Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0C4DE5FEC28111EF9125EC7A762E951A.roa
File: 0C4DE5FEC28111EF9125EC7A762E951A.roa (raw, json)
Hash identifier: IVTjgZ8nLovLDxpmkm5VWvHOMqX65/X9MQ7etWXMhbY=
Subject key identifier: B6:9A:C4:04:5F:E5:A7:5D:91:93:AA:CE:D5:66:44:78:B8:B3:B2:34
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E8E9
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0C4DE5FEC28111EF9125EC7A762E951A.roa
Signing time: Wed 25 Dec 2024 05:28:18 +0000
ROA not before: Wed 25 Dec 2024 05:28:15 +0000
ROA not after: Wed 10 Dec 2025 05:28:15 +0000
asID: 984
IP address blocks: 156.228.18.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59625 (0xe8e9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 25 05:28:15 2024 GMT
Not After : Dec 10 05:28:15 2025 GMT
Subject: CN=676b97f2-cfe9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:4b:40:77:74:32:16:c2:36:e2:a8:da:7a:f1:
2f:8f:39:25:6d:d4:cf:6f:5a:ed:ae:15:1f:a9:e6:
e6:35:06:9a:6c:5b:5f:29:40:77:38:d7:6a:53:85:
ff:81:93:8d:c2:50:07:e2:68:51:f4:41:13:fb:74:
57:f5:50:f5:36:f4:ba:cc:83:7d:bf:a9:40:ec:b7:
ee:f8:27:1d:d0:5c:3b:4b:d1:4b:60:7c:05:eb:ed:
c2:0d:b0:8e:78:50:6a:2f:47:df:50:fe:ba:0a:ff:
77:a2:b5:b9:56:08:83:32:ab:b1:ca:6c:f1:6b:8c:
c4:85:25:67:9e:40:2d:d3:17:85:b3:a5:b9:98:bd:
87:03:01:9f:b2:d1:5e:9e:bf:e5:f1:59:83:37:6e:
f3:cd:3f:4d:8d:42:4e:39:1f:29:9c:4f:93:46:3b:
d9:72:85:27:ae:37:dd:33:34:e1:28:da:e5:49:a5:
3a:fd:0a:5d:98:29:25:da:fb:90:8a:81:9a:38:98:
80:99:f5:9e:4d:c6:bb:de:9b:a5:b8:af:f6:45:29:
11:6f:5a:8d:2e:ce:ec:11:4b:9f:96:73:05:29:ee:
72:11:75:e0:1b:55:e0:d0:ab:24:86:97:82:22:d6:
b7:0d:6c:04:f7:e4:c0:83:2c:4b:55:1f:37:45:f2:
fe:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:9A:C4:04:5F:E5:A7:5D:91:93:AA:CE:D5:66:44:78:B8:B3:B2:34
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0C4DE5FEC28111EF9125EC7A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.18.0/24
Signature Algorithm: sha256WithRSAEncryption
41:72:60:c9:0f:2e:b6:1b:6e:67:f2:f9:c8:4e:7e:05:c8:3e:
61:89:8a:f0:74:e1:74:cf:63:2c:2e:4e:db:1c:4b:d0:a8:77:
47:1b:41:48:93:94:a8:56:7e:30:07:92:c1:79:fa:d1:d7:66:
f7:b9:14:19:c6:78:9d:4b:c7:40:7e:18:be:52:63:e9:3b:97:
ac:5e:2f:3d:48:22:0b:af:4e:14:64:9f:34:a3:48:11:14:23:
ac:fc:86:cd:ce:be:1c:80:29:67:3e:38:43:41:f1:9e:57:6a:
6d:a9:00:98:e9:87:08:2e:c6:24:b4:b7:8f:e0:ef:b1:54:c6:
2d:66:46:b5:60:a4:e1:1b:c9:4e:9d:b3:ae:29:56:b5:39:0f:
28:01:23:a0:18:df:e4:97:88:90:17:71:db:1f:12:b7:b9:5f:
6f:b2:1f:90:7a:81:29:5a:0a:1e:b5:bb:48:a6:a4:5b:14:06:
3f:d2:39:3d:d1:e7:8d:ef:9b:c8:0c:d9:3a:79:9c:f1:28:a4:
10:b2:98:9f:5e:e2:b9:3f:4b:df:cc:b6:a7:5b:5c:ea:1f:f2:
35:7a:6c:1e:35:a1:61:df:55:bf:01:65:67:7a:f7:ef:aa:ba:
16:b6:9c:b1:94:7d:6e:b3:c3:74:25:2c:c9:a3:51:16:72:72:
c4:81:c1:12
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOjpMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI1MDUyODE1WhcNMjUxMjEwMDUyODE1WjAYMRYw
FAYDVQQDEw02NzZiOTdmMi1jZmU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2ktAd3QyFsI24qjaevEvjzklbdTPb1rtrhUfqebmNQaabFtfKUB3ONdq
U4X/gZONwlAH4mhR9EET+3RX9VD1NvS6zIN9v6lA7Lfu+Ccd0Fw7S9FLYHwF6+3C
DbCOeFBqL0ffUP66Cv93orW5VgiDMquxymzxa4zEhSVnnkAt0xeFs6W5mL2HAwGf
stFenr/l8VmDN27zzT9NjUJOOR8pnE+TRjvZcoUnrjfdMzThKNrlSaU6/QpdmCkl
2vuQioGaOJiAmfWeTca73puluK/2RSkRb1qNLs7sEUuflnMFKe5yEXXgG1Xg0Ksk
hpeCIta3DWwE9+TAgyxLVR83RfL+awIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLaa
xARf5addkZOqztVmRHi4s7I0MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wQzRERTVGRUMyODExMUVGOTEyNUVDN0E3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOQSMA0GCSqGSIb3DQEBCwUA
A4IBAQBBcmDJDy62G25n8vnITn4FyD5hiYrwdOF0z2MsLk7bHEvQqHdHG0FIk5So
Vn4wB5LBefrR12b3uRQZxnidS8dAfhi+UmPpO5esXi89SCILr04UZJ80o0gRFCOs
/IbNzr4cgClnPjhDQfGeV2ptqQCY6YcILsYktLeP4O+xVMYtZka1YKThG8lOnbOu
KVa1OQ8oASOgGN/kl4iQF3HbHxK3uV9vsh+QeoEpWgoetbtIpqRbFAY/0jk90eeN
75vIDNk6eZzxKKQQspifXuK5P0vfzLanW1zqH/I1emweNaFh31W/AWVnevfvqroW
tpyxlH1us8N0JSzJo1EWcnLEgcES
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:58:59 2025 by rpki-client