Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/28485DACC32B11EFAC1590A2762E951A.roa
File: 28485DACC32B11EFAC1590A2762E951A.roa (raw, json)
Hash identifier: R49f09dwE24UQIZ+NPRiY3CMsJzCQ3wQbGNOWv0V0Kc=
Subject key identifier: AE:EE:1A:A5:75:50:12:E6:37:5F:20:FB:EB:DC:72:D1:B3:F5:A0:68
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EAC7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/28485DACC32B11EFAC1590A2762E951A.roa
Signing time: Thu 26 Dec 2024 01:46:00 +0000
ROA not before: Thu 26 Dec 2024 01:45:56 +0000
ROA not after: Wed 10 Dec 2025 01:45:56 +0000
asID: 984
IP address blocks: 156.243.196.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60103 (0xeac7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 01:45:56 2024 GMT
Not After : Dec 10 01:45:56 2025 GMT
Subject: CN=676cb558-8540
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:25:27:a7:9d:ce:10:5e:bb:0c:22:3d:9b:b0:
13:a7:24:c4:51:47:fb:9a:2f:56:a8:94:0c:1c:fb:
81:dd:7b:bc:b3:85:99:94:d8:d4:64:46:ef:60:9b:
26:35:08:1f:8b:ad:aa:99:ad:1e:4e:d8:75:3b:6b:
cc:df:de:83:1c:54:fa:0d:09:c0:b9:99:39:7d:9b:
d2:fd:07:ff:26:ac:4a:22:88:51:66:a6:4d:fb:93:
1f:a7:94:18:ea:b4:73:df:a2:e8:70:17:2a:19:85:
e6:92:11:fc:87:bc:48:fe:f1:4f:23:9b:30:1f:82:
83:40:f7:26:98:a7:3b:1a:50:cc:73:56:f0:cf:e5:
ec:1a:ef:23:df:5d:a4:b5:c4:1e:c9:d1:26:98:bf:
72:f7:99:9b:c4:de:97:fe:08:44:80:87:60:0c:a5:
cb:52:8f:e2:26:75:3b:67:62:94:79:a6:74:3c:e1:
b3:23:08:72:ee:e9:26:fc:22:8c:49:50:e0:22:30:
f9:3c:16:20:60:ce:3f:4e:95:d3:a7:7a:71:e7:1f:
b3:89:26:82:cb:75:b2:5b:80:4b:33:fc:03:6c:fe:
01:b5:70:b4:90:3f:01:df:83:fc:50:d4:46:f6:56:
20:b9:31:58:5d:34:39:c4:91:f0:4f:ac:74:94:a8:
18:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:EE:1A:A5:75:50:12:E6:37:5F:20:FB:EB:DC:72:D1:B3:F5:A0:68
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/28485DACC32B11EFAC1590A2762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.196.0/24
Signature Algorithm: sha256WithRSAEncryption
28:74:fe:e6:5a:87:8c:f9:6d:79:d0:36:80:5b:b0:f1:fa:28:
bc:c2:8d:bc:11:27:32:fa:0d:3b:b6:d0:de:53:d4:f8:21:a3:
d9:46:e9:fb:f2:2c:12:68:ea:3a:3b:16:bc:dd:0c:38:6d:be:
6a:8f:5c:c3:26:b6:7b:f8:ff:a5:ed:46:a6:f3:66:77:16:a0:
d9:cf:c7:b4:1f:4e:bb:e8:c9:41:bd:4c:02:e6:24:d1:6f:83:
20:02:c3:0e:66:47:b0:cc:90:8f:c6:87:08:2d:f3:3b:b1:12:
66:e2:b6:58:98:6c:e4:e3:27:73:6b:5e:31:8e:bd:ac:3a:31:
0f:c9:43:d8:9b:4a:4f:38:c2:63:3d:e8:4f:67:c7:ed:de:90:
31:3f:68:d0:f4:9e:5c:d1:dc:1b:2a:10:97:fa:14:09:2d:40:
1b:51:38:80:70:18:05:07:42:a4:8e:ee:b2:76:6c:6e:ea:86:
db:62:16:23:07:d0:58:3a:61:17:fd:88:f4:ba:c3:7d:8d:fe:
57:de:f0:29:4c:d2:2b:ec:e5:3d:11:f7:c1:6c:c0:20:99:cb:
76:eb:27:63:d9:d9:af:fd:b9:a6:19:5d:cc:e6:6e:03:b7:9e:
b0:52:1e:c4:3d:43:56:39:b7:98:7c:47:b1:6a:47:be:8a:dd:
01:a3:1b:76
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOrHMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDE0NTU2WhcNMjUxMjEwMDE0NTU2WjAYMRYw
FAYDVQQDEw02NzZjYjU1OC04NTQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7iUnp53OEF67DCI9m7ATpyTEUUf7mi9WqJQMHPuB3Xu8s4WZlNjUZEbv
YJsmNQgfi62qma0eTth1O2vM396DHFT6DQnAuZk5fZvS/Qf/JqxKIohRZqZN+5Mf
p5QY6rRz36LocBcqGYXmkhH8h7xI/vFPI5swH4KDQPcmmKc7GlDMc1bwz+XsGu8j
312ktcQeydEmmL9y95mbxN6X/ghEgIdgDKXLUo/iJnU7Z2KUeaZ0POGzIwhy7ukm
/CKMSVDgIjD5PBYgYM4/TpXTp3px5x+ziSaCy3WyW4BLM/wDbP4BtXC0kD8B34P8
UNRG9lYguTFYXTQ5xJHwT6x0lKgYMQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFK7u
GqV1UBLmN18g++vcctGz9aBoMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yODQ4NURBQ0MzMkIxMUVGQUMxNTkwQTI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPPEMA0GCSqGSIb3DQEBCwUA
A4IBAQAodP7mWoeM+W150DaAW7Dx+ii8wo28EScy+g07ttDeU9T4IaPZRun78iwS
aOo6Oxa83Qw4bb5qj1zDJrZ7+P+l7Uam82Z3FqDZz8e0H0676MlBvUwC5iTRb4Mg
AsMOZkewzJCPxocILfM7sRJm4rZYmGzk4ydza14xjr2sOjEPyUPYm0pPOMJjPehP
Z8ft3pAxP2jQ9J5c0dwbKhCX+hQJLUAbUTiAcBgFB0Kkju6ydmxu6obbYhYjB9BY
OmEX/Yj0usN9jf5X3vApTNIr7OU9EffBbMAgmct26ydj2dmv/bmmGV3M5m4Dt56w
Uh7EPUNWObeYfEexake+it0Boxt2
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:38:08 2025 by rpki-client