Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1845DDFEC32011EF8244E353762E951A.roa
File: 1845DDFEC32011EF8244E353762E951A.roa (raw, json)
Hash identifier: 46Kd2EzGYuO9tfApM3AKyBtBdCniScuszi9xbPaekg0=
Subject key identifier: 21:69:38:7A:62:33:B8:A6:D4:27:FD:8F:B3:D4:41:DD:89:D5:95:4E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EA15
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1845DDFEC32011EF8244E353762E951A.roa
Signing time: Thu 26 Dec 2024 00:26:49 +0000
ROA not before: Thu 26 Dec 2024 00:00:45 +0000
ROA not after: Wed 10 Dec 2025 00:00:45 +0000
asID: 984
IP address blocks: 156.228.217.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59925 (0xea15)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 00:00:45 2024 GMT
Not After : Dec 10 00:00:45 2025 GMT
Subject: CN=676ca2c8-42df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:81:97:dd:f8:5e:52:86:d8:e1:c4:d7:4e:07:
ee:d2:4b:63:88:49:01:94:11:10:ec:e0:71:ef:7d:
c5:88:ca:ce:7a:f9:d3:01:15:56:31:81:76:c0:2d:
ec:43:63:cb:9f:aa:52:5a:e0:78:69:a9:5a:41:8e:
8e:32:da:cf:09:f4:a5:c9:86:77:e0:4f:c8:a9:59:
bb:9a:74:35:ec:5b:fe:7a:cb:cb:60:f9:bf:17:42:
3b:81:31:c8:d6:a5:df:8a:9c:23:6f:19:da:7f:4f:
db:ba:5c:91:b4:fd:19:e8:e3:c6:32:07:63:9d:12:
69:42:be:6d:b0:90:a7:0a:59:47:be:64:1a:1c:71:
26:30:21:1c:f4:cf:90:f8:a7:a9:0a:6d:a8:f9:cd:
79:8c:ae:4b:d5:12:b7:ba:c3:a7:ec:99:d8:32:90:
fd:a1:30:a6:42:83:14:23:ff:ce:57:3b:50:bb:5b:
77:3c:94:cf:b3:b2:97:6f:fd:43:7e:b2:1e:4d:b5:
4f:10:e2:74:aa:bf:d3:ac:a7:e8:7a:c0:41:12:1a:
51:3a:aa:26:45:76:f9:fe:fb:2a:a6:17:2d:d0:71:
c8:c2:64:da:ff:9e:41:02:c5:89:65:3f:8c:2e:6e:
4c:1a:c8:77:60:c8:12:7c:d9:52:a0:88:8d:2c:b2:
00:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:69:38:7A:62:33:B8:A6:D4:27:FD:8F:B3:D4:41:DD:89:D5:95:4E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1845DDFEC32011EF8244E353762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.217.0/24
Signature Algorithm: sha256WithRSAEncryption
92:e6:ea:4a:9a:fa:6b:9a:fa:13:ec:0d:af:53:38:fe:8d:8e:
08:55:37:17:35:8e:6a:ab:6b:bf:e1:9a:68:6b:09:86:87:5d:
53:2b:2d:7b:00:a5:2c:a3:c3:61:13:a6:fe:92:33:4c:48:d8:
7f:66:29:d1:8c:39:83:79:40:7e:69:17:d8:de:9f:8a:31:16:
e9:ee:60:48:48:77:59:95:c5:f5:e2:ab:f1:e8:12:5d:17:54:
88:89:00:f8:9b:cf:16:87:09:29:b9:57:bf:89:0c:19:22:42:
3f:d0:3d:26:9e:22:94:41:d9:63:9b:3e:eb:19:27:1c:74:7f:
23:91:78:7e:b3:cf:00:8f:35:73:af:99:bf:62:f4:8b:bf:02:
1c:ab:0b:c9:0e:fb:19:3f:d5:23:77:98:cc:46:4b:7b:3d:3b:
91:64:23:a0:93:f2:97:16:c2:0b:06:ca:bc:46:41:7f:89:b0:
95:ef:bc:6b:6f:98:f9:a6:7d:d4:d6:a3:e6:bd:bb:1f:d7:c8:
bb:fd:ed:b1:b3:d6:33:fb:ff:86:60:2c:d3:55:fe:52:d9:25:
67:87:f5:97:80:c4:44:2a:e0:04:80:1c:61:27:4e:d9:f4:4b:
67:c9:a8:9b:7c:ee:7d:f6:c4:66:d8:a7:b7:49:6e:48:db:d8:
3e:fc:3e:ac
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOoVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDAwMDQ1WhcNMjUxMjEwMDAwMDQ1WjAYMRYw
FAYDVQQDEw02NzZjYTJjOC00MmRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0YGX3fheUobY4cTXTgfu0ktjiEkBlBEQ7OBx733FiMrOevnTARVWMYF2
wC3sQ2PLn6pSWuB4aalaQY6OMtrPCfSlyYZ34E/IqVm7mnQ17Fv+esvLYPm/F0I7
gTHI1qXfipwjbxnaf0/bulyRtP0Z6OPGMgdjnRJpQr5tsJCnCllHvmQaHHEmMCEc
9M+Q+KepCm2o+c15jK5L1RK3usOn7JnYMpD9oTCmQoMUI//OVztQu1t3PJTPs7KX
b/1DfrIeTbVPEOJ0qr/TrKfoesBBEhpROqomRXb5/vsqphct0HHIwmTa/55BAsWJ
ZT+MLm5MGsh3YMgSfNlSoIiNLLIAiwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCFp
OHpiM7im1Cf9j7PUQd2J1ZVOMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xODQ1RERGRUMzMjAxMUVGODI0NEUzNTM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOTZMA0GCSqGSIb3DQEBCwUA
A4IBAQCS5upKmvprmvoT7A2vUzj+jY4IVTcXNY5qq2u/4ZpoawmGh11TKy17AKUs
o8NhE6b+kjNMSNh/ZinRjDmDeUB+aRfY3p+KMRbp7mBISHdZlcX14qvx6BJdF1SI
iQD4m88WhwkpuVe/iQwZIkI/0D0mniKUQdljmz7rGSccdH8jkXh+s88AjzVzr5m/
YvSLvwIcqwvJDvsZP9Ujd5jMRkt7PTuRZCOgk/KXFsILBsq8RkF/ibCV77xrb5j5
pn3U1qPmvbsf18i7/e2xs9Yz+/+GYCzTVf5S2SVnh/WXgMREKuAEgBxhJ07Z9Etn
yaibfO599sRm2Ke3SW5I29g+/D6s
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:52:23 2025 by rpki-client