Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0B72CD94C98811EFAA766DAD762E951A.roa
File: 0B72CD94C98811EFAA766DAD762E951A.roa (raw, json)
Hash identifier: z38nkMVgM3dZDRCn3w8GBUl0EQTxpzFvSWY2Icsozh8=
Subject key identifier: 4B:08:12:6A:57:3B:E6:92:39:90:A5:DA:06:EB:D6:2A:09:02:37:F3
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F591
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0B72CD94C98811EFAA766DAD762E951A.roa
Signing time: Fri 03 Jan 2025 04:06:02 +0000
ROA not before: Fri 03 Jan 2025 04:05:58 +0000
ROA not after: Mon 13 Dec 2027 04:05:58 +0000
asID: 17561
IP address blocks: 156.233.14.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62865 (0xf591)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 04:05:58 2025 GMT
Not After : Dec 13 04:05:58 2027 GMT
Subject: CN=6777622a-e796
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:7b:44:b7:bf:67:80:76:31:68:09:c9:44:34:
60:ca:3e:ce:e9:19:0c:46:d2:66:ff:5a:8b:b9:0e:
34:ba:77:c2:f6:cc:b3:3b:52:9a:7d:11:64:10:84:
a2:42:ba:ed:bd:fe:de:f1:39:2e:5f:fd:8b:29:88:
a6:75:6d:56:4e:fb:81:1e:00:da:84:01:25:97:59:
ee:f5:01:7e:79:c3:6a:bb:ba:26:e9:b6:c3:4c:12:
36:dc:de:d5:d0:0e:43:fa:ea:fa:f8:41:93:ae:33:
bd:a2:fe:08:ce:63:e1:de:c7:75:3b:02:4d:6b:6b:
08:bc:b6:98:89:45:27:55:83:1e:a5:4c:e5:2a:66:
88:77:6d:0a:1f:86:dc:68:ff:ef:1f:a5:d2:01:29:
92:4c:6b:14:df:a1:c4:36:da:f0:20:48:6b:89:d9:
05:11:8e:8c:b4:31:ee:57:bd:ee:e3:59:d1:05:61:
6b:c9:80:c1:63:d3:93:e0:e8:7c:0f:fb:1d:e5:72:
3c:89:0d:87:5b:0a:26:1d:d0:3f:91:e2:04:9f:6c:
4c:07:d7:82:92:87:b5:7a:6c:eb:ad:2b:43:28:09:
28:7b:cc:48:c9:53:f1:0f:9c:d7:5f:ef:b7:ac:59:
36:1f:38:e3:84:ff:c8:e3:7c:14:8b:46:87:17:56:
46:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:08:12:6A:57:3B:E6:92:39:90:A5:DA:06:EB:D6:2A:09:02:37:F3
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0B72CD94C98811EFAA766DAD762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.14.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:fd:80:f0:87:5a:fb:65:cd:35:0f:27:85:c3:99:96:9b:d1:
30:a6:18:a3:6c:30:01:9a:4f:85:1c:13:db:5b:25:aa:2b:22:
25:43:e7:ed:d8:38:91:ae:2b:42:e1:d3:ed:07:1a:3c:d5:6d:
34:3d:09:b7:2c:67:82:f2:1e:c0:c1:4a:f9:0b:b8:f5:e9:5b:
68:7c:7d:db:a6:c2:f8:40:8f:28:46:3c:44:a4:51:a6:2f:c8:
8b:1d:46:09:46:6e:2f:dd:70:17:9c:69:3c:35:82:5f:6e:f6:
73:43:e1:be:cc:be:06:4b:50:12:67:d1:4e:7c:e5:32:9a:e0:
17:e2:68:1a:a4:3e:d6:bb:e3:7d:59:d1:ad:e8:b2:34:ff:34:
de:90:1f:71:ff:d8:df:a4:e3:1a:24:c9:4b:c1:10:60:51:90:
d0:79:36:ea:c2:fd:79:40:a3:b5:5c:48:3b:f2:36:38:d1:51:
a7:15:67:c7:fb:24:91:43:d3:6f:16:fb:b2:d4:36:20:af:b9:
0f:91:0f:a2:fd:6d:57:ef:0e:74:96:f5:cc:04:56:60:14:1b:
4e:33:dd:5e:dc:ec:9a:16:94:db:56:90:45:6c:5e:0c:ab:06:
1c:de:f9:25:d9:50:df:42:f6:37:af:83:10:e0:8b:80:b4:aa:
e3:7b:c8:32
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPWRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDQwNTU4WhcNMjcxMjEzMDQwNTU4WjAYMRYw
FAYDVQQDEw02Nzc3NjIyYS1lNzk2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmXtEt79ngHYxaAnJRDRgyj7O6RkMRtJm/1qLuQ40unfC9syzO1KafRFk
EISiQrrtvf7e8TkuX/2LKYimdW1WTvuBHgDahAEll1nu9QF+ecNqu7om6bbDTBI2
3N7V0A5D+ur6+EGTrjO9ov4IzmPh3sd1OwJNa2sIvLaYiUUnVYMepUzlKmaId20K
H4bcaP/vH6XSASmSTGsU36HENtrwIEhridkFEY6MtDHuV73u41nRBWFryYDBY9OT
4Oh8D/sd5XI8iQ2HWwomHdA/keIEn2xMB9eCkoe1emzrrStDKAkoe8xIyVPxD5zX
X++3rFk2HzjjhP/I43wUi0aHF1ZGbQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEsI
EmpXO+aSOZCl2gbr1ioJAjfzMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wQjcyQ0Q5NEM5ODgxMUVGQUE3NjZEQUQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOkOMA0GCSqGSIb3DQEBCwUA
A4IBAQB9/YDwh1r7Zc01DyeFw5mWm9EwphijbDABmk+FHBPbWyWqKyIlQ+ft2DiR
ritC4dPtBxo81W00PQm3LGeC8h7AwUr5C7j16VtofH3bpsL4QI8oRjxEpFGmL8iL
HUYJRm4v3XAXnGk8NYJfbvZzQ+G+zL4GS1ASZ9FOfOUymuAX4mgapD7Wu+N9WdGt
6LI0/zTekB9x/9jfpOMaJMlLwRBgUZDQeTbqwv15QKO1XEg78jY40VGnFWfH+ySR
Q9NvFvuy1DYgr7kPkQ+i/W1X7w50lvXMBFZgFBtOM91e3OyaFpTbVpBFbF4MqwYc
3vkl2VDfQvY3r4MQ4IuAtKrje8gy
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:53:14 2025 by rpki-client