Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/23434970C94311EFB48FFA63762E951A.roa
File: 23434970C94311EFB48FFA63762E951A.roa (raw, json)
Hash identifier: gZ7WMx1mCY4bvG3LI2f5AI+UX7Rd+RnOoE6AbOauovI=
Subject key identifier: D5:FE:E6:83:B0:B6:CD:07:B1:98:4C:29:71:39:8E:EA:38:0C:66:10
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F342
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/23434970C94311EFB48FFA63762E951A.roa
Signing time: Thu 02 Jan 2025 19:52:46 +0000
ROA not before: Thu 02 Jan 2025 19:52:43 +0000
ROA not after: Mon 13 Dec 2027 19:52:43 +0000
asID: 17561
IP address blocks: 156.224.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62274 (0xf342)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 2 19:52:43 2025 GMT
Not After : Dec 13 19:52:43 2027 GMT
Subject: CN=6776ee8e-e1f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:67:04:12:51:de:c0:43:c2:bd:c6:ff:2d:d3:
f6:2d:3b:06:a1:fb:28:b1:b1:b7:3c:e1:5a:0e:43:
21:7b:e8:1f:4e:bf:f9:21:d2:05:97:55:97:86:38:
f5:2f:0d:4a:9f:b3:f0:17:5e:fa:d6:03:3c:d2:31:
75:68:dd:4d:70:d8:d0:ad:18:bc:80:a9:e7:15:d1:
9b:37:75:96:97:55:bf:bc:fa:f8:65:0c:88:28:36:
7a:b2:6d:1a:28:46:63:87:fd:0d:48:1e:e1:9f:da:
7c:99:86:b8:57:4d:1b:da:48:7e:18:d6:a1:82:6c:
64:64:d1:16:cb:2e:46:c9:ca:80:19:d2:82:e0:6e:
77:0b:5f:bf:ca:26:8c:a4:6a:2e:6e:89:be:75:c9:
bc:ec:8a:cb:1d:a5:d6:b1:ea:c9:96:5f:a3:5f:9e:
87:b3:ae:b0:2a:2f:2f:76:01:ac:60:60:a6:55:10:
77:51:3b:c5:a9:48:e9:c3:eb:d1:ae:d4:ed:c7:03:
d8:12:39:15:ec:6a:90:57:e1:09:d6:2a:0e:f8:ab:
2a:3b:3c:c7:44:4b:9c:bb:54:d7:27:5e:3b:a9:41:
ba:3d:87:42:b8:55:13:20:97:6e:b6:f0:a6:0a:c8:
44:b9:90:75:a4:f9:37:18:a4:bb:1b:2c:45:76:2f:
f3:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:FE:E6:83:B0:B6:CD:07:B1:98:4C:29:71:39:8E:EA:38:0C:66:10
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/23434970C94311EFB48FFA63762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.224.91.0/24
Signature Algorithm: sha256WithRSAEncryption
56:5e:ab:3d:ac:8c:d4:83:23:46:ea:31:7f:e1:3b:ec:91:4a:
1e:5d:3d:d3:05:ec:db:b2:1c:cc:34:1b:20:9a:cb:8c:28:81:
ff:1d:44:f4:6d:31:3b:a0:0f:6f:19:6f:ee:8d:ff:65:9e:0b:
85:4e:50:11:40:fc:46:20:17:30:2e:b3:22:74:5e:b4:62:ba:
1a:1f:e0:7a:4a:aa:94:92:6b:4b:f2:68:59:2a:c1:61:0f:fc:
0c:4d:48:c4:a4:c2:6f:6f:cd:f9:f9:09:c7:43:65:00:d8:f9:
af:4c:c7:c0:ff:16:12:67:80:40:7b:47:81:c4:14:4d:ca:64:
a5:15:8f:62:d6:a4:70:6d:51:30:60:c4:29:e5:e7:9e:33:a5:
c5:e6:b9:62:56:59:bc:1a:b8:9e:fd:26:f0:48:4c:7e:dc:65:
fb:02:e7:ed:f0:6b:f5:8f:be:b7:b2:e2:d3:45:c0:97:ab:10:
da:ea:d2:dd:48:5a:c8:fb:cc:fe:09:87:4b:cd:ba:b2:60:33:
67:2a:80:5a:39:1a:ea:6e:b9:88:96:57:f5:fa:b1:60:a8:ae:
64:11:d4:db:0c:b4:3c:7e:4d:bf:8f:66:a5:9a:8b:4d:19:5e:
f7:f8:bf:47:6a:0d:0f:74:24:ec:9b:43:c4:77:d5:33:b5:07:
a0:3d:c7:a1
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPNCMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAyMTk1MjQzWhcNMjcxMjEzMTk1MjQzWjAYMRYw
FAYDVQQDEw02Nzc2ZWU4ZS1lMWY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAy2cEElHewEPCvcb/LdP2LTsGofsosbG3POFaDkMhe+gfTr/5IdIFl1WX
hjj1Lw1Kn7PwF1761gM80jF1aN1NcNjQrRi8gKnnFdGbN3WWl1W/vPr4ZQyIKDZ6
sm0aKEZjh/0NSB7hn9p8mYa4V00b2kh+GNahgmxkZNEWyy5GycqAGdKC4G53C1+/
yiaMpGoubom+dcm87IrLHaXWserJll+jX56Hs66wKi8vdgGsYGCmVRB3UTvFqUjp
w+vRrtTtxwPYEjkV7GqQV+EJ1ioO+KsqOzzHREucu1TXJ147qUG6PYdCuFUTIJdu
tvCmCshEuZB1pPk3GKS7GyxFdi/zPQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNX+
5oOwts0HsZhMKXE5juo4DGYQMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yMzQzNDk3MEM5NDMxMUVGQjQ4RkZBNjM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOBbMA0GCSqGSIb3DQEBCwUA
A4IBAQBWXqs9rIzUgyNG6jF/4TvskUoeXT3TBezbshzMNBsgmsuMKIH/HUT0bTE7
oA9vGW/ujf9lnguFTlARQPxGIBcwLrMidF60YroaH+B6SqqUkmtL8mhZKsFhD/wM
TUjEpMJvb835+QnHQ2UA2PmvTMfA/xYSZ4BAe0eBxBRNymSlFY9i1qRwbVEwYMQp
5eeeM6XF5rliVlm8Grie/SbwSEx+3GX7Auft8Gv1j763suLTRcCXqxDa6tLdSFrI
+8z+CYdLzbqyYDNnKoBaORrqbrmIllf1+rFgqK5kEdTbDLQ8fk2/j2almotNGV73
+L9Hag0PdCTsm0PEd9UztQegPceh
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:45:35 2025 by rpki-client