Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/18AB3774C98511EF817CD19A762E951A.roa
File: 18AB3774C98511EF817CD19A762E951A.roa (raw, json)
Hash identifier: oBDIZSmTASSipDNQGbYlbLDCO4pWE2BSlnhSVYcrdjg=
Subject key identifier: 64:A3:6F:30:FD:55:98:00:51:1C:60:34:DB:B0:5B:02:34:9F:59:72
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F575
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/18AB3774C98511EF817CD19A762E951A.roa
Signing time: Fri 03 Jan 2025 03:44:55 +0000
ROA not before: Fri 03 Jan 2025 03:44:52 +0000
ROA not after: Mon 13 Dec 2027 03:44:52 +0000
asID: 17561
IP address blocks: 156.232.71.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62837 (0xf575)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 03:44:52 2025 GMT
Not After : Dec 13 03:44:52 2027 GMT
Subject: CN=67775d37-2bfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:e9:e3:a1:f0:07:68:bf:ba:78:7e:80:80:8f:
94:74:91:e9:a0:83:ca:91:aa:30:e8:85:fc:ed:f9:
1f:e0:66:eb:58:bd:3d:b7:8c:3d:ff:45:bd:d9:31:
77:96:1c:90:c8:97:77:e7:b4:c3:3e:99:e9:37:7d:
3f:bd:5e:b0:c7:d3:7f:8c:44:14:3c:f5:d8:92:86:
d7:80:bc:ce:e6:3d:7d:49:94:9b:15:ca:8d:53:94:
83:fe:ba:67:4a:42:4b:69:cc:f5:b8:ad:fd:03:8b:
ef:23:37:06:22:20:42:6a:ed:70:83:3e:c3:2f:95:
be:bb:df:41:fb:40:49:05:a7:5a:9a:7e:35:bd:05:
26:69:33:f1:86:50:3e:6c:88:47:2c:54:92:05:0c:
6f:af:2d:26:fb:7d:13:79:40:54:83:25:5e:c7:5e:
83:f4:dc:e1:8d:b4:84:4e:0c:0a:d1:85:22:31:9b:
6a:4f:18:58:24:d4:cd:54:53:69:5e:44:e0:8e:c9:
83:f1:9a:45:7e:92:97:f9:df:38:77:d6:61:e3:89:
b8:56:f0:b5:87:8a:cb:ed:59:a5:d8:f1:f6:4a:80:
10:a2:2a:c2:1e:ba:b7:70:de:18:67:4b:2f:23:71:
c5:2b:09:87:50:90:cb:db:84:46:1c:00:4d:92:5e:
e5:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:A3:6F:30:FD:55:98:00:51:1C:60:34:DB:B0:5B:02:34:9F:59:72
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/18AB3774C98511EF817CD19A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.232.71.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:04:53:1f:45:72:e9:34:7b:a1:e1:de:9d:57:a7:40:2d:85:
1c:d3:54:c3:23:fb:d8:7d:35:c2:23:00:6e:3b:e6:dd:57:1b:
ad:0a:3e:18:0b:5f:e2:49:ac:11:ad:94:87:b3:84:4e:67:48:
bc:df:c0:59:17:f6:59:74:cc:ca:4a:c7:b3:00:4a:74:48:e6:
38:26:3d:58:51:1b:43:2f:63:95:8f:d6:a4:99:e6:6e:e1:b3:
d9:c6:fa:28:10:b7:e7:cf:05:60:9a:6b:fd:5c:0e:02:8b:16:
bd:f9:e6:36:ba:4f:50:6b:82:26:16:93:d7:67:08:8e:07:5f:
d5:8a:1b:76:51:b4:a5:33:8c:47:61:6a:67:d6:53:28:49:ec:
45:de:1a:5c:a4:c0:f2:66:6a:c5:09:0f:07:d3:05:30:63:0a:
4d:17:c4:11:9d:3d:dc:c5:e9:5b:7d:44:02:15:e9:91:b4:90:
26:e3:10:1c:43:ab:ad:aa:d8:4e:f9:42:a1:48:fe:64:23:7e:
91:10:79:49:7d:38:68:f8:90:12:80:bd:17:aa:65:f5:f5:f1:
ee:60:2f:71:02:0c:c5:51:45:07:c1:ba:5e:bf:48:bc:5a:c1:
2c:8a:33:6e:e9:08:6b:90:3a:cf:61:7e:29:97:4c:bf:41:1f:
4f:46:6d:bc
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPV1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDM0NDUyWhcNMjcxMjEzMDM0NDUyWjAYMRYw
FAYDVQQDEw02Nzc3NWQzNy0yYmZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyunjofAHaL+6eH6AgI+UdJHpoIPKkaow6IX87fkf4GbrWL09t4w9/0W9
2TF3lhyQyJd357TDPpnpN30/vV6wx9N/jEQUPPXYkobXgLzO5j19SZSbFcqNU5SD
/rpnSkJLacz1uK39A4vvIzcGIiBCau1wgz7DL5W+u99B+0BJBadamn41vQUmaTPx
hlA+bIhHLFSSBQxvry0m+30TeUBUgyVex16D9NzhjbSETgwK0YUiMZtqTxhYJNTN
VFNpXkTgjsmD8ZpFfpKX+d84d9Zh44m4VvC1h4rL7Vml2PH2SoAQoirCHrq3cN4Y
Z0svI3HFKwmHUJDL24RGHABNkl7lMwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGSj
bzD9VZgAURxgNNuwWwI0n1lyMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xOEFCMzc3NEM5ODUxMUVGODE3Q0QxOUE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOhHMA0GCSqGSIb3DQEBCwUA
A4IBAQA8BFMfRXLpNHuh4d6dV6dALYUc01TDI/vYfTXCIwBuO+bdVxutCj4YC1/i
SawRrZSHs4ROZ0i838BZF/ZZdMzKSsezAEp0SOY4Jj1YURtDL2OVj9akmeZu4bPZ
xvooELfnzwVgmmv9XA4Cixa9+eY2uk9Qa4ImFpPXZwiOB1/Viht2UbSlM4xHYWpn
1lMoSexF3hpcpMDyZmrFCQ8H0wUwYwpNF8QRnT3cxelbfUQCFemRtJAm4xAcQ6ut
qthO+UKhSP5kI36REHlJfTho+JASgL0XqmX19fHuYC9xAgzFUUUHwbpev0i8WsEs
ijNu6QhrkDrPYX4pl0y/QR9PRm28
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:50:31 2025 by rpki-client