Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/335B591AABA211EF959B3B5E762E951A.roa
File: 335B591AABA211EF959B3B5E762E951A.roa (raw, json)
Hash identifier: 4FJzebAOv8lp/NoKRHObOzUr71Spa+yzkDilc4kzlSw=
Subject key identifier: F0:E3:D5:76:E5:E7:68:35:92:96:52:4D:39:BE:34:AA:D7:58:E9:DD
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: DA97
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/335B591AABA211EF959B3B5E762E951A.roa
Signing time: Tue 26 Nov 2024 02:57:41 +0000
ROA not before: Tue 26 Nov 2024 02:57:37 +0000
ROA not after: Fri 26 Nov 2027 02:57:37 +0000
asID: 17561
IP address blocks: 156.252.64.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 55959 (0xda97)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Nov 26 02:57:37 2024 GMT
Not After : Nov 26 02:57:37 2027 GMT
Subject: CN=67453925-3b1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:27:b6:6b:32:6a:6d:a7:46:10:b7:f7:97:98:
db:2c:ca:00:75:44:93:9a:3c:6b:f1:83:51:ae:3b:
24:25:1a:83:43:d9:06:2b:cd:e2:ee:22:a0:db:6c:
d6:17:35:6b:78:97:85:2d:ed:65:39:c2:b6:90:25:
58:7f:7a:9a:69:49:54:8f:ef:0a:d7:40:49:64:67:
ec:86:ae:43:c8:fa:df:b9:3a:a1:7e:9f:8f:d1:e8:
c3:c0:74:d8:c4:a6:70:a3:8f:5e:5b:43:45:0d:5a:
28:eb:5d:37:2d:ad:7d:49:1d:2b:ce:43:de:46:c2:
10:01:57:af:df:3e:98:8e:cf:97:9e:69:56:cb:16:
9d:f3:63:d5:65:70:1a:bb:a4:66:16:9c:b3:e4:ec:
11:95:e0:4d:59:93:35:53:18:f5:d9:70:e2:5c:93:
3e:74:9f:d6:92:c7:2c:f7:77:89:a6:53:1c:f2:d6:
82:fd:2d:a9:bc:82:48:52:87:05:e8:c9:94:f5:89:
34:56:7f:40:e1:20:9a:75:16:d3:f1:e7:6a:9b:f3:
73:07:9c:33:65:81:4f:cd:2c:2c:2a:59:ab:9b:f1:
75:ae:c9:57:ad:0d:b1:00:7b:00:16:d8:17:bd:25:
da:99:e9:c6:ac:c0:56:fa:8e:ee:0c:b7:67:fd:ba:
fc:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:E3:D5:76:E5:E7:68:35:92:96:52:4D:39:BE:34:AA:D7:58:E9:DD
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/335B591AABA211EF959B3B5E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.64.0/18
Signature Algorithm: sha256WithRSAEncryption
21:20:67:7f:79:ab:28:c5:43:a2:bd:d4:20:b0:16:57:dd:d4:
73:fd:bb:91:2c:35:20:26:65:df:7a:8f:b2:86:68:e0:10:fb:
5b:c7:7f:e4:66:84:12:7d:00:eb:7c:26:fe:62:26:e8:f4:ef:
30:17:1b:6a:4e:d4:98:43:57:d1:31:b8:75:1e:d0:f0:b2:99:
54:b7:bf:1d:2b:e1:ab:5a:c7:59:a4:66:ba:ef:3a:3b:b9:6c:
7c:a6:78:43:40:6d:28:61:2f:e5:97:39:0d:69:9f:02:6e:3a:
f0:54:7c:3f:eb:0a:fd:1a:51:a0:a1:71:2f:02:11:e6:2c:c4:
79:77:9b:5e:80:6f:56:1b:c3:6f:af:8a:16:1b:d5:39:be:f2:
74:44:3d:56:26:8b:25:9e:46:25:c5:41:3b:cf:1d:b8:78:13:
97:ab:a9:c1:01:ab:03:2c:ac:84:de:82:02:11:80:3d:27:7a:
01:ef:76:4a:c4:5f:3e:7e:14:09:d4:e2:ca:9e:f1:8f:04:35:
36:30:37:d7:c2:b7:65:3c:d8:76:5b:3c:89:a8:7d:bb:b6:a5:
60:04:83:a0:9f:fc:f4:e0:f8:e8:f0:4b:bd:f3:8c:a7:f0:f3:
81:c0:70:d5:fb:a9:c9:54:fb:25:63:8e:ba:ee:1b:ce:51:f2:
af:4e:7f:cf
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANqXMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTI2MDI1NzM3WhcNMjcxMTI2MDI1NzM3WjAYMRYw
FAYDVQQDEw02NzQ1MzkyNS0zYjFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyye2azJqbadGELf3l5jbLMoAdUSTmjxr8YNRrjskJRqDQ9kGK83i7iKg
22zWFzVreJeFLe1lOcK2kCVYf3qaaUlUj+8K10BJZGfshq5DyPrfuTqhfp+P0ejD
wHTYxKZwo49eW0NFDVoo6103La19SR0rzkPeRsIQAVev3z6Yjs+XnmlWyxad82PV
ZXAau6RmFpyz5OwRleBNWZM1Uxj12XDiXJM+dJ/Wkscs93eJplMc8taC/S2pvIJI
UocF6MmU9Yk0Vn9A4SCadRbT8edqm/NzB5wzZYFPzSwsKlmrm/F1rslXrQ2xAHsA
FtgXvSXamenGrMBW+o7uDLdn/br82wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPDj
1Xbl52g1kpZSTTm+NKrXWOndMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zMzVCNTkxQUFCQTIxMUVGOTU5QjNCNUU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGnPxAMA0GCSqGSIb3DQEBCwUA
A4IBAQAhIGd/easoxUOivdQgsBZX3dRz/buRLDUgJmXfeo+yhmjgEPtbx3/kZoQS
fQDrfCb+Yibo9O8wFxtqTtSYQ1fRMbh1HtDwsplUt78dK+GrWsdZpGa67zo7uWx8
pnhDQG0oYS/llzkNaZ8CbjrwVHw/6wr9GlGgoXEvAhHmLMR5d5tegG9WG8Nvr4oW
G9U5vvJ0RD1WJoslnkYlxUE7zx24eBOXq6nBAasDLKyE3oICEYA9J3oB73ZKxF8+
fhQJ1OLKnvGPBDU2MDfXwrdlPNh2WzyJqH27tqVgBIOgn/z04Pjo8Eu984yn8POB
wHDV+6nJVPslY4667hvOUfKvTn/P
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:58:18 2025 by rpki-client