Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/308622D0CD1011EF97EA928F762E951A.roa
File: 308622D0CD1011EF97EA928F762E951A.roa (raw, json)
Hash identifier: 0BTQI52DrHL+rysZ6BtsMNNwACLXErkpqm/juW48HqE=
Subject key identifier: 52:64:86:A0:83:1E:82:B1:B3:C5:9E:35:F9:54:22:C9:FF:BC:99:B5
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FCEB
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/308622D0CD1011EF97EA928F762E951A.roa
Signing time: Tue 07 Jan 2025 15:58:09 +0000
ROA not before: Tue 07 Jan 2025 15:58:05 +0000
ROA not after: Mon 13 Dec 2027 15:58:05 +0000
asID: 17561
IP address blocks: 156.239.156.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64747 (0xfceb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 15:58:05 2025 GMT
Not After : Dec 13 15:58:05 2027 GMT
Subject: CN=677d4f11-4a45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:f9:2e:d7:c9:5f:ad:80:89:55:24:cd:b0:ba:
71:59:db:5a:52:5e:23:17:dc:7a:63:36:15:9d:ad:
2b:58:15:98:99:72:25:64:6f:32:aa:b1:6f:0c:ab:
ac:85:ba:b9:c1:24:ce:53:95:26:f1:62:71:e4:21:
c9:98:3b:4f:75:6d:8b:8b:87:1f:5c:07:c1:0f:d4:
78:4e:36:88:36:56:55:72:18:e3:d8:88:a3:75:a9:
98:48:7b:09:4f:a2:f8:d6:b2:b8:db:61:a0:c2:9e:
63:ae:34:6a:97:e4:f6:a1:a7:01:8e:44:8a:18:c1:
b1:7b:93:c4:b9:cc:3d:89:8d:1c:fe:2f:75:5b:a3:
97:a6:e9:2b:91:a5:17:66:4e:6c:af:c7:1e:0d:90:
e4:66:6b:6f:84:ee:d8:e7:77:ec:a5:2e:56:fa:1a:
e6:d3:0f:95:65:9d:64:90:d5:b1:10:b1:85:2a:f3:
10:27:97:2f:29:03:56:d3:77:03:c5:38:d9:74:cb:
2b:43:c2:53:11:98:45:ca:d5:3e:33:0a:9c:61:36:
81:25:7a:1c:19:65:e2:8c:c2:c3:0d:7a:d9:59:eb:
7d:f0:68:c4:3f:dc:db:fc:fd:fa:61:30:be:23:bd:
fc:00:a0:da:83:69:f1:c4:8f:31:85:45:55:08:ae:
83:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:64:86:A0:83:1E:82:B1:B3:C5:9E:35:F9:54:22:C9:FF:BC:99:B5
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/308622D0CD1011EF97EA928F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.239.156.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:68:53:a7:d2:cc:1d:c5:4b:dc:06:2d:bf:52:4d:dc:07:55:
1f:35:b2:cc:9b:cf:29:94:f4:12:fe:f6:ed:fb:8c:c9:2e:96:
69:8b:77:07:c0:da:4f:55:44:ff:4d:44:c0:e0:67:f0:4b:a7:
ea:ab:e5:c4:fa:68:ae:48:9b:3b:ca:e5:34:b4:b8:0a:ba:ae:
c8:51:5d:b8:09:c9:ee:1f:e6:ed:96:1d:01:36:62:9c:bb:8a:
d5:b4:cd:c2:ca:b3:96:b8:b9:73:f3:0e:53:52:c3:1b:a6:5a:
72:f4:a0:88:39:fc:f9:e7:6c:b2:58:5e:cf:d8:8b:2d:fe:cf:
b2:66:cf:8a:2d:40:a5:22:fa:8b:4d:21:e2:07:ee:8d:28:f0:
cd:ac:3d:ec:5b:95:c3:6e:8b:7a:eb:a7:54:17:d5:49:8f:15:
85:5a:ce:56:14:b3:f7:31:9a:f3:64:ec:c8:e3:fe:75:1e:e7:
10:a2:70:c6:9c:fd:ea:4c:28:0a:34:e8:70:cb:01:cc:82:a3:
69:bd:a9:d6:8c:a9:b6:46:23:eb:c3:f8:38:38:64:6d:4e:66:
35:8a:a4:c4:d2:b9:7b:28:9c:24:87:5e:a3:2d:1c:57:82:38:
b1:3e:0f:a7:2a:d8:00:75:b3:a9:57:5f:4d:6e:4d:13:ca:9f:
d5:0e:19:8f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPzrMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTU1ODA1WhcNMjcxMjEzMTU1ODA1WjAYMRYw
FAYDVQQDEw02NzdkNGYxMS00YTQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAu/ku18lfrYCJVSTNsLpxWdtaUl4jF9x6YzYVna0rWBWYmXIlZG8yqrFv
DKushbq5wSTOU5Um8WJx5CHJmDtPdW2Li4cfXAfBD9R4TjaINlZVchjj2IijdamY
SHsJT6L41rK422Ggwp5jrjRql+T2oacBjkSKGMGxe5PEucw9iY0c/i91W6OXpukr
kaUXZk5sr8ceDZDkZmtvhO7Y53fspS5W+hrm0w+VZZ1kkNWxELGFKvMQJ5cvKQNW
03cDxTjZdMsrQ8JTEZhFytU+MwqcYTaBJXocGWXijMLDDXrZWet98GjEP9zb/P36
YTC+I738AKDag2nxxI8xhUVVCK6D3wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFJk
hqCDHoKxs8WeNflUIsn/vJm1MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zMDg2MjJEMENEMTAxMUVGOTdFQTkyOEY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO+cMA0GCSqGSIb3DQEBCwUA
A4IBAQBvaFOn0swdxUvcBi2/Uk3cB1UfNbLMm88plPQS/vbt+4zJLpZpi3cHwNpP
VUT/TUTA4GfwS6fqq+XE+miuSJs7yuU0tLgKuq7IUV24CcnuH+btlh0BNmKcu4rV
tM3CyrOWuLlz8w5TUsMbplpy9KCIOfz552yyWF7P2Ist/s+yZs+KLUClIvqLTSHi
B+6NKPDNrD3sW5XDbot666dUF9VJjxWFWs5WFLP3MZrzZOzI4/51HucQonDGnP3q
TCgKNOhwywHMgqNpvanWjKm2RiPrw/g4OGRtTmY1iqTE0rl7KJwkh16jLRxXgjix
Pg+nKtgAdbOpV19Nbk0Typ/VDhmP
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:51:35 2025 by rpki-client