Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/324C325CCAE111EFA3C50EAA762E951A.roa
File: 324C325CCAE111EFA3C50EAA762E951A.roa (raw, json)
Hash identifier: Y42K2hpjizoEMxilAWyROB0S+rQI9gTKhdcVTkjcj6k=
Subject key identifier: 31:6E:61:60:53:49:E1:FD:B9:29:25:B4:B2:9B:20:90:16:74:69:48
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F7B2
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/324C325CCAE111EFA3C50EAA762E951A.roa
Signing time: Sat 04 Jan 2025 21:16:43 +0000
ROA not before: Sun 05 Jan 2025 21:16:39 +0000
ROA not after: Fri 14 Feb 2025 21:16:39 +0000
asID: 61112
IP address blocks: 156.224.76.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63410 (0xf7b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 5 21:16:39 2025 GMT
Not After : Feb 14 21:16:39 2025 GMT
Subject: CN=6779a53b-9023
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f2:f8:95:0d:1c:55:6d:27:9f:4f:18:f2:df:
9d:01:ea:94:46:44:92:1f:29:ad:6a:cc:a8:7d:8c:
ee:bd:cc:24:09:75:66:e0:8d:99:87:6b:af:02:3b:
93:be:0b:f1:8d:34:2e:dc:15:01:c8:1b:eb:8d:05:
00:47:1c:7e:61:9c:66:35:c7:a3:1f:96:e0:55:02:
86:f7:af:b7:9d:4e:fa:a2:69:cc:66:67:c3:3f:42:
d7:f5:7d:22:9e:2d:5d:aa:ba:55:ae:50:82:ae:79:
76:c7:59:1f:9e:d4:e2:37:ba:07:3e:5e:36:17:62:
37:00:d0:aa:eb:b3:90:c9:6d:33:d1:a4:aa:75:f4:
cd:2c:66:95:70:39:66:20:8a:1f:5b:b7:c1:bf:25:
50:94:3b:13:6c:1e:c1:ab:1a:11:01:30:f3:9d:ea:
51:0a:a1:f6:76:76:be:5f:e8:96:b0:0e:29:ff:00:
a9:e7:6f:a7:b8:29:b7:fa:92:d3:11:f6:58:5e:49:
bf:72:71:6f:77:f0:db:5d:ac:01:7a:47:1c:70:10:
4e:29:74:1c:1b:02:6f:60:a1:24:8f:77:66:6f:49:
39:7c:72:09:5a:c6:93:4c:74:35:de:eb:a7:e5:ad:
82:ff:56:b3:9b:c8:18:4e:b1:98:97:10:0f:b5:58:
30:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:6E:61:60:53:49:E1:FD:B9:29:25:B4:B2:9B:20:90:16:74:69:48
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/324C325CCAE111EFA3C50EAA762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.224.76.0/22
Signature Algorithm: sha256WithRSAEncryption
47:7d:85:24:3a:9c:aa:9e:74:76:d4:15:96:da:b6:d3:9a:3b:
29:cc:c0:c4:fa:ea:56:50:57:5a:6e:95:1e:35:8f:f3:4d:df:
c0:6c:3c:e1:e8:c1:53:d6:81:17:34:84:8b:6e:e4:62:cb:28:
7e:3b:f5:aa:88:39:2f:81:78:5b:86:a2:61:86:91:27:ce:7a:
c2:67:9b:9a:0d:9b:eb:fc:79:d2:40:0a:14:fe:45:87:ad:67:
ed:11:93:71:77:c1:bb:c2:d7:a0:dc:05:9e:a9:c7:6f:20:6c:
bb:46:19:85:a0:a2:7e:e5:42:d9:af:bc:b1:da:c3:9f:ae:59:
39:da:97:f7:b9:a3:2c:f9:01:68:8a:d6:1e:85:57:99:d8:ca:
24:b2:b8:da:48:41:64:89:e0:c4:a3:d4:63:1d:c3:b5:2b:4e:
d4:3a:0f:3d:4c:82:7c:70:09:ab:59:53:8e:ca:75:33:44:ef:
52:d9:b4:78:c0:b9:08:19:8a:95:5f:10:e7:cd:9d:bf:bb:0e:
16:bc:f0:91:12:fe:cb:a8:c3:12:0d:e1:75:46:72:4e:a9:a2:
fa:a3:c9:f1:3d:2f:b9:c5:f4:8c:f8:55:d0:92:c1:82:77:0f:
29:d4:73:48:4c:39:a6:84:a3:a7:22:e4:0d:10:f9:bb:3e:dc:
7c:ed:aa:9b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPeyMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA1MjExNjM5WhcNMjUwMjE0MjExNjM5WjAYMRYw
FAYDVQQDEw02Nzc5YTUzYi05MDIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsfL4lQ0cVW0nn08Y8t+dAeqURkSSHymtasyofYzuvcwkCXVm4I2Zh2uv
AjuTvgvxjTQu3BUByBvrjQUARxx+YZxmNcejH5bgVQKG96+3nU76omnMZmfDP0LX
9X0ini1dqrpVrlCCrnl2x1kfntTiN7oHPl42F2I3ANCq67OQyW0z0aSqdfTNLGaV
cDlmIIofW7fBvyVQlDsTbB7BqxoRATDznepRCqH2dna+X+iWsA4p/wCp52+nuCm3
+pLTEfZYXkm/cnFvd/DbXawBekcccBBOKXQcGwJvYKEkj3dmb0k5fHIJWsaTTHQ1
3uun5a2C/1azm8gYTrGYlxAPtVgwBQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDFu
YWBTSeH9uSkltLKbIJAWdGlIMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zMjRDMzI1Q0NBRTExMUVGQTNDNTBFQUE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnOBMMA0GCSqGSIb3DQEBCwUA
A4IBAQBHfYUkOpyqnnR21BWW2rbTmjspzMDE+upWUFdabpUeNY/zTd/AbDzh6MFT
1oEXNISLbuRiyyh+O/WqiDkvgXhbhqJhhpEnznrCZ5uaDZvr/HnSQAoU/kWHrWft
EZNxd8G7wteg3AWeqcdvIGy7RhmFoKJ+5ULZr7yx2sOfrlk52pf3uaMs+QFoitYe
hVeZ2MoksrjaSEFkieDEo9RjHcO1K07UOg89TIJ8cAmrWVOOynUzRO9S2bR4wLkI
GYqVXxDnzZ2/uw4WvPCREv7LqMMSDeF1RnJOqaL6o8nxPS+5xfSM+FXQksGCdw8p
1HNITDmmhKOnIuQNEPm7Ptx87aqb
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:48:41 2025 by rpki-client