Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/233D5898BB7A11EFB17EE4A2762E951A.roa
File: 233D5898BB7A11EFB17EE4A2762E951A.roa (raw, json)
Hash identifier: 41JBMPHRLYQNUpCAm5zXfNRzOkxpI383jXCTlNoUAqY=
Subject key identifier: FF:9A:BE:B4:54:39:5D:8E:9F:D5:EA:28:57:F0:A4:D9:75:D7:92:F6
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E412
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/233D5898BB7A11EFB17EE4A2762E951A.roa
Signing time: Mon 16 Dec 2024 06:51:12 +0000
ROA not before: Mon 16 Dec 2024 06:51:09 +0000
ROA not after: Tue 04 Mar 2025 06:51:09 +0000
asID: 136970
IP address blocks: 156.236.67.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58386 (0xe412)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 16 06:51:09 2024 GMT
Not After : Mar 4 06:51:09 2025 GMT
Subject: CN=675fcde0-30ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:49:05:2d:46:24:34:1b:4a:d1:14:f7:48:d3:
6b:ce:48:32:b2:8e:b7:12:76:da:c6:3e:61:06:ec:
6e:19:c4:06:eb:60:8e:86:7e:ba:a5:7e:a8:28:7c:
77:1b:bb:6b:b0:6c:30:5f:cc:9a:a0:e8:26:b8:9a:
1d:fe:aa:9b:37:6f:70:b9:83:bf:b6:e3:09:07:c5:
fa:db:f9:e1:ee:9b:ab:f0:a8:40:b9:3f:f5:8d:c6:
91:1d:12:59:99:83:ee:7a:fd:bb:73:55:16:34:e0:
ac:d5:d0:8b:6b:98:0b:a8:08:29:1f:1d:91:23:f6:
9c:53:6f:b6:4f:97:63:56:44:b3:38:f7:df:83:79:
17:17:fb:b7:77:d9:f9:09:3c:23:53:fb:73:00:80:
2a:13:3e:87:e5:fa:46:3f:5c:70:8d:a5:c3:94:82:
ba:d7:60:81:db:eb:f5:00:a5:21:8c:97:fc:59:a8:
14:05:d3:6d:ea:fc:c8:0c:1b:58:7e:b8:17:fa:c4:
1c:6e:11:30:13:71:1f:3c:86:d2:29:60:d8:4d:b5:
7f:0e:70:db:be:bc:c0:f4:e9:9d:88:78:ac:23:fa:
36:7b:9c:76:93:24:40:69:5d:dd:08:94:72:d2:ed:
94:2e:56:d1:0b:db:7a:ca:80:cd:70:4c:67:3c:7a:
1d:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:9A:BE:B4:54:39:5D:8E:9F:D5:EA:28:57:F0:A4:D9:75:D7:92:F6
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/233D5898BB7A11EFB17EE4A2762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.236.67.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:e5:64:7c:10:aa:74:30:22:dc:f7:92:55:e2:72:fb:21:c5:
bf:18:9a:3c:9d:c9:99:14:9f:33:d2:32:8d:7c:fb:6c:68:87:
30:99:64:ee:c7:4a:4e:c3:2b:bb:97:95:d7:5f:86:71:0d:1e:
aa:7a:f7:06:c9:28:3b:7f:f9:a9:0c:23:2e:14:f9:25:70:98:
5e:a8:cd:1c:72:cf:8b:8f:28:4b:37:49:d4:86:93:86:87:5c:
c6:3d:63:49:ea:e9:c3:bd:de:58:87:1a:8c:af:77:63:d8:5a:
e9:c4:85:4d:3f:a7:02:c1:60:e8:65:7a:03:a4:ea:ae:e9:25:
73:b1:5d:71:0c:a7:ae:d5:aa:f1:71:1b:71:3f:8e:11:74:78:
01:ae:f6:ec:d5:a9:9b:2c:57:48:2a:8f:f9:0c:b3:0f:ae:3e:
8e:50:e0:c5:aa:d6:d1:9e:94:1b:8d:fd:e8:9a:dd:28:8f:19:
11:e4:a6:c4:ee:d7:ef:0e:0e:94:61:9a:39:50:a7:ef:1b:8a:
46:22:a5:52:4a:05:05:8f:7b:7b:9d:eb:5c:0c:87:99:0e:23:
2e:47:de:fc:53:45:ed:65:18:a3:7d:09:95:ec:13:9b:99:f5:
24:e2:da:9a:dc:d4:8f:6d:71:88:15:a0:a2:b4:a7:6d:ac:bf:
bd:cd:1a:68
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOQSMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjE2MDY1MTA5WhcNMjUwMzA0MDY1MTA5WjAYMRYw
FAYDVQQDEw02NzVmY2RlMC0zMGNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnkkFLUYkNBtK0RT3SNNrzkgyso63Enbaxj5hBuxuGcQG62COhn66pX6o
KHx3G7trsGwwX8yaoOgmuJod/qqbN29wuYO/tuMJB8X62/nh7pur8KhAuT/1jcaR
HRJZmYPuev27c1UWNOCs1dCLa5gLqAgpHx2RI/acU2+2T5djVkSzOPffg3kXF/u3
d9n5CTwjU/tzAIAqEz6H5fpGP1xwjaXDlIK612CB2+v1AKUhjJf8WagUBdNt6vzI
DBtYfrgX+sQcbhEwE3EfPIbSKWDYTbV/DnDbvrzA9OmdiHisI/o2e5x2kyRAaV3d
CJRy0u2ULlbRC9t6yoDNcExnPHodNwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFP+a
vrRUOV2On9XqKFfwpNl115L2MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yMzNENTg5OEJCN0ExMUVGQjE3RUU0QTI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOxDMA0GCSqGSIb3DQEBCwUA
A4IBAQCu5WR8EKp0MCLc95JV4nL7IcW/GJo8ncmZFJ8z0jKNfPtsaIcwmWTux0pO
wyu7l5XXX4ZxDR6qevcGySg7f/mpDCMuFPklcJheqM0ccs+LjyhLN0nUhpOGh1zG
PWNJ6unDvd5YhxqMr3dj2FrpxIVNP6cCwWDoZXoDpOqu6SVzsV1xDKeu1arxcRtx
P44RdHgBrvbs1ambLFdIKo/5DLMPrj6OUODFqtbRnpQbjf3omt0ojxkR5KbE7tfv
Dg6UYZo5UKfvG4pGIqVSSgUFj3t7netcDIeZDiMuR978U0XtZRijfQmV7BObmfUk
4tqa3NSPbXGIFaCitKdtrL+9zRpo
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:42:51 2025 by rpki-client