Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/28E8F00ED32111EF80C2429B762E951A.roa
File: 28E8F00ED32111EF80C2429B762E951A.roa (raw, json)
Hash identifier: BfV3So84emEBt46GnraQ0SkHjMW9iXkTDTWp0Is5zk4=
Subject key identifier: 4F:AC:74:F5:F7:46:81:20:3B:3B:C2:C3:6D:FB:1D:0F:E1:61:C5:2F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010891
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/28E8F00ED32111EF80C2429B762E951A.roa
Signing time: Wed 15 Jan 2025 09:14:44 +0000
ROA not before: Wed 15 Jan 2025 09:14:41 +0000
ROA not after: Mon 03 Jan 2028 09:14:41 +0000
asID: 17561
IP address blocks: 156.254.94.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67729 (0x10891)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 15 09:14:41 2025 GMT
Not After : Jan 3 09:14:41 2028 GMT
Subject: CN=67877c84-debd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:6e:44:1b:c3:b1:5e:dc:b9:70:ea:72:63:b7:
c2:d1:b2:2a:e0:fc:73:d4:4a:c0:68:70:6b:1a:90:
69:6a:b1:37:82:47:8e:a7:0f:58:ef:42:df:dd:8a:
96:c2:31:0a:d2:40:65:e9:29:4d:ca:e3:93:c7:f6:
ae:68:b1:1e:25:16:a8:90:3f:d6:78:5c:51:3b:13:
08:74:87:69:53:01:f0:e6:14:c3:bd:73:0f:eb:57:
e5:ca:41:af:97:73:14:5b:bd:ec:80:39:2d:97:87:
e4:78:92:a8:03:14:a1:fb:ed:44:40:a7:26:ab:65:
5f:99:63:e0:23:87:ec:84:1f:c4:9c:48:22:a2:07:
35:97:f7:5a:fd:95:a8:6c:df:6b:4f:d6:16:ee:3b:
02:02:f4:1f:b1:7b:3d:40:d7:d6:25:47:c6:56:94:
3a:e0:3f:92:db:4b:6d:31:51:1c:a2:42:aa:d2:c4:
03:67:64:17:e7:31:6e:1d:6b:43:5c:a7:09:1f:30:
26:97:ab:98:50:60:d1:c9:fa:6f:54:df:d9:06:eb:
18:22:f0:32:8a:7b:c1:93:e2:85:d7:3b:51:c8:a8:
74:1f:ba:59:82:b0:18:bb:3f:dd:1f:70:e7:42:c0:
c5:34:9a:d0:e1:5c:d9:68:00:7e:7c:2c:69:7b:e7:
f1:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:AC:74:F5:F7:46:81:20:3B:3B:C2:C3:6D:FB:1D:0F:E1:61:C5:2F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/28E8F00ED32111EF80C2429B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.254.94.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:91:c1:c5:99:4c:81:56:16:2b:ea:99:48:c5:1d:96:ee:1b:
48:a3:1a:0c:fa:7b:ef:a2:46:0c:32:0e:fb:1f:67:21:4d:95:
07:eb:ca:87:5b:32:45:ec:27:53:83:b0:16:74:42:0b:b2:c5:
04:e7:da:ce:86:3f:66:cc:d0:d2:93:cf:47:54:37:fd:50:4e:
65:b4:73:8f:fd:18:c6:e5:03:35:a3:15:fa:77:47:89:ec:a7:
de:44:f7:4f:09:a1:90:58:b7:9b:be:02:3e:6b:2a:df:73:dd:
32:76:49:83:44:8b:b0:d8:73:ab:93:25:a0:22:bf:3c:ab:bc:
3f:21:40:95:9e:76:51:a6:26:95:72:9a:e2:83:7b:26:a5:bd:
5a:1f:ea:ed:95:c1:ad:ee:a5:cd:c8:68:eb:a7:8a:9b:43:87:
ff:e3:2e:4c:9d:33:dc:e5:59:72:0d:1c:50:fb:02:2c:f4:7c:
e6:c7:2a:8e:55:8f:33:14:24:24:9f:57:a2:c1:76:24:c1:df:
88:b5:70:2f:54:4c:a9:b7:c5:83:12:c9:9a:75:ed:e8:39:32:
16:3e:f0:34:85:43:7c:82:12:14:5f:0d:ac:99:81:39:27:78:
7b:aa:39:90:b2:4f:18:c4:d5:a9:31:3a:79:30:2b:75:20:79:
aa:cd:82:f5
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQiRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE1MDkxNDQxWhcNMjgwMTAzMDkxNDQxWjAYMRYw
FAYDVQQDEw02Nzg3N2M4NC1kZWJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvG5EG8OxXty5cOpyY7fC0bIq4Pxz1ErAaHBrGpBparE3gkeOpw9Y70Lf
3YqWwjEK0kBl6SlNyuOTx/auaLEeJRaokD/WeFxROxMIdIdpUwHw5hTDvXMP61fl
ykGvl3MUW73sgDktl4fkeJKoAxSh++1EQKcmq2VfmWPgI4fshB/EnEgiogc1l/da
/ZWobN9rT9YW7jsCAvQfsXs9QNfWJUfGVpQ64D+S20ttMVEcokKq0sQDZ2QX5zFu
HWtDXKcJHzAml6uYUGDRyfpvVN/ZBusYIvAyinvBk+KF1ztRyKh0H7pZgrAYuz/d
H3DnQsDFNJrQ4VzZaAB+fCxpe+fx5wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFE+s
dPX3RoEgOzvCw237HQ/hYcUvMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yOEU4RjAwRUQzMjExMUVGODBDMjQyOUI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP5eMA0GCSqGSIb3DQEBCwUA
A4IBAQBtkcHFmUyBVhYr6plIxR2W7htIoxoM+nvvokYMMg77H2chTZUH68qHWzJF
7CdTg7AWdEILssUE59rOhj9mzNDSk89HVDf9UE5ltHOP/RjG5QM1oxX6d0eJ7Kfe
RPdPCaGQWLebvgI+ayrfc90ydkmDRIuw2HOrkyWgIr88q7w/IUCVnnZRpiaVcpri
g3smpb1aH+rtlcGt7qXNyGjrp4qbQ4f/4y5MnTPc5VlyDRxQ+wIs9HzmxyqOVY8z
FCQkn1eiwXYkwd+ItXAvVEypt8WDEsmade3oOTIWPvA0hUN8ghIUXw2smYE5J3h7
qjmQsk8YxNWpMTp5MCt1IHmqzYL1
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:47:59 2025 by rpki-client