Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/10795C46C97311EF8D286796762E951A.roa
File: 10795C46C97311EF8D286796762E951A.roa (raw, json)
Hash identifier: Qe58RwwL+CG7x7F9jSb+t85LCkAciMnhlNXR0DsE23c=
Subject key identifier: 08:3A:F6:57:4F:C7:B9:CE:71:D6:AA:9E:AC:27:93:A5:02:81:26:19
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F4C9
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/10795C46C97311EF8D286796762E951A.roa
Signing time: Fri 03 Jan 2025 01:35:51 +0000
ROA not before: Fri 03 Jan 2025 01:35:47 +0000
ROA not after: Mon 13 Dec 2027 01:35:47 +0000
asID: 17561
IP address blocks: 156.227.86.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62665 (0xf4c9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 01:35:47 2025 GMT
Not After : Dec 13 01:35:47 2027 GMT
Subject: CN=67773ef7-446a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:da:c4:c1:19:df:aa:bd:c1:74:d7:45:80:72:
89:7a:83:8b:bf:9e:65:f2:2d:f3:aa:0a:e0:e7:b1:
d6:32:31:35:5c:d8:8d:71:61:d0:98:b6:b3:58:82:
72:c1:fe:ac:9e:4e:63:79:e0:46:0a:3f:61:9d:5d:
bf:23:cc:89:48:04:c1:a0:dc:71:a5:16:47:22:f6:
12:15:ac:e4:80:e5:1d:6e:51:35:ca:63:54:bb:49:
58:9f:b4:ca:29:e3:06:e4:f0:48:51:55:33:ef:43:
b6:82:6e:43:05:64:e4:58:54:42:5b:a4:82:fe:1f:
00:00:8e:ab:98:73:57:55:74:89:db:17:ed:ce:2f:
02:c7:6e:8d:41:72:b3:53:9c:57:2e:fb:66:2d:6a:
da:92:ba:69:09:27:28:3c:68:96:96:cf:eb:6d:61:
4a:d8:8e:02:fd:00:75:f3:9a:42:da:b4:ea:a7:b7:
6a:a7:6f:a1:93:9a:66:87:f1:4d:bc:02:12:53:d3:
20:df:0d:0e:f9:ce:f3:4a:6a:e6:11:94:d5:36:88:
55:51:60:09:0e:b7:87:6b:0d:99:4e:c4:43:31:b1:
d5:4c:3f:66:b6:25:2e:48:c7:dd:82:40:c0:c7:44:
9e:37:f3:6d:ff:94:25:f6:8c:25:2a:dd:ca:4d:71:
61:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:3A:F6:57:4F:C7:B9:CE:71:D6:AA:9E:AC:27:93:A5:02:81:26:19
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/10795C46C97311EF8D286796762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.86.0/24
Signature Algorithm: sha256WithRSAEncryption
52:4c:6c:b2:bb:2c:90:56:6d:1d:70:3d:fe:6d:81:61:70:e3:
08:af:02:9e:62:16:83:70:b1:29:72:e1:86:78:92:3d:92:57:
cc:b5:cf:c0:77:11:aa:e2:09:00:61:90:92:13:72:d8:c4:20:
dd:0a:d4:48:0d:da:e2:34:d4:78:e6:c9:e5:bf:41:81:a1:b7:
93:39:0e:2c:9c:c1:0a:b8:98:b1:fc:e3:ff:97:ee:49:9e:14:
98:e9:45:61:2d:48:93:9d:e9:53:fe:52:67:f4:04:fb:4a:63:
68:2b:44:4a:c7:e8:40:6e:8c:1e:cf:48:c9:32:4a:d2:83:23:
62:11:35:de:cf:3e:9e:e5:09:40:27:5e:a5:70:a4:83:1a:23:
63:b5:1e:ff:c8:23:d6:62:77:9a:3c:ca:44:5b:63:52:35:a2:
49:f5:df:95:e0:8e:c6:11:1a:63:46:f8:f3:5d:98:25:23:cc:
4b:0f:b7:4f:58:97:7d:c9:a2:b7:39:f5:1e:16:67:88:e6:3b:
30:d4:6a:fa:9d:de:d4:66:2c:a4:0c:a3:9a:3b:b2:84:e2:15:
57:ee:59:43:74:79:fc:7b:c2:d6:68:cd:59:a0:06:58:b0:36:
92:8b:81:e1:7d:0d:4d:1f:f9:17:1c:09:95:4f:50:fa:96:78:
d4:9f:44:ff
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPTJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDEzNTQ3WhcNMjcxMjEzMDEzNTQ3WjAYMRYw
FAYDVQQDEw02Nzc3M2VmNy00NDZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0NrEwRnfqr3BdNdFgHKJeoOLv55l8i3zqgrg57HWMjE1XNiNcWHQmLaz
WIJywf6snk5jeeBGCj9hnV2/I8yJSATBoNxxpRZHIvYSFazkgOUdblE1ymNUu0lY
n7TKKeMG5PBIUVUz70O2gm5DBWTkWFRCW6SC/h8AAI6rmHNXVXSJ2xftzi8Cx26N
QXKzU5xXLvtmLWrakrppCScoPGiWls/rbWFK2I4C/QB185pC2rTqp7dqp2+hk5pm
h/FNvAISU9Mg3w0O+c7zSmrmEZTVNohVUWAJDreHaw2ZTsRDMbHVTD9mtiUuSMfd
gkDAx0SeN/Nt/5Ql9owlKt3KTXFhEQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAg6
9ldPx7nOcdaqnqwnk6UCgSYZMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xMDc5NUM0NkM5NzMxMUVGOEQyODY3OTY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnONWMA0GCSqGSIb3DQEBCwUA
A4IBAQBSTGyyuyyQVm0dcD3+bYFhcOMIrwKeYhaDcLEpcuGGeJI9klfMtc/AdxGq
4gkAYZCSE3LYxCDdCtRIDdriNNR45snlv0GBobeTOQ4snMEKuJix/OP/l+5JnhSY
6UVhLUiTnelT/lJn9AT7SmNoK0RKx+hAbowez0jJMkrSgyNiETXezz6e5QlAJ16l
cKSDGiNjtR7/yCPWYneaPMpEW2NSNaJJ9d+V4I7GERpjRvjzXZglI8xLD7dPWJd9
yaK3OfUeFmeI5jsw1Gr6nd7UZiykDKOaO7KE4hVX7llDdHn8e8LWaM1ZoAZYsDaS
i4HhfQ1NH/kXHAmVT1D6lnjUn0T/
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:38:21 2025 by rpki-client