Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/35EC560CCCE511EFA8232181762E951A.roa
File: 35EC560CCCE511EFA8232181762E951A.roa (raw, json)
Hash identifier: Ooks6Q9qLysoWVi6pAJASChxNzAfc5Gg7nCFg/z9/Ps=
Subject key identifier: 30:4F:64:FF:54:DD:B5:47:3C:54:58:B1:1A:3A:36:1E:0D:9F:92:0D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FBC7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/35EC560CCCE511EFA8232181762E951A.roa
Signing time: Tue 07 Jan 2025 10:50:30 +0000
ROA not before: Tue 07 Jan 2025 10:50:26 +0000
ROA not after: Mon 13 Dec 2027 10:50:26 +0000
asID: 17561
IP address blocks: 156.233.248.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64455 (0xfbc7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 10:50:26 2025 GMT
Not After : Dec 13 10:50:26 2027 GMT
Subject: CN=677d06f5-00ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:7b:7f:5a:62:71:21:34:9d:db:83:fa:42:bd:
09:f9:b6:9c:3c:f9:8a:8e:9d:bf:26:f4:bb:29:a9:
6d:00:c0:2d:db:39:26:d2:47:b6:12:14:2d:6c:3e:
25:82:17:e1:4f:1e:45:64:a3:26:08:63:b8:99:ab:
4f:70:e5:f8:0d:cb:1d:9b:df:ba:63:5e:21:98:93:
fb:82:83:f7:b1:f2:d7:0d:e4:b8:fb:03:10:67:db:
8b:c1:40:a8:12:fd:b2:e5:75:b7:fc:7e:66:6c:00:
66:e7:04:da:05:f4:08:54:f5:ae:b3:1c:36:6d:85:
2c:47:e2:cd:5b:e4:ce:dd:31:78:17:2d:31:f9:03:
47:5b:8d:8b:a4:3c:25:3e:c5:0a:5e:82:b9:ad:32:
cf:59:0b:59:e6:6f:66:0a:2f:4d:6d:40:71:76:63:
12:b5:64:53:57:33:17:69:16:f1:c7:b8:17:26:75:
88:9d:24:e1:3f:a3:a0:14:c0:5e:6c:7d:61:f1:df:
b7:c3:df:f0:74:ed:10:e2:2b:36:64:ae:1a:2f:97:
98:51:a2:6d:28:ba:19:47:f5:a0:52:b7:ca:c4:25:
af:29:06:27:6f:fb:85:09:1d:a8:94:a5:c3:fe:be:
95:ea:37:3e:62:6a:da:9a:bb:59:14:35:f0:eb:0a:
0e:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:4F:64:FF:54:DD:B5:47:3C:54:58:B1:1A:3A:36:1E:0D:9F:92:0D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/35EC560CCCE511EFA8232181762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.248.0/24
Signature Algorithm: sha256WithRSAEncryption
99:d5:05:c8:82:ee:2a:0b:97:bd:b4:6c:a6:97:0e:2a:f5:67:
e4:ed:55:79:6e:9a:0f:8c:a9:d2:d7:a7:c1:f2:a9:5a:3d:c6:
fe:06:8c:70:70:15:c9:5f:e4:aa:0f:b5:2d:2c:3f:ec:79:da:
a6:c2:2b:ae:31:9f:f6:e5:83:ce:e5:b2:de:c6:64:26:e1:04:
cd:c3:a3:bd:27:68:3e:2a:ff:2d:1d:92:b4:14:b8:fd:bb:a3:
58:19:57:1b:be:a2:62:d0:78:1b:6b:69:8f:f1:14:81:88:48:
9e:cb:cb:f5:31:15:e6:56:99:04:cf:43:91:c8:e6:d7:24:bb:
70:bc:34:3c:6b:0c:2e:4c:00:5a:5a:5b:01:ff:4c:ad:4f:e4:
3e:d5:a2:b2:52:f3:a4:7e:d4:dd:a0:e0:6f:5c:20:fb:f4:9f:
ee:d0:1a:62:86:47:20:03:6f:09:a5:ac:69:70:ed:f8:4b:2c:
47:7f:5c:60:1c:41:db:7a:26:81:9e:76:64:1a:9f:bc:15:67:
d1:11:e5:a5:53:9e:8d:b1:8f:c2:5b:81:82:5c:02:29:87:04:
08:a6:ff:56:1d:66:66:29:8d:e2:ce:7e:da:01:d8:9d:61:5b:
0d:83:17:2b:91:99:d2:de:c1:61:70:73:3f:32:d8:63:7c:68:
bc:06:21:a8
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPvHMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTA1MDI2WhcNMjcxMjEzMTA1MDI2WjAYMRYw
FAYDVQQDEw02NzdkMDZmNS0wMGFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAunt/WmJxITSd24P6Qr0J+bacPPmKjp2/JvS7KaltAMAt2zkm0ke2EhQt
bD4lghfhTx5FZKMmCGO4matPcOX4Dcsdm9+6Y14hmJP7goP3sfLXDeS4+wMQZ9uL
wUCoEv2y5XW3/H5mbABm5wTaBfQIVPWusxw2bYUsR+LNW+TO3TF4Fy0x+QNHW42L
pDwlPsUKXoK5rTLPWQtZ5m9mCi9NbUBxdmMStWRTVzMXaRbxx7gXJnWInSThP6Og
FMBebH1h8d+3w9/wdO0Q4is2ZK4aL5eYUaJtKLoZR/WgUrfKxCWvKQYnb/uFCR2o
lKXD/r6V6jc+YmramrtZFDXw6woOMwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDBP
ZP9U3bVHPFRYsRo6Nh4Nn5INMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zNUVDNTYwQ0NDRTUxMUVGQTgyMzIxODE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOn4MA0GCSqGSIb3DQEBCwUA
A4IBAQCZ1QXIgu4qC5e9tGymlw4q9Wfk7VV5bpoPjKnS16fB8qlaPcb+BoxwcBXJ
X+SqD7UtLD/sedqmwiuuMZ/25YPO5bLexmQm4QTNw6O9J2g+Kv8tHZK0FLj9u6NY
GVcbvqJi0Hgba2mP8RSBiEiey8v1MRXmVpkEz0ORyObXJLtwvDQ8awwuTABaWlsB
/0ytT+Q+1aKyUvOkftTdoOBvXCD79J/u0BpihkcgA28JpaxpcO34SyxHf1xgHEHb
eiaBnnZkGp+8FWfREeWlU56NsY/CW4GCXAIphwQIpv9WHWZmKY3izn7aAdidYVsN
gxcrkZnS3sFhcHM/MthjfGi8BiGo
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:49:16 2025 by rpki-client