Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/347338A4C28111EF8B82057B762E951A.roa
File: 347338A4C28111EF8B82057B762E951A.roa (raw, json)
Hash identifier: rO02DgKIAlk2KlWQnT5/7ZcZog9FyPP5ygcZAd5Xlfg=
Subject key identifier: CD:67:1F:EB:78:E2:CF:06:98:A0:F0:82:7C:46:18:62:54:3C:DD:E1
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E8EB
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/347338A4C28111EF8B82057B762E951A.roa
Signing time: Wed 25 Dec 2024 05:29:26 +0000
ROA not before: Wed 25 Dec 2024 05:29:22 +0000
ROA not after: Wed 10 Dec 2025 05:29:22 +0000
asID: 984
IP address blocks: 156.228.20.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59627 (0xe8eb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 25 05:29:22 2024 GMT
Not After : Dec 10 05:29:22 2025 GMT
Subject: CN=676b9836-4a65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:46:07:5a:4c:5f:4b:9c:8f:14:e9:c6:51:f6:
41:54:3c:2c:e7:6d:ea:02:a6:e7:33:3d:f8:b7:ab:
f7:2f:aa:fe:c0:00:a9:bd:21:6c:cd:e8:69:5e:36:
90:a6:7b:99:41:3d:1b:db:dc:73:47:32:51:16:11:
f3:9e:89:2d:28:8a:2c:18:a5:d6:e1:84:2d:e2:4f:
3f:17:94:73:93:ee:4c:88:0d:29:e0:85:e8:88:4b:
e5:16:ce:ba:1c:81:b4:4a:db:a4:31:d6:a1:5a:e6:
87:2c:d6:93:44:c0:0a:b9:6b:9a:38:f7:79:3a:22:
cc:13:1d:ce:93:8a:61:f5:41:74:5a:e2:62:a6:ef:
61:67:9c:bd:a9:1a:2d:bf:dc:f3:e5:96:c6:01:6d:
a7:5a:81:19:f0:9e:0b:44:e7:38:da:24:db:3c:b9:
85:25:a6:c0:4a:15:3a:8c:a7:91:1d:05:05:07:e5:
90:2d:e6:94:71:1e:ff:24:33:fa:b6:93:42:56:af:
5f:8b:f8:17:a4:1d:2a:2b:35:6d:cc:b7:99:1e:b7:
24:15:f2:da:a3:2b:af:19:89:3c:4d:f5:bf:63:e5:
e2:67:f2:94:b6:b9:19:ad:53:f6:df:fa:4b:f6:34:
6d:89:e4:ea:c4:f3:43:3f:78:d5:e5:3a:76:43:56:
79:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:67:1F:EB:78:E2:CF:06:98:A0:F0:82:7C:46:18:62:54:3C:DD:E1
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/347338A4C28111EF8B82057B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.20.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:02:3b:8e:45:38:14:9d:b3:a2:bb:75:eb:5a:06:0f:1b:1c:
ae:bc:f9:3c:80:05:0b:f6:74:9e:cc:ea:1d:75:6a:fe:d1:31:
7f:6a:01:2b:10:53:99:41:78:35:98:90:ba:d8:8c:db:6c:90:
7b:45:08:99:a5:d6:8d:2e:c8:bc:a7:0d:a5:42:89:00:93:9a:
13:87:ca:c3:63:ee:00:61:79:89:3e:b7:bb:c9:e6:22:36:97:
3f:ab:b7:f4:be:3c:5c:7a:64:b1:ac:68:31:b7:f3:f1:74:d5:
16:c3:76:65:ca:ed:c4:cf:ff:3f:45:e3:09:04:08:01:41:bd:
b1:ca:06:86:96:46:a3:53:cb:c3:86:a7:a8:11:52:15:c1:34:
b4:3f:b4:f0:a6:41:93:4f:01:75:0a:be:d9:ca:a9:68:5a:13:
a9:51:27:ef:c3:c0:43:72:01:65:56:23:fc:4d:57:0e:90:8b:
fd:c4:cd:5a:6d:39:fe:07:df:9f:b7:e2:d7:a9:bb:dc:49:fc:
5f:25:a4:e1:f7:65:b4:d0:9a:16:95:c5:6a:0e:f5:04:fb:bd:
b6:74:ff:a2:99:35:99:3b:f4:d7:60:50:09:17:b3:04:00:d9:
77:5e:1f:0d:38:c9:1b:34:97:97:4a:ec:7b:1e:50:e7:d1:f0:
bd:b4:9a:0b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOjrMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI1MDUyOTIyWhcNMjUxMjEwMDUyOTIyWjAYMRYw
FAYDVQQDEw02NzZiOTgzNi00YTY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAr0YHWkxfS5yPFOnGUfZBVDws523qAqbnMz34t6v3L6r+wACpvSFszehp
XjaQpnuZQT0b29xzRzJRFhHznoktKIosGKXW4YQt4k8/F5Rzk+5MiA0p4IXoiEvl
Fs66HIG0StukMdahWuaHLNaTRMAKuWuaOPd5OiLMEx3Ok4ph9UF0WuJipu9hZ5y9
qRotv9zz5ZbGAW2nWoEZ8J4LROc42iTbPLmFJabAShU6jKeRHQUFB+WQLeaUcR7/
JDP6tpNCVq9fi/gXpB0qKzVtzLeZHrckFfLaoyuvGYk8TfW/Y+XiZ/KUtrkZrVP2
3/pL9jRtieTqxPNDP3jV5Tp2Q1Z5CwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFM1n
H+t44s8GmKDwgnxGGGJUPN3hMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zNDczMzhBNEMyODExMUVGOEI4MjA1N0I3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOQUMA0GCSqGSIb3DQEBCwUA
A4IBAQBcAjuORTgUnbOiu3XrWgYPGxyuvPk8gAUL9nSezOoddWr+0TF/agErEFOZ
QXg1mJC62IzbbJB7RQiZpdaNLsi8pw2lQokAk5oTh8rDY+4AYXmJPre7yeYiNpc/
q7f0vjxcemSxrGgxt/PxdNUWw3Zlyu3Ez/8/ReMJBAgBQb2xygaGlkajU8vDhqeo
EVIVwTS0P7TwpkGTTwF1Cr7ZyqloWhOpUSfvw8BDcgFlViP8TVcOkIv9xM1abTn+
B9+ft+LXqbvcSfxfJaTh92W00JoWlcVqDvUE+722dP+imTWZO/TXYFAJF7MEANl3
Xh8NOMkbNJeXSux7HlDn0fC9tJoL
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:52:29 2025 by rpki-client