Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2B705954C32511EF8143A077762E951A.roa
File: 2B705954C32511EF8143A077762E951A.roa (raw, json)
Hash identifier: f/7Ovhybmap7z8jIo4LYkM+UAtMx7ESeie/mCVZR7VI=
Subject key identifier: 7D:5B:CB:DC:71:FA:67:25:5F:78:45:11:A8:B9:00:CA:3B:96:E5:82
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EA77
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2B705954C32511EF8143A077762E951A.roa
Signing time: Thu 26 Dec 2024 01:03:08 +0000
ROA not before: Thu 26 Dec 2024 01:03:05 +0000
ROA not after: Wed 10 Dec 2025 01:03:05 +0000
asID: 984
IP address blocks: 156.228.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60023 (0xea77)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 01:03:05 2024 GMT
Not After : Dec 10 01:03:05 2025 GMT
Subject: CN=676cab4c-baa8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:61:d7:2b:27:1d:be:e1:dc:46:75:81:b3:fe:
0c:63:7e:11:36:25:5c:e5:ff:b5:62:19:df:a6:ae:
99:26:d3:ca:6c:8c:10:39:c6:f2:b9:35:5e:1c:55:
22:f4:79:68:60:25:f5:e2:47:cd:84:0b:92:6b:42:
ae:1e:57:09:bc:1c:8c:69:9f:6e:f9:99:11:88:14:
04:09:05:ae:43:9c:0d:74:cf:e5:f3:1b:09:83:a6:
6c:92:48:6e:a7:e4:a9:64:06:60:52:3d:85:ab:0f:
f5:0e:02:51:31:bb:73:61:35:69:d0:02:cc:f1:cc:
9e:12:86:4c:5a:bc:cf:7b:f8:33:0c:15:c4:70:5a:
4d:e1:db:13:04:6d:61:42:e1:61:47:5e:8a:80:30:
b8:4b:47:d0:6e:95:25:e3:b3:f4:05:d9:12:c5:21:
97:6c:33:94:4c:12:87:4c:fd:e1:cd:60:04:be:67:
fb:ca:d6:5b:cc:00:8e:9f:19:ba:d7:40:e7:b2:bc:
ee:8a:cb:dd:2d:ac:d4:36:93:60:4a:95:1c:57:a8:
99:13:c1:63:41:23:bc:96:ad:af:51:54:7c:70:c2:
14:91:4a:ef:60:57:d6:1f:ab:1b:d5:c8:bc:37:7d:
be:f5:92:14:a8:a2:14:56:98:8e:ff:45:86:b1:74:
c2:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:5B:CB:DC:71:FA:67:25:5F:78:45:11:A8:B9:00:CA:3B:96:E5:82
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2B705954C32511EF8143A077762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.254.0/24
Signature Algorithm: sha256WithRSAEncryption
12:81:a9:a9:20:17:69:ac:ac:a5:4d:db:45:bb:e6:fa:6a:e2:
9f:e6:86:ff:2f:4a:4f:9f:0b:52:43:bc:5c:a4:28:59:36:b4:
10:77:08:80:89:58:f1:df:77:e9:dd:d4:cf:04:6c:ec:1f:71:
9c:10:13:63:24:4d:5e:ba:1f:fa:aa:a0:3f:d7:fb:c2:70:c0:
41:9c:cd:8d:6c:e5:51:2c:85:f3:6a:0e:11:b1:77:5c:2f:06:
a4:58:ba:34:23:4e:bf:a2:c5:e8:25:5f:2e:2e:41:0f:8d:10:
dc:c2:b0:03:7f:b8:46:a8:fc:ca:85:b3:07:c9:f8:42:09:13:
59:f8:e2:e0:89:ee:8e:b7:24:fa:1a:e8:8b:79:89:95:8f:8b:
4b:98:43:c5:20:72:3f:ef:4d:3b:8a:78:2a:40:aa:2b:48:8d:
0d:76:89:88:63:4a:73:c6:6b:8c:99:87:29:3c:b6:60:03:b9:
f2:09:11:76:06:a4:ec:49:11:e8:45:50:2a:05:59:dd:b4:96:
10:e3:05:b0:60:a5:05:95:ef:ca:54:81:0d:72:66:db:9f:70:
e8:87:72:bb:5a:97:fa:ab:3d:e0:f4:5b:e5:4b:24:bf:3a:3a:
65:5f:6e:bb:85:eb:95:86:a4:92:f3:3b:8c:4d:6a:a1:22:bf:
8a:38:4a:50
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOp3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDEwMzA1WhcNMjUxMjEwMDEwMzA1WjAYMRYw
FAYDVQQDEw02NzZjYWI0Yy1iYWE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA9WHXKycdvuHcRnWBs/4MY34RNiVc5f+1Yhnfpq6ZJtPKbIwQOcbyuTVe
HFUi9HloYCX14kfNhAuSa0KuHlcJvByMaZ9u+ZkRiBQECQWuQ5wNdM/l8xsJg6Zs
kkhup+SpZAZgUj2Fqw/1DgJRMbtzYTVp0ALM8cyeEoZMWrzPe/gzDBXEcFpN4dsT
BG1hQuFhR16KgDC4S0fQbpUl47P0BdkSxSGXbDOUTBKHTP3hzWAEvmf7ytZbzACO
nxm610DnsrzuisvdLazUNpNgSpUcV6iZE8FjQSO8lq2vUVR8cMIUkUrvYFfWH6sb
1ci8N32+9ZIUqKIUVpiO/0WGsXTClQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFH1b
y9xx+mclX3hFEai5AMo7luWCMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yQjcwNTk1NEMzMjUxMUVGODE0M0EwNzc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOT+MA0GCSqGSIb3DQEBCwUA
A4IBAQASgampIBdprKylTdtFu+b6auKf5ob/L0pPnwtSQ7xcpChZNrQQdwiAiVjx
33fp3dTPBGzsH3GcEBNjJE1euh/6qqA/1/vCcMBBnM2NbOVRLIXzag4RsXdcLwak
WLo0I06/osXoJV8uLkEPjRDcwrADf7hGqPzKhbMHyfhCCRNZ+OLgie6OtyT6GuiL
eYmVj4tLmEPFIHI/7007ingqQKorSI0NdomIY0pzxmuMmYcpPLZgA7nyCRF2BqTs
SRHoRVAqBVndtJYQ4wWwYKUFle/KVIENcmbbn3Doh3K7Wpf6qz3g9FvlSyS/Ojpl
X267heuVhqSS8zuMTWqhIr+KOEpQ
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:55:43 2025 by rpki-client