Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/30C276C4C99911EF87659398762E951A.roa
File: 30C276C4C99911EF87659398762E951A.roa (raw, json)
Hash identifier: TnEohnWduoICtng2W7XT8/9C3eOQYuXxVBxLneu7SeI=
Subject key identifier: 4C:CD:D2:1E:7F:16:19:B5:C0:B8:A4:41:FB:9A:93:78:36:24:1C:17
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F62F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/30C276C4C99911EF87659398762E951A.roa
Signing time: Fri 03 Jan 2025 06:08:46 +0000
ROA not before: Fri 03 Jan 2025 06:08:42 +0000
ROA not after: Mon 13 Dec 2027 06:08:42 +0000
asID: 17561
IP address blocks: 156.233.156.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63023 (0xf62f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 06:08:42 2025 GMT
Not After : Dec 13 06:08:42 2027 GMT
Subject: CN=67777eee-dd8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ed:96:56:7f:e2:52:57:c2:d1:d3:cd:f0:2c:
b0:f4:25:75:8d:32:2e:62:77:72:f9:2e:06:36:c0:
fa:d0:28:d3:6b:99:0d:87:46:c0:14:f5:9c:85:09:
1d:a5:91:ff:8a:ce:90:65:f7:09:84:67:f7:c5:59:
24:06:8a:03:0b:0f:8b:99:79:32:de:82:47:e3:b5:
a4:d8:9c:63:23:72:29:2a:93:10:a2:90:dc:f2:74:
b9:e9:df:80:5b:8a:99:9a:ab:6a:f1:70:05:4c:a1:
c5:bf:e8:f1:e1:ad:60:2e:23:d6:33:80:24:50:ef:
1f:f3:df:df:48:cc:52:eb:7a:a5:dd:fa:49:15:f2:
9e:a3:22:36:a9:8e:83:3a:bf:21:a0:63:03:78:10:
f4:47:9f:6f:f2:ed:67:74:e2:77:7e:8f:5d:f3:78:
0d:36:14:0f:a6:de:d1:8f:d3:9a:81:9a:53:31:19:
ef:2d:88:6e:81:28:90:6f:6d:13:84:72:07:e2:88:
54:c1:c4:11:62:5f:94:43:4a:87:40:6c:fc:69:21:
a7:aa:10:07:de:93:e1:f9:55:00:a7:ee:03:b7:64:
2a:16:84:4d:6b:55:2c:0d:3a:c4:c4:13:26:79:4d:
2d:7b:c0:50:b9:40:af:f9:f2:c2:82:ec:d6:0a:8d:
e5:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:CD:D2:1E:7F:16:19:B5:C0:B8:A4:41:FB:9A:93:78:36:24:1C:17
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/30C276C4C99911EF87659398762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.156.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:9c:bb:90:07:45:8e:71:c1:a2:a6:be:1c:ea:ff:4c:50:7e:
c3:02:de:3a:c3:dc:3b:c0:dd:2d:ca:e1:f2:a3:92:01:60:51:
12:2c:e2:86:94:98:5b:5b:ee:da:1b:48:df:23:67:17:65:fe:
07:6b:67:c8:bd:45:2a:a3:b3:54:a4:77:d5:1e:a2:5e:d1:ba:
a4:0d:4e:ec:44:ea:cf:15:8e:65:76:91:a8:e6:27:17:1b:d8:
1f:40:f6:5d:f1:9f:d4:8e:f9:fe:e5:93:bf:3a:b9:41:22:65:
da:6c:b0:82:94:41:67:04:3a:32:5c:95:a7:20:c6:66:d0:34:
94:ca:62:7e:12:ac:03:f1:bb:56:0b:23:f8:bb:dd:b1:66:f6:
a9:ab:f9:1f:47:ed:8d:d1:40:b6:d0:c2:61:2c:b7:4b:d1:ac:
c5:ca:1b:da:64:30:30:dc:01:7d:d5:5e:25:27:ba:87:11:c3:
16:5a:5a:4d:57:bd:c2:a6:56:80:f8:94:0a:e1:41:d0:34:7f:
c2:70:0c:0d:ad:3a:bb:57:89:8b:b2:a2:8c:80:96:ac:96:0d:
6a:c8:a8:af:0b:11:3e:d9:fd:54:eb:47:f4:d1:03:59:4e:00:
7a:d9:80:c9:78:af:5b:12:00:a8:21:24:3d:b6:76:92:55:9b:
79:31:0e:72
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPYvMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDYwODQyWhcNMjcxMjEzMDYwODQyWjAYMRYw
FAYDVQQDEw02Nzc3N2VlZS1kZDhhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsO2WVn/iUlfC0dPN8Cyw9CV1jTIuYndy+S4GNsD60CjTa5kNh0bAFPWc
hQkdpZH/is6QZfcJhGf3xVkkBooDCw+LmXky3oJH47Wk2JxjI3IpKpMQopDc8nS5
6d+AW4qZmqtq8XAFTKHFv+jx4a1gLiPWM4AkUO8f89/fSMxS63ql3fpJFfKeoyI2
qY6DOr8hoGMDeBD0R59v8u1ndOJ3fo9d83gNNhQPpt7Rj9OagZpTMRnvLYhugSiQ
b20ThHIH4ohUwcQRYl+UQ0qHQGz8aSGnqhAH3pPh+VUAp+4Dt2QqFoRNa1UsDTrE
xBMmeU0te8BQuUCv+fLCguzWCo3lLwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEzN
0h5/Fhm1wLikQfuak3g2JBwXMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zMEMyNzZDNEM5OTkxMUVGODc2NTkzOTg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOmcMA0GCSqGSIb3DQEBCwUA
A4IBAQA8nLuQB0WOccGipr4c6v9MUH7DAt46w9w7wN0tyuHyo5IBYFESLOKGlJhb
W+7aG0jfI2cXZf4Ha2fIvUUqo7NUpHfVHqJe0bqkDU7sROrPFY5ldpGo5icXG9gf
QPZd8Z/Ujvn+5ZO/OrlBImXabLCClEFnBDoyXJWnIMZm0DSUymJ+EqwD8btWCyP4
u92xZvapq/kfR+2N0UC20MJhLLdL0azFyhvaZDAw3AF91V4lJ7qHEcMWWlpNV73C
plaA+JQK4UHQNH/CcAwNrTq7V4mLsqKMgJaslg1qyKivCxE+2f1U60f00QNZTgB6
2YDJeK9bEgCoISQ9tnaSVZt5MQ5y
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:38:39 2025 by rpki-client