Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/25F17FF4C28411EF80C6268E762E951A.roa
File: 25F17FF4C28411EF80C6268E762E951A.roa (raw, json)
Hash identifier: x3MDTYx2TKwqYoGMV9xMKmXxeLyAUWw5W+KTc+NP0Y4=
Subject key identifier: A5:94:37:B0:3D:EB:56:D6:C5:F4:32:26:D5:FB:E1:0B:41:52:41:07
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E90F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/25F17FF4C28411EF80C6268E762E951A.roa
Signing time: Wed 25 Dec 2024 05:50:30 +0000
ROA not before: Wed 25 Dec 2024 05:50:26 +0000
ROA not after: Wed 10 Dec 2025 05:50:26 +0000
asID: 984
IP address blocks: 156.228.39.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59663 (0xe90f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 25 05:50:26 2024 GMT
Not After : Dec 10 05:50:26 2025 GMT
Subject: CN=676b9d26-a9d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:25:c2:f1:5b:94:85:15:00:2b:14:a8:69:3b:
e1:0c:2b:03:3a:a3:1c:fd:de:f0:5d:34:20:ae:04:
d3:a5:1b:d1:33:70:f1:35:8b:7c:33:f0:46:1a:a6:
73:70:b7:88:4c:97:7b:2d:56:4d:6d:4e:8a:55:9e:
1c:8a:e3:82:8b:1f:cb:eb:69:53:56:1f:ae:4f:4b:
03:47:9a:49:4f:09:d6:68:b1:22:2e:c8:ef:5f:69:
c5:13:8b:ca:9b:ac:0f:70:dc:ba:ee:5b:c3:5a:f7:
76:25:f9:a7:9a:a7:c8:31:a2:50:14:c3:ee:05:55:
1b:a1:e8:14:76:b1:bd:9e:e8:f9:e7:83:86:d1:d5:
f9:dc:59:bf:bf:e9:4e:06:9a:2f:2d:83:ed:90:ef:
61:16:d8:93:53:bb:94:b3:8c:0d:71:c8:c3:24:be:
06:7b:e1:e9:01:53:10:36:b3:9b:3b:f6:80:1e:97:
b9:e6:7b:55:fe:fc:18:53:05:b9:9e:d5:16:0f:be:
ea:12:cc:26:99:0f:82:b0:0b:29:27:93:d0:d6:37:
38:25:f0:bb:22:d5:c3:86:4e:6c:03:29:a0:47:79:
0a:84:18:37:bd:3a:60:57:cd:05:d4:f9:6c:88:fc:
34:68:0a:95:fb:76:cf:69:8b:07:30:b2:d2:d0:42:
33:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:94:37:B0:3D:EB:56:D6:C5:F4:32:26:D5:FB:E1:0B:41:52:41:07
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/25F17FF4C28411EF80C6268E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.39.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:2b:f5:12:9c:a1:e8:ae:6b:1f:1c:38:7a:25:94:78:e0:0a:
84:48:b9:bf:9c:29:59:55:64:d3:cf:61:5a:00:6d:81:d1:f3:
36:c1:d3:fe:c1:14:5b:55:2f:12:11:f1:71:7c:57:ba:ab:ff:
85:8b:36:e6:34:6d:c3:cf:60:27:18:ef:6e:66:e0:ea:f3:56:
e2:f1:b5:c8:8f:d3:fa:44:35:f3:75:0a:93:4c:7a:c1:c1:aa:
b5:70:08:e6:47:76:f9:b7:78:52:6a:14:07:0c:a1:1d:10:d8:
fb:32:4a:d4:f0:ba:4b:22:e2:49:25:cb:ad:25:58:23:33:01:
f7:fb:dd:7e:22:b9:ea:51:bf:ca:ad:44:52:b9:ad:93:19:8f:
d3:5a:2b:39:88:5f:50:6f:d4:df:de:21:6a:b3:26:a3:54:84:
65:54:cd:ca:4b:42:55:8c:8e:5c:cd:e3:02:85:ca:ee:47:9d:
d8:f2:ec:a0:a3:84:81:76:95:04:90:95:e7:7a:be:e0:84:85:
7c:e6:9b:a9:6c:07:8c:54:d1:b6:e1:6f:2c:55:73:cb:d4:e1:
88:6a:54:b2:38:f7:e9:f2:ad:c7:0c:f3:c3:a6:7a:fd:92:71:
59:f9:7d:5a:fd:d8:fa:36:b6:00:6c:5d:3f:77:ad:ab:75:75:
7f:50:fa:02
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOkPMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI1MDU1MDI2WhcNMjUxMjEwMDU1MDI2WjAYMRYw
FAYDVQQDEw02NzZiOWQyNi1hOWQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvyXC8VuUhRUAKxSoaTvhDCsDOqMc/d7wXTQgrgTTpRvRM3DxNYt8M/BG
GqZzcLeITJd7LVZNbU6KVZ4ciuOCix/L62lTVh+uT0sDR5pJTwnWaLEiLsjvX2nF
E4vKm6wPcNy67lvDWvd2JfmnmqfIMaJQFMPuBVUboegUdrG9nuj554OG0dX53Fm/
v+lOBpovLYPtkO9hFtiTU7uUs4wNccjDJL4Ge+HpAVMQNrObO/aAHpe55ntV/vwY
UwW5ntUWD77qEswmmQ+CsAspJ5PQ1jc4JfC7ItXDhk5sAymgR3kKhBg3vTpgV80F
1PlsiPw0aAqV+3bPaYsHMLLS0EIzrwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKWU
N7A961bWxfQyJtX74QtBUkEHMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yNUYxN0ZGNEMyODQxMUVGODBDNjI2OEU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOQnMA0GCSqGSIb3DQEBCwUA
A4IBAQArK/USnKHormsfHDh6JZR44AqESLm/nClZVWTTz2FaAG2B0fM2wdP+wRRb
VS8SEfFxfFe6q/+FizbmNG3Dz2AnGO9uZuDq81bi8bXIj9P6RDXzdQqTTHrBwaq1
cAjmR3b5t3hSahQHDKEdENj7MkrU8LpLIuJJJcutJVgjMwH3+91+IrnqUb/KrURS
ua2TGY/TWis5iF9Qb9Tf3iFqsyajVIRlVM3KS0JVjI5czeMChcruR53Y8uygo4SB
dpUEkJXner7ghIV85pupbAeMVNG24W8sVXPL1OGIalSyOPfp8q3HDPPDpnr9knFZ
+X1a/dj6NrYAbF0/d62rdXV/UPoC
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:45:00 2025 by rpki-client