Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/229F6EC8D18011EFADBDF042762E951A.roa
File: 229F6EC8D18011EFADBDF042762E951A.roa (raw, json)
Hash identifier: plcR1xhjfwVntUuZNaoGjaFlei0OjR+xoSpdLE9ipUo=
Subject key identifier: 52:C6:B0:C7:08:AC:05:21:A0:3F:80:9A:FD:DC:5F:70:A7:94:8B:70
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010698
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/229F6EC8D18011EFADBDF042762E951A.roa
Signing time: Mon 13 Jan 2025 07:29:34 +0000
ROA not before: Mon 13 Jan 2025 07:29:30 +0000
ROA not after: Thu 20 Feb 2025 07:29:30 +0000
asID: 60223
IP address blocks: 156.253.229.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67224 (0x10698)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 13 07:29:30 2025 GMT
Not After : Feb 20 07:29:30 2025 GMT
Subject: CN=6784c0de-9e9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:aa:ab:5c:2b:6f:a7:a1:d1:aa:5e:c8:9b:7e:
b4:5f:b8:0a:8a:95:b2:1d:45:fa:c4:4d:3d:7f:35:
91:b0:fd:26:10:53:8b:c2:bd:2c:1a:a4:3d:0b:42:
64:02:f1:7c:da:eb:0e:12:2d:77:68:ba:5f:e8:f7:
7c:ab:b7:3e:e8:0c:ff:a8:89:5d:e0:41:94:91:ec:
d9:00:3d:23:2f:21:97:ae:2b:d1:b3:67:fd:ca:fc:
dc:82:04:39:48:ee:38:98:1c:ee:50:e1:d7:3c:69:
93:83:3a:aa:11:92:26:43:57:1c:20:a8:ab:31:ab:
f4:bf:c8:36:2d:6e:af:cf:99:51:08:4e:91:07:4f:
4d:61:15:d7:23:23:b2:fe:57:53:dd:21:46:c3:99:
52:08:51:7d:d0:25:7e:eb:77:e2:28:81:f3:f8:0c:
7c:de:52:7d:df:c1:84:db:ef:9a:93:d7:63:26:4b:
f4:07:12:03:73:65:23:fc:aa:87:ca:a0:c9:4a:d4:
50:25:00:24:8d:34:a8:f9:cc:b9:bd:4b:6c:a8:16:
3a:f9:d7:00:aa:4e:7e:a3:34:3d:f8:ad:b8:d6:85:
e3:15:68:28:25:60:a6:d9:36:87:df:dc:96:fd:79:
5f:78:b0:be:c9:a8:0e:70:9f:57:ff:c9:df:01:5e:
9f:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:C6:B0:C7:08:AC:05:21:A0:3F:80:9A:FD:DC:5F:70:A7:94:8B:70
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/229F6EC8D18011EFADBDF042762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.253.229.0/24
Signature Algorithm: sha256WithRSAEncryption
58:b5:f3:91:7d:a9:e6:b4:76:73:83:4a:ce:cf:71:4c:7e:0f:
29:b0:8e:c7:95:69:19:7f:cb:23:d0:ea:9b:60:46:51:b5:2c:
1c:40:b4:8e:ee:24:cd:24:82:65:8e:4c:3d:95:4e:70:72:d0:
74:39:34:f8:b0:53:7f:16:ca:b8:40:a8:86:db:8b:3d:d2:84:
3d:0a:6a:43:e3:4c:57:17:69:43:19:15:91:94:b1:40:f7:6f:
b7:38:48:95:b5:16:c5:3e:1e:6a:8a:e3:ef:a1:dd:b7:74:b6:
4f:ad:21:0c:db:bf:3f:3c:54:cd:58:27:96:3e:69:fa:02:18:
45:4a:ca:28:d8:1e:5a:00:26:fc:3b:aa:50:3b:05:38:64:fd:
17:1f:5b:af:bd:03:bf:37:1f:4d:84:2d:44:c4:83:d4:ae:4d:
5f:46:f1:10:3a:47:6a:37:4e:14:ab:1b:44:54:20:a8:a8:9f:
a2:bf:ef:27:0a:66:81:1f:b1:fc:de:55:66:09:69:a1:dd:0d:
c1:bc:9d:7c:dc:66:f2:7e:e8:45:94:f8:58:4d:b7:77:d1:93:
98:43:4b:45:41:80:1c:12:ce:ef:45:50:90:39:e5:59:d1:9c:
cd:c8:0a:dc:14:e5:4b:6f:86:02:06:b0:2c:9a:54:5d:4b:8b:
f6:de:63:47
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQaYMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTEzMDcyOTMwWhcNMjUwMjIwMDcyOTMwWjAYMRYw
FAYDVQQDEw02Nzg0YzBkZS05ZTlhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyaqrXCtvp6HRql7Im360X7gKipWyHUX6xE09fzWRsP0mEFOLwr0sGqQ9
C0JkAvF82usOEi13aLpf6Pd8q7c+6Az/qIld4EGUkezZAD0jLyGXrivRs2f9yvzc
ggQ5SO44mBzuUOHXPGmTgzqqEZImQ1ccIKirMav0v8g2LW6vz5lRCE6RB09NYRXX
IyOy/ldT3SFGw5lSCFF90CV+63fiKIHz+Ax83lJ938GE2++ak9djJkv0BxIDc2Uj
/KqHyqDJStRQJQAkjTSo+cy5vUtsqBY6+dcAqk5+ozQ9+K241oXjFWgoJWCm2TaH
39yW/XlfeLC+yagOcJ9X/8nfAV6fbwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFLG
sMcIrAUhoD+Amv3cX3CnlItwMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yMjlGNkVDOEQxODAxMUVGQURCREYwNDI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP3lMA0GCSqGSIb3DQEBCwUA
A4IBAQBYtfORfanmtHZzg0rOz3FMfg8psI7HlWkZf8sj0OqbYEZRtSwcQLSO7iTN
JIJljkw9lU5wctB0OTT4sFN/Fsq4QKiG24s90oQ9CmpD40xXF2lDGRWRlLFA92+3
OEiVtRbFPh5qiuPvod23dLZPrSEM278/PFTNWCeWPmn6AhhFSsoo2B5aACb8O6pQ
OwU4ZP0XH1uvvQO/Nx9NhC1ExIPUrk1fRvEQOkdqN04UqxtEVCCoqJ+iv+8nCmaB
H7H83lVmCWmh3Q3BvJ183GbyfuhFlPhYTbd30ZOYQ0tFQYAcEs7vRVCQOeVZ0ZzN
yArcFOVLb4YCBrAsmlRdS4v23mNH
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:56:46 2025 by rpki-client