Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/10EB2162C27C11EFB821225B762E951A.roa
File: 10EB2162C27C11EFB821225B762E951A.roa (raw, json)
Hash identifier: NjZrXUJv+iRCK5CiJSnJPe+yHk+msRzxcfwG7Z7dwtQ=
Subject key identifier: BA:7A:94:82:D4:7B:C2:2C:0D:F7:3B:FA:C3:84:BB:0E:67:BF:79:A3
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E8AB
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/10EB2162C27C11EFB821225B762E951A.roa
Signing time: Wed 25 Dec 2024 04:52:39 +0000
ROA not before: Wed 25 Dec 2024 04:52:35 +0000
ROA not after: Wed 10 Dec 2025 04:52:35 +0000
asID: 984
IP address blocks: 156.227.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59563 (0xe8ab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 25 04:52:35 2024 GMT
Not After : Dec 10 04:52:35 2025 GMT
Subject: CN=676b8f97-f305
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:c9:dd:cb:22:cb:14:77:38:7b:8f:c3:28:ea:
5b:2d:34:0a:96:94:20:a0:f4:71:fb:6d:7e:40:38:
ec:83:79:37:e3:36:78:4f:f5:b7:0e:f5:97:30:0d:
59:a2:66:2f:5b:8d:8c:0f:fe:b0:89:53:0f:76:9b:
ce:90:a5:c0:79:05:be:41:78:31:7f:1f:b6:e6:1d:
9f:4e:c7:eb:1b:fe:51:c0:9a:9b:a9:4e:61:e1:d9:
7c:72:87:17:45:87:26:59:c8:38:78:9c:f7:07:d6:
e6:e6:64:e9:12:82:e4:8a:e2:6a:a7:6d:93:01:33:
20:45:82:9f:26:c7:fb:76:24:34:ab:2b:13:99:4e:
cd:24:34:d6:6c:c8:32:6d:a4:83:9b:1e:26:3c:a8:
a5:b5:59:ca:2d:41:c1:97:2b:21:45:3a:c1:30:c7:
c8:8a:92:19:6a:5e:ab:2f:0d:ec:ae:51:6f:23:4c:
22:38:67:f8:95:b8:1a:64:be:87:b1:b0:59:d4:96:
df:de:47:26:0a:73:26:e8:5c:b2:69:f5:68:ab:66:
5a:9a:ae:aa:7f:43:4b:d1:27:25:ed:b7:2d:50:3f:
30:9a:db:15:05:28:95:d1:50:c6:f6:6f:b6:e2:b3:
d1:6c:c7:af:a2:c5:c2:1a:09:29:0b:16:b8:a4:cd:
ef:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:7A:94:82:D4:7B:C2:2C:0D:F7:3B:FA:C3:84:BB:0E:67:BF:79:A3
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/10EB2162C27C11EFB821225B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.167.0/24
Signature Algorithm: sha256WithRSAEncryption
33:46:68:c2:c2:23:cd:7e:08:e1:d8:86:24:9a:53:ca:c9:93:
f7:96:5f:bf:04:da:87:e6:c0:2d:b1:4b:a3:ce:02:51:ea:6f:
2f:d6:5e:e0:96:dd:2b:70:ee:19:71:38:a1:78:9c:59:b1:76:
09:d7:d8:8f:1d:72:95:bc:62:6a:52:08:3c:7f:d7:af:03:3d:
94:85:21:6a:bf:88:5b:2a:ee:bc:33:4b:84:f5:92:35:a8:4d:
20:6d:46:3f:05:3a:69:16:d1:0e:17:2e:c9:e8:aa:45:9e:cb:
b9:ef:ae:ad:e7:5e:30:cb:76:dd:c4:e0:76:9e:92:51:b3:af:
8c:02:7e:e7:47:60:53:0c:18:5a:09:22:7d:8f:ed:64:9e:99:
e0:43:18:e6:58:2d:90:aa:e2:ff:9d:7a:c7:f5:23:04:c8:b8:
35:23:55:0b:03:97:cc:fb:f6:ae:bd:6e:bf:15:8a:6e:5a:f8:
10:ad:64:d2:84:ef:57:bd:e7:e7:ea:08:b8:3c:cc:e6:bb:3f:
6b:9e:16:fe:21:1e:12:31:44:85:04:2b:3e:59:36:a5:a9:ef:
80:f0:6a:85:17:14:7f:a6:65:4d:cb:f4:f7:5d:22:b3:51:7e:
1d:db:4a:98:cb:11:6c:4c:7c:71:52:ad:4d:bd:94:58:0a:84:
4d:69:9a:be
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOirMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI1MDQ1MjM1WhcNMjUxMjEwMDQ1MjM1WjAYMRYw
FAYDVQQDEw02NzZiOGY5Ny1mMzA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwMndyyLLFHc4e4/DKOpbLTQKlpQgoPRx+21+QDjsg3k34zZ4T/W3DvWX
MA1ZomYvW42MD/6wiVMPdpvOkKXAeQW+QXgxfx+25h2fTsfrG/5RwJqbqU5h4dl8
cocXRYcmWcg4eJz3B9bm5mTpEoLkiuJqp22TATMgRYKfJsf7diQ0qysTmU7NJDTW
bMgybaSDmx4mPKiltVnKLUHBlyshRTrBMMfIipIZal6rLw3srlFvI0wiOGf4lbga
ZL6HsbBZ1Jbf3kcmCnMm6FyyafVoq2Zamq6qf0NL0Scl7bctUD8wmtsVBSiV0VDG
9m+24rPRbMevosXCGgkpCxa4pM3vVwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLp6
lILUe8IsDfc7+sOEuw5nv3mjMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xMEVCMjE2MkMyN0MxMUVGQjgyMTIyNUI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOOnMA0GCSqGSIb3DQEBCwUA
A4IBAQAzRmjCwiPNfgjh2IYkmlPKyZP3ll+/BNqH5sAtsUujzgJR6m8v1l7glt0r
cO4ZcTiheJxZsXYJ19iPHXKVvGJqUgg8f9evAz2UhSFqv4hbKu68M0uE9ZI1qE0g
bUY/BTppFtEOFy7J6KpFnsu5766t514wy3bdxOB2npJRs6+MAn7nR2BTDBhaCSJ9
j+1knpngQxjmWC2QquL/nXrH9SMEyLg1I1ULA5fM+/auvW6/FYpuWvgQrWTShO9X
vefn6gi4PMzmuz9rnhb+IR4SMUSFBCs+WTalqe+A8GqFFxR/pmVNy/T3XSKzUX4d
20qYyxFsTHxxUq1NvZRYCoRNaZq+
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:52:51 2025 by rpki-client