Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1C44AC64C94C11EFBAC50F9A762E951A.roa
File: 1C44AC64C94C11EFBAC50F9A762E951A.roa (raw, json)
Hash identifier: XVWTsSpY0sINLpmjYId7T2Kxu8TgIzCQbQtYfXe85AQ=
Subject key identifier: BF:97:8A:1E:28:ED:BB:49:1C:7A:4F:9F:90:D9:5A:62:18:01:0C:98
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F398
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1C44AC64C94C11EFBAC50F9A762E951A.roa
Signing time: Thu 02 Jan 2025 20:57:00 +0000
ROA not before: Thu 02 Jan 2025 20:56:56 +0000
ROA not after: Mon 13 Dec 2027 20:56:56 +0000
asID: 17561
IP address blocks: 156.225.163.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62360 (0xf398)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 2 20:56:56 2025 GMT
Not After : Dec 13 20:56:56 2027 GMT
Subject: CN=6776fd9c-998b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:2a:47:2c:b9:e7:aa:cc:96:a8:f7:7e:90:9d:
bb:08:5e:92:17:4f:a1:69:d8:10:d9:9a:66:8f:07:
ae:81:da:58:e9:e0:6f:47:b8:4e:14:58:c3:14:8c:
4a:24:0a:d2:db:a2:dc:86:46:ba:2b:79:ac:42:e9:
b9:85:e1:e7:5d:72:dc:95:98:31:11:16:c8:b1:0d:
5d:32:0a:a7:bc:84:32:35:13:da:32:9c:55:7f:75:
1c:5d:4e:a2:ba:25:41:83:4c:ec:9b:90:ed:a1:62:
0e:28:56:9a:99:f5:f4:54:45:64:0d:67:c5:b8:a3:
a4:a9:7d:ad:61:0d:e6:f2:2b:55:e6:fc:ba:cd:4a:
ac:67:e8:af:1c:90:b4:67:56:67:74:7f:34:be:c9:
3a:6b:9a:79:cd:5d:4b:08:b0:70:93:90:7d:71:ec:
1b:32:87:6c:23:5f:89:0c:cd:07:7a:d8:13:a1:34:
d7:7a:8e:0a:f0:0a:3b:66:ea:4d:09:19:e2:1c:65:
d2:75:09:ad:49:82:e0:56:ab:36:1d:a0:2a:44:02:
6c:3b:ff:14:12:fc:84:52:a7:c9:f9:fd:b5:8d:2f:
0e:1d:a1:25:2a:f9:f9:c4:d4:54:20:5d:8c:b7:97:
43:2e:4e:01:b0:51:5f:7f:62:1b:af:c0:3a:2e:31:
de:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:97:8A:1E:28:ED:BB:49:1C:7A:4F:9F:90:D9:5A:62:18:01:0C:98
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1C44AC64C94C11EFBAC50F9A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.163.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:e7:ba:01:ad:3a:78:ad:93:da:ac:61:52:40:8b:09:b4:9b:
87:5a:f1:0a:3a:1f:88:dd:8f:a6:42:30:6e:43:f3:46:9a:8d:
f5:43:93:a6:3e:08:d6:f5:00:9a:81:e8:00:5f:bb:69:a4:ab:
fb:35:b4:49:eb:ef:45:42:1a:42:c7:63:be:41:cc:62:a3:3e:
51:ea:4d:07:2b:26:f2:f7:ad:5c:24:83:e2:32:5f:d4:dc:ca:
58:5e:25:0a:d0:12:92:8b:00:5d:25:8a:6d:b2:c7:e7:d5:f0:
6c:c4:64:8d:da:ac:42:31:f9:24:52:47:e5:77:15:ab:51:db:
66:48:a9:eb:92:3f:2b:98:84:54:4d:78:6e:e2:04:5a:67:7a:
ef:e7:71:63:e5:98:8b:32:0c:2a:3c:6a:f1:fd:42:d1:e9:3f:
84:f8:60:7e:b6:fb:3c:12:e2:05:24:28:1e:97:69:26:95:97:
de:23:f9:b8:ac:de:18:55:0e:46:a4:e4:37:b0:36:82:e1:64:
9d:e7:a5:80:6f:90:16:88:43:1b:55:2f:ae:14:d1:86:d3:a0:
db:32:7f:a3:41:1b:1b:da:36:51:7b:c6:fa:d6:d2:71:e5:37:
15:f9:43:47:94:66:51:7f:95:2f:cd:eb:5d:c3:54:88:8f:ee:
5f:02:6b:69
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPOYMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAyMjA1NjU2WhcNMjcxMjEzMjA1NjU2WjAYMRYw
FAYDVQQDEw02Nzc2ZmQ5Yy05OThiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyCpHLLnnqsyWqPd+kJ27CF6SF0+hadgQ2ZpmjweugdpY6eBvR7hOFFjD
FIxKJArS26Lchka6K3msQum5heHnXXLclZgxERbIsQ1dMgqnvIQyNRPaMpxVf3Uc
XU6iuiVBg0zsm5DtoWIOKFaamfX0VEVkDWfFuKOkqX2tYQ3m8itV5vy6zUqsZ+iv
HJC0Z1ZndH80vsk6a5p5zV1LCLBwk5B9cewbModsI1+JDM0HetgToTTXeo4K8Ao7
ZupNCRniHGXSdQmtSYLgVqs2HaAqRAJsO/8UEvyEUqfJ+f21jS8OHaElKvn5xNRU
IF2Mt5dDLk4BsFFff2Ibr8A6LjHe4wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFL+X
ih4o7btJHHpPn5DZWmIYAQyYMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xQzQ0QUM2NEM5NEMxMUVGQkFDNTBGOUE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOGjMA0GCSqGSIb3DQEBCwUA
A4IBAQBe57oBrTp4rZParGFSQIsJtJuHWvEKOh+I3Y+mQjBuQ/NGmo31Q5OmPgjW
9QCagegAX7tppKv7NbRJ6+9FQhpCx2O+Qcxioz5R6k0HKyby961cJIPiMl/U3MpY
XiUK0BKSiwBdJYptssfn1fBsxGSN2qxCMfkkUkfldxWrUdtmSKnrkj8rmIRUTXhu
4gRaZ3rv53Fj5ZiLMgwqPGrx/ULR6T+E+GB+tvs8EuIFJCgel2kmlZfeI/m4rN4Y
VQ5GpOQ3sDaC4WSd56WAb5AWiEMbVS+uFNGG06DbMn+jQRsb2jZRe8b61tJx5TcV
+UNHlGZRf5Uvzetdw1SIj+5fAmtp
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:01:35 2025 by rpki-client