAYDVQQDEw02NzZjYWIwOC0zZDBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1bjnA5zAKgvSPLwCoebFyw4kalGomjXD8OVVkq2zjfDPUjXIAg2yyv7Q
BOrmuVt+Z2qby+cTYVZ/7bEgoDFjjzprXuWANtcbXmQyV9dycO/Y/wXMRJpqIDDx
Q0XhBuZQ7Ne4AmQ+dXfZYLNk6+KnkF3e+HLB7hGtE67J0xk6HYnTSln5hjkOlxLC
WP0I79m7eL4UKAVHcNtGKjtpnxudOrYTUDUgTrE0XaRcKmsjaJjn3irJVsvliiv7
Y5vRusm6IakAZH2eDFLNGvroWnEBN52yr3wD3tZa7FmFYPpGPxWli2snstvS6vjY
c2JUKFb7QoHKLs60WfwB3ttaQ+YsGQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHCt
z/IPR3trz9iVZqnUI0HxG2oYMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wMzE0NkUwMEMzMjUxMUVGQTZCRTlFNzU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOT9MA0GCSqGSIb3DQEBCwUA
A4IBAQA+4FhwsflbVqpn0REG0YyXMd0hEn9abuHIkZ7V5Hr47qDkz+bjvjLteuZp
MjSk8RvzxNar436ktjn3r7s6BoVSxtNUEhcMl+/eLjJ7vVlePGNoB7JQtDAS9w7p
0BzzhbxWWaRW50zIKhodHL7J/TxhagiEY289NW1/UJo+1wk+QFB/PIJvPYC5R38R
8WbdEEUO2AJDsFW2KPrO/dIXufzB06XEs1EGUu1608Jzsbj1y6gKKAC7BPQ0PWq4
sJj4hkuoLnqytFs0cckx7mIvEGqX6YMCL8TgpU029zASqxZRelG5hw5Xsc6ElR2c
zhltbsJqo8EPRHhr1ORa1uBKhVDu
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:50:10 2025 by rpki-client