Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/22A4BC7CC32D11EFBE2092B2762E951A.roa
File: 22A4BC7CC32D11EFBE2092B2762E951A.roa (raw, json)
Hash identifier: mpOigbklO7ZS9Imds21hR10mt55Vvlo/JECV/hwQURk=
Subject key identifier: EF:73:99:81:5F:39:48:7A:B3:D5:66:03:74:43:20:D2:8B:98:BE:4C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EADF
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/22A4BC7CC32D11EFBE2092B2762E951A.roa
Signing time: Thu 26 Dec 2024 02:00:09 +0000
ROA not before: Thu 26 Dec 2024 02:00:06 +0000
ROA not after: Wed 10 Dec 2025 02:00:06 +0000
asID: 984
IP address blocks: 156.243.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60127 (0xeadf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 02:00:06 2024 GMT
Not After : Dec 10 02:00:06 2025 GMT
Subject: CN=676cb8a9-a3b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:7b:26:68:72:a2:ac:53:6f:82:3e:b6:93:ac:
8c:2e:2d:d4:95:52:13:08:8c:26:be:dc:16:35:89:
fa:1b:8b:c4:b2:05:23:ac:87:45:d3:ec:4f:05:c7:
8e:44:4d:a5:b5:12:90:8d:18:73:77:d7:02:65:a2:
a9:3a:83:7f:62:0a:64:96:56:20:20:ca:bd:59:66:
86:28:40:f2:f8:72:bf:2f:b5:fa:8f:eb:ac:7f:36:
b4:ed:94:e9:b6:df:a9:1f:e7:b0:79:08:30:ed:03:
9f:5a:e1:e0:ea:ae:07:eb:0c:76:0f:73:df:3c:92:
53:3a:6d:f1:88:13:42:fd:f3:33:99:09:60:6b:74:
17:ff:5a:68:6c:8e:db:ac:e2:fa:ca:22:27:b1:c4:
2e:04:c2:14:0b:d1:3c:36:64:83:bf:6c:09:9d:01:
13:57:e4:e5:a9:38:67:6e:30:d8:1c:2c:6c:d8:f8:
fa:fa:e0:9c:2d:2f:64:a7:c5:27:56:20:df:a0:6a:
da:e0:ec:3c:93:3a:05:72:40:e3:ab:0b:dc:6b:35:
39:c6:86:90:de:ad:2c:d3:b9:32:0b:ac:73:33:bf:
19:83:e0:68:27:46:16:ff:63:51:5e:d5:1e:51:6b:
bb:ff:a9:b5:87:5b:31:d3:83:0c:f5:5f:8b:1d:7e:
91:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:73:99:81:5F:39:48:7A:B3:D5:66:03:74:43:20:D2:8B:98:BE:4C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/22A4BC7CC32D11EFBE2092B2762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.208.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:bc:41:9a:d6:55:cd:b4:b4:3c:fc:59:7e:99:47:ce:94:e2:
ab:ce:86:cf:ba:dc:4a:2d:bf:17:75:d9:fe:10:ac:af:da:f7:
fe:de:5e:59:fa:d3:80:69:84:6f:c1:6a:15:59:bc:57:69:9d:
d1:b0:a1:74:29:22:91:16:0e:3a:b2:86:b8:be:c9:61:65:9b:
92:42:97:a5:8f:d2:26:4d:59:58:4a:1f:f6:b3:71:bd:11:78:
6b:f5:a1:d9:04:5c:a0:00:ae:6e:50:50:7a:58:1e:29:b9:22:
77:c3:07:4e:44:03:53:79:ca:84:e9:b5:9b:87:4b:76:87:ac:
a4:23:e1:1d:73:4b:9e:be:12:53:bb:1f:b7:e0:eb:c1:92:4d:
cf:e9:08:32:31:85:d1:cf:4d:d5:bb:3e:53:21:26:3b:14:ee:
56:8f:00:b4:26:28:7e:7d:95:99:02:52:4a:7d:d7:d6:f2:cc:
59:25:29:9d:f8:11:67:5e:4e:9e:fd:e2:91:1a:4c:91:3c:2c:
ee:bb:c0:7f:7f:02:10:20:6b:1f:44:5d:ff:8c:e3:7e:d7:fe:
eb:dc:bf:14:6e:47:d7:c1:8f:3c:b9:a4:79:63:35:ff:7c:39:
a9:ff:47:95:53:5d:8c:6a:8b:13:bb:88:db:dd:58:e2:75:d9:
9e:29:ca:0d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOrfMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDIwMDA2WhcNMjUxMjEwMDIwMDA2WjAYMRYw
FAYDVQQDEw02NzZjYjhhOS1hM2IwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmnsmaHKirFNvgj62k6yMLi3UlVITCIwmvtwWNYn6G4vEsgUjrIdF0+xP
BceORE2ltRKQjRhzd9cCZaKpOoN/YgpkllYgIMq9WWaGKEDy+HK/L7X6j+usfza0
7ZTptt+pH+eweQgw7QOfWuHg6q4H6wx2D3PfPJJTOm3xiBNC/fMzmQlga3QX/1po
bI7brOL6yiInscQuBMIUC9E8NmSDv2wJnQETV+TlqThnbjDYHCxs2Pj6+uCcLS9k
p8UnViDfoGra4Ow8kzoFckDjqwvcazU5xoaQ3q0s07kyC6xzM78Zg+BoJ0YW/2NR
XtUeUWu7/6m1h1sx04MM9V+LHX6RqQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFO9z
mYFfOUh6s9VmA3RDINKLmL5MMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yMkE0QkM3Q0MzMkQxMUVGQkUyMDkyQjI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPPQMA0GCSqGSIb3DQEBCwUA
A4IBAQCbvEGa1lXNtLQ8/Fl+mUfOlOKrzobPutxKLb8Xddn+EKyv2vf+3l5Z+tOA
aYRvwWoVWbxXaZ3RsKF0KSKRFg46soa4vslhZZuSQpelj9ImTVlYSh/2s3G9EXhr
9aHZBFygAK5uUFB6WB4puSJ3wwdORANTecqE6bWbh0t2h6ykI+Edc0uevhJTux+3
4OvBkk3P6QgyMYXRz03Vuz5TISY7FO5WjwC0Jih+fZWZAlJKfdfW8sxZJSmd+BFn
Xk6e/eKRGkyRPCzuu8B/fwIQIGsfRF3/jON+1/7r3L8UbkfXwY88uaR5YzX/fDmp
/0eVU12MaosTu4jb3VjiddmeKcoN
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:52:20 2025 by rpki-client