Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0E72926AC32311EF80566568762E951A.roa
File: 0E72926AC32311EF80566568762E951A.roa (raw, json)
Hash identifier: bzi+WzStQPIBesmHNnfqkgUmyBXzNxkgiQQWKCg/drs=
Subject key identifier: 00:8C:8F:FD:98:9B:9C:C1:0B:B6:CD:89:D7:78:73:CC:A2:5B:62:61
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EA42
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0E72926AC32311EF80566568762E951A.roa
Signing time: Thu 26 Dec 2024 00:48:01 +0000
ROA not before: Thu 26 Dec 2024 00:00:57 +0000
ROA not after: Wed 10 Dec 2025 00:00:57 +0000
asID: 984
IP address blocks: 156.228.237.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59970 (0xea42)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 00:00:57 2024 GMT
Not After : Dec 10 00:00:57 2025 GMT
Subject: CN=676ca7c1-03a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:f0:58:ba:b6:8f:e1:43:9e:52:cd:f7:8e:1b:
22:f2:25:d9:31:5e:f8:5f:87:0f:68:67:4c:b2:88:
41:8e:f7:8d:29:4b:49:81:d8:be:59:a6:a1:5d:d6:
68:44:e9:ce:3d:78:c2:bb:e3:31:ab:7d:79:de:e8:
75:d9:51:69:82:ef:11:a5:e5:ec:db:48:5b:10:af:
69:46:82:b9:9e:93:59:5a:66:45:50:e0:47:27:32:
bd:58:99:ce:e8:79:03:4c:67:c5:50:51:62:51:c8:
98:3d:f6:98:20:d7:d1:3e:7d:94:61:d1:c6:b9:30:
f6:72:7b:25:1e:2f:84:c5:d4:90:c5:45:99:ae:be:
a0:73:9d:44:2f:1b:ea:c4:46:ce:d7:33:35:67:8a:
62:bf:29:bd:ce:a0:10:bd:08:cd:e7:c5:57:cb:34:
82:0b:b2:b2:56:0d:fa:81:dc:e8:bb:e5:59:3d:6b:
e8:7c:9a:95:c0:39:c1:bd:74:35:0c:4e:d6:49:b4:
8f:22:b8:69:56:2c:bb:0b:1f:7c:b9:9a:bf:a4:f3:
71:e8:8f:7a:ee:05:ec:8b:b3:a1:9a:1f:10:71:f9:
1a:b0:d5:ee:8c:98:45:c6:5a:f5:ff:74:10:12:8f:
14:79:c8:7d:7a:4b:0f:90:09:da:fe:e7:9a:b3:6f:
ab:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:8C:8F:FD:98:9B:9C:C1:0B:B6:CD:89:D7:78:73:CC:A2:5B:62:61
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0E72926AC32311EF80566568762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.237.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:e0:14:68:cd:de:af:c2:ff:d9:3f:a3:ff:92:f5:bf:1b:1b:
77:70:e0:63:c7:fe:08:28:df:17:07:f7:f1:68:d2:3c:4a:04:
07:7c:cf:e5:91:95:29:92:61:96:e8:29:04:37:8f:e3:3d:d6:
29:dc:6c:5a:e0:3b:27:64:ce:69:54:b3:6e:da:e8:09:90:86:
c5:5f:98:e8:0d:d2:d9:01:91:ec:29:17:93:45:68:a7:0f:64:
49:72:20:ea:5c:80:b6:09:0a:4d:e8:7c:2e:35:8c:b2:f8:4c:
bf:f4:72:e4:04:db:c3:ea:f8:8c:3b:24:e5:97:ce:98:4b:18:
33:74:b2:2e:fb:6c:a0:20:3b:95:12:b9:77:e0:d6:e6:60:23:
06:34:1a:a2:02:28:41:5d:17:1c:b3:94:52:a2:c8:24:14:04:
1e:8d:bd:c8:9e:e7:5b:8f:d1:a7:b5:01:69:d8:fb:a5:71:6e:
64:7f:00:3e:c8:ca:c4:6f:c8:0f:05:f0:ad:08:03:80:2f:d7:
d9:5b:9b:28:7b:b7:0d:be:6f:a7:73:33:0f:5c:c3:26:c7:98:
a1:51:e8:97:f7:b5:a9:98:9e:89:41:bf:a5:77:e9:37:dd:74:
64:16:57:65:fc:d2:bf:6b:a1:da:c9:3c:a2:a5:33:8a:a1:33:
7e:ea:a9:be
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOpCMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDAwMDU3WhcNMjUxMjEwMDAwMDU3WjAYMRYw
FAYDVQQDEw02NzZjYTdjMS0wM2EwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvPBYuraP4UOeUs33jhsi8iXZMV74X4cPaGdMsohBjveNKUtJgdi+Waah
XdZoROnOPXjCu+Mxq3153uh12VFpgu8RpeXs20hbEK9pRoK5npNZWmZFUOBHJzK9
WJnO6HkDTGfFUFFiUciYPfaYINfRPn2UYdHGuTD2cnslHi+ExdSQxUWZrr6gc51E
LxvqxEbO1zM1Z4pivym9zqAQvQjN58VXyzSCC7KyVg36gdzou+VZPWvofJqVwDnB
vXQ1DE7WSbSPIrhpViy7Cx98uZq/pPNx6I967gXsi7Ohmh8QcfkasNXujJhFxlr1
/3QQEo8Uech9eksPkAna/ueas2+rDQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFACM
j/2Ym5zBC7bNidd4c8yiW2JhMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wRTcyOTI2QUMzMjMxMUVGODA1NjY1Njg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOTtMA0GCSqGSIb3DQEBCwUA
A4IBAQB94BRozd6vwv/ZP6P/kvW/Gxt3cOBjx/4IKN8XB/fxaNI8SgQHfM/lkZUp
kmGW6CkEN4/jPdYp3Gxa4DsnZM5pVLNu2ugJkIbFX5joDdLZAZHsKReTRWinD2RJ
ciDqXIC2CQpN6HwuNYyy+Ey/9HLkBNvD6viMOyTll86YSxgzdLIu+2ygIDuVErl3
4NbmYCMGNBqiAihBXRccs5RSosgkFAQejb3Inudbj9GntQFp2PulcW5kfwA+yMrE
b8gPBfCtCAOAL9fZW5soe7cNvm+nczMPXMMmx5ihUeiX97WpmJ6JQb+ld+k33XRk
Fldl/NK/a6HayTyipTOKoTN+6qm+
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:39:55 2025 by rpki-client