Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/304FE996C33711EF96D9337B762E951A.roa
File: 304FE996C33711EF96D9337B762E951A.roa (raw, json)
Hash identifier: o2CITfiO55NbJt/TeTyNqzD4Byi6YSWQG8jNHm4UgiQ=
Subject key identifier: 18:65:BF:64:5A:2B:8B:8C:1D:71:6F:AB:A0:38:81:80:58:FE:85:62
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EB57
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/304FE996C33711EF96D9337B762E951A.roa
Signing time: Thu 26 Dec 2024 03:12:07 +0000
ROA not before: Thu 26 Dec 2024 03:12:04 +0000
ROA not after: Wed 10 Dec 2025 03:12:04 +0000
asID: 984
IP address blocks: 156.244.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60247 (0xeb57)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 03:12:04 2024 GMT
Not After : Dec 10 03:12:04 2025 GMT
Subject: CN=676cc987-b7b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:cb:aa:ff:75:1e:80:1d:79:0d:bd:4b:65:a4:
d5:ce:0f:5d:d8:78:88:ef:de:38:31:e3:01:4c:76:
ca:40:5d:83:32:37:da:7e:a1:3a:a7:64:32:38:f3:
51:77:33:61:7a:45:d5:4a:8a:d4:e6:78:e4:63:58:
75:dc:de:64:ca:82:48:7a:6b:6f:aa:1e:6a:d2:39:
d1:5c:a0:ef:17:f6:0b:db:03:34:53:1b:69:f1:4f:
b3:ec:f4:2f:19:41:2c:92:fc:b2:65:a1:20:22:15:
ca:15:b4:bd:b1:cb:a4:13:b2:92:97:d1:a7:6b:59:
2e:41:62:d4:fb:c6:92:3b:44:93:14:02:7e:5b:28:
20:6a:e6:25:36:8b:ed:62:a1:ae:70:6b:00:a2:74:
66:68:b0:52:6e:18:0a:31:63:c6:dc:4f:7f:3e:17:
6a:3b:76:86:c5:bd:ef:79:43:38:96:79:b6:76:b9:
49:c7:ab:61:cd:3c:a9:39:b9:aa:5f:ba:f6:ff:4b:
39:b5:c4:79:d4:c9:d9:0e:89:f2:47:d8:6a:ac:fb:
87:6c:a8:54:a5:83:4c:13:e3:ad:c4:20:df:b6:3e:
2c:5a:66:cf:c9:26:ea:c2:bf:8b:f8:ba:ab:f0:60:
9c:6c:69:80:32:0d:49:0c:be:92:a1:27:93:39:46:
d9:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:65:BF:64:5A:2B:8B:8C:1D:71:6F:AB:A0:38:81:80:58:FE:85:62
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/304FE996C33711EF96D9337B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.244.167.0/24
Signature Algorithm: sha256WithRSAEncryption
55:5b:aa:b5:49:d0:29:f5:d4:d2:be:c2:41:08:6b:ff:ca:13:
e8:e2:01:a1:10:35:d3:ab:e9:d3:2c:85:7d:16:f5:f5:51:08:
74:a2:c4:ed:04:73:70:ce:4b:10:6b:e5:6b:b5:75:6b:63:8d:
c9:07:aa:29:3b:03:fc:53:4d:6b:f0:e4:35:c3:fb:94:19:69:
61:75:a4:85:b6:76:41:d3:52:5e:cf:91:47:19:0c:11:8e:08:
e3:1e:5d:40:a1:ba:a9:d8:52:6c:90:2c:03:af:17:48:5b:ab:
a6:a4:7f:11:12:f1:3c:59:c4:9f:04:1b:4d:b4:5e:9a:f3:9b:
c4:4b:26:61:4f:a6:e0:49:62:ed:ee:ca:c7:aa:70:92:c2:4d:
bb:7d:f0:ed:ae:b0:fd:05:d1:cd:53:e5:5c:54:10:e1:23:07:
c8:c9:db:09:6c:f2:23:8c:5f:85:79:5a:54:70:4d:8a:75:6e:
c1:87:49:ee:27:61:16:16:9a:d7:70:80:78:0a:34:b3:fb:20:
a8:34:b6:94:d6:2d:e8:20:bd:d2:56:76:81:d1:1d:a0:a8:8a:
08:20:fd:4a:58:78:cc:84:98:20:c8:59:c4:b1:de:a7:25:98:
27:19:e1:bf:3f:8e:f3:35:7c:87:a4:2f:7d:f5:11:8e:1b:aa:
52:3a:36:5c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOtXMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDMxMjA0WhcNMjUxMjEwMDMxMjA0WjAYMRYw
FAYDVQQDEw02NzZjYzk4Ny1iN2I1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAssuq/3UegB15Db1LZaTVzg9d2HiI7944MeMBTHbKQF2DMjfafqE6p2Qy
OPNRdzNhekXVSorU5njkY1h13N5kyoJIemtvqh5q0jnRXKDvF/YL2wM0Uxtp8U+z
7PQvGUEskvyyZaEgIhXKFbS9scukE7KSl9Gna1kuQWLU+8aSO0STFAJ+WyggauYl
NovtYqGucGsAonRmaLBSbhgKMWPG3E9/PhdqO3aGxb3veUM4lnm2drlJx6thzTyp
ObmqX7r2/0s5tcR51MnZDonyR9hqrPuHbKhUpYNME+OtxCDftj4sWmbPySbqwr+L
+Lqr8GCcbGmAMg1JDL6SoSeTOUbZAwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBhl
v2RaK4uMHXFvq6A4gYBY/oViMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zMDRGRTk5NkMzMzcxMUVGOTZEOTMzN0I3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPSnMA0GCSqGSIb3DQEBCwUA
A4IBAQBVW6q1SdAp9dTSvsJBCGv/yhPo4gGhEDXTq+nTLIV9FvX1UQh0osTtBHNw
zksQa+VrtXVrY43JB6opOwP8U01r8OQ1w/uUGWlhdaSFtnZB01Jez5FHGQwRjgjj
Hl1Aobqp2FJskCwDrxdIW6umpH8REvE8WcSfBBtNtF6a85vESyZhT6bgSWLt7srH
qnCSwk27ffDtrrD9BdHNU+VcVBDhIwfIydsJbPIjjF+FeVpUcE2KdW7Bh0nuJ2EW
FprXcIB4CjSz+yCoNLaU1i3oIL3SVnaB0R2gqIoIIP1KWHjMhJggyFnEsd6nJZgn
GeG/P47zNXyHpC999RGOG6pSOjZc
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:40:34 2025 by rpki-client