Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/35469330CDB111EF973A429C762E951A.roa
File: 35469330CDB111EF973A429C762E951A.roa (raw, json)
Hash identifier: 68WKEnXIM82se7EnbxPeYNAfMRggyhs4S2h1HMF6Ky4=
Subject key identifier: 91:D7:2B:44:9D:67:A0:74:0B:FE:FD:05:39:BD:73:BD:1F:E4:38:19
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010181
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/35469330CDB111EF973A429C762E951A.roa
Signing time: Wed 08 Jan 2025 11:10:46 +0000
ROA not before: Wed 08 Jan 2025 11:10:42 +0000
ROA not after: Sat 13 Dec 2025 11:10:42 +0000
asID: 984
IP address blocks: 156.255.76.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65921 (0x10181)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 11:10:42 2025 GMT
Not After : Dec 13 11:10:42 2025 GMT
Subject: CN=677e5d36-cd8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:f0:8b:43:c3:b3:f6:3d:73:96:76:72:68:de:
9e:82:c2:7f:d6:22:54:f5:f5:3f:21:4d:ba:04:dd:
90:b7:87:0f:09:f7:0b:ec:8f:2c:ef:09:7a:be:12:
99:0f:90:16:80:61:c0:bc:9a:79:81:a6:7b:7a:96:
f6:08:e8:af:ab:35:bc:cd:96:d5:44:7c:00:77:69:
bf:82:ca:2c:3a:c3:d8:1c:7b:24:93:fd:5f:c7:af:
ea:15:53:17:2f:82:d9:21:37:c6:3a:35:14:9d:a1:
80:dd:7e:31:bf:01:64:6b:fe:e5:77:ae:07:fa:e4:
6e:6c:fb:e6:20:cf:13:7e:0c:35:b8:ee:de:1d:fd:
fd:8f:2a:48:9b:09:37:3b:27:5a:53:b5:c9:bd:4e:
e3:ce:77:e0:ef:3e:24:5e:c9:a3:33:8e:b5:70:18:
80:23:6f:0b:fd:15:e3:91:7e:cb:10:87:96:af:da:
70:72:d5:f5:80:3f:ca:36:7e:c2:97:80:c1:8e:a1:
a8:f2:71:78:9e:ef:86:47:a4:7c:45:2f:3d:75:84:
a8:71:8f:8b:c1:aa:24:fd:04:d3:4d:7e:78:a5:f6:
9d:0e:f2:be:4d:07:aa:cc:61:79:15:12:9c:91:97:
c6:ee:97:a9:fe:1b:2f:cc:8d:9e:a9:60:aa:b1:cb:
1a:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:D7:2B:44:9D:67:A0:74:0B:FE:FD:05:39:BD:73:BD:1F:E4:38:19
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/35469330CDB111EF973A429C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.255.76.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:48:28:7d:53:38:ac:67:82:21:6d:a4:86:85:7d:80:6b:1d:
ae:b7:91:50:ce:a3:fa:7c:f2:b6:d3:7a:c6:be:4f:43:af:86:
69:08:3d:b2:3d:d7:4e:9f:02:4b:14:a7:8a:be:d4:8e:63:4f:
59:36:70:81:96:92:e5:d9:28:de:99:35:57:e7:31:cb:ea:9d:
13:d3:af:c8:a1:5f:5f:78:80:f4:e8:17:03:dd:c5:a6:ac:62:
c7:ea:83:ce:f1:54:03:00:11:93:08:a6:96:ee:7f:4a:47:ec:
fe:66:5a:ae:e7:64:4d:49:f9:84:93:8a:b0:0a:50:0d:95:92:
7e:7b:65:5b:a9:4e:76:48:9f:fd:32:15:d3:d2:bb:a5:1f:1a:
45:d7:71:7b:b7:7b:a4:bf:24:75:c0:f5:25:4d:2c:b9:f3:ed:
6d:d8:03:46:08:a9:42:94:b5:e1:9c:08:d6:4c:a5:77:ee:fd:
3e:bb:66:be:e7:52:a6:05:a5:ae:22:bb:d1:8a:fe:47:01:f2:
1a:29:f7:8f:2f:d7:9d:bc:1f:df:f9:cc:72:13:08:5a:aa:bc:
b4:02:e5:0e:7f:72:25:4a:aa:39:75:fe:6b:f9:11:98:e8:6f:
79:7e:af:f8:be:26:50:41:f4:93:3f:88:26:8b:1a:b6:d0:5d:
7f:6f:9d:c6
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQGBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MTExMDQyWhcNMjUxMjEzMTExMDQyWjAYMRYw
FAYDVQQDEw02NzdlNWQzNi1jZDhhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqfCLQ8Oz9j1zlnZyaN6egsJ/1iJU9fU/IU26BN2Qt4cPCfcL7I8s7wl6
vhKZD5AWgGHAvJp5gaZ7epb2COivqzW8zZbVRHwAd2m/gsosOsPYHHskk/1fx6/q
FVMXL4LZITfGOjUUnaGA3X4xvwFka/7ld64H+uRubPvmIM8Tfgw1uO7eHf39jypI
mwk3OydaU7XJvU7jznfg7z4kXsmjM461cBiAI28L/RXjkX7LEIeWr9pwctX1gD/K
Nn7Cl4DBjqGo8nF4nu+GR6R8RS89dYSocY+Lwaok/QTTTX54pfadDvK+TQeqzGF5
FRKckZfG7pep/hsvzI2eqWCqscsaZQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJHX
K0SdZ6B0C/79BTm9c70f5DgZMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zNTQ2OTMzMENEQjExMUVGOTczQTQyOUM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP9MMA0GCSqGSIb3DQEBCwUA
A4IBAQCNSCh9UzisZ4IhbaSGhX2Aax2ut5FQzqP6fPK203rGvk9Dr4ZpCD2yPddO
nwJLFKeKvtSOY09ZNnCBlpLl2SjemTVX5zHL6p0T06/IoV9feID06BcD3cWmrGLH
6oPO8VQDABGTCKaW7n9KR+z+Zlqu52RNSfmEk4qwClANlZJ+e2VbqU52SJ/9MhXT
0rulHxpF13F7t3ukvyR1wPUlTSy58+1t2ANGCKlClLXhnAjWTKV37v0+u2a+51Km
BaWuIrvRiv5HAfIaKfePL9edvB/f+cxyEwhaqry0AuUOf3IlSqo5df5r+RGY6G95
fq/4viZQQfSTP4gmixq20F1/b53G
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:50:12 2025 by rpki-client