Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/380B28D0C32311EFB500A668762E951A.roa
File: 380B28D0C32311EFB500A668762E951A.roa (raw, json)
Hash identifier: 4/qNpAOajv2qVcR141xIVZCh1Y6ifVTunM3KU26z4Oo=
Subject key identifier: 0A:E3:9E:B2:63:5D:D6:2D:7C:D0:A8:29:46:5B:54:FF:25:64:06:BB
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EA46
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/380B28D0C32311EFB500A668762E951A.roa
Signing time: Thu 26 Dec 2024 00:49:10 +0000
ROA not before: Thu 26 Dec 2024 00:00:07 +0000
ROA not after: Wed 10 Dec 2025 00:00:07 +0000
asID: 984
IP address blocks: 156.228.238.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59974 (0xea46)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 00:00:07 2024 GMT
Not After : Dec 10 00:00:07 2025 GMT
Subject: CN=676ca806-3e89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:b9:b7:cc:7a:0e:08:fa:38:de:f5:42:b5:c7:
20:e4:11:0c:cc:2e:82:d0:f3:00:a5:4d:ac:e3:31:
ed:ca:e0:8e:2c:55:31:b4:5a:16:8b:56:55:a6:6b:
56:28:42:16:44:f4:7f:f5:00:4a:25:64:30:fb:2a:
38:e7:e2:e9:9c:a5:51:a5:6e:f6:e3:fe:5a:42:0e:
23:e8:ef:67:3c:a0:80:f8:77:7f:ad:c3:b3:bc:cb:
39:5b:d0:f3:fd:04:00:3b:5d:a7:d1:15:4d:42:f8:
5b:2c:6c:17:c1:e5:e3:8b:79:3f:a3:bb:4b:78:6d:
45:37:44:ce:ed:6d:19:97:6d:d4:3c:c0:9c:a6:03:
c4:63:f3:f4:32:91:57:1b:f6:aa:ee:1d:2d:6c:25:
63:60:12:8d:7d:78:81:57:12:74:13:07:85:bb:63:
1a:78:1e:2f:56:f8:05:d8:ee:47:f6:d1:ab:67:ad:
73:12:04:4e:ef:79:7d:39:77:d2:42:f9:da:d0:d7:
b2:3b:ad:4e:3c:e2:9f:02:6d:34:63:69:91:46:f7:
db:cd:f2:4c:6b:5f:c0:70:5b:a8:bb:a4:7e:9a:ac:
16:4e:07:30:6c:1d:ea:e4:f5:cb:74:29:a0:f8:6c:
2c:78:c3:59:65:52:23:a4:ca:77:49:d8:11:e9:0a:
de:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:E3:9E:B2:63:5D:D6:2D:7C:D0:A8:29:46:5B:54:FF:25:64:06:BB
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/380B28D0C32311EFB500A668762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.238.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:1b:fe:71:a2:fb:c3:46:57:60:54:dc:72:03:32:99:f0:cb:
bb:66:e2:57:18:b0:c6:62:64:77:ac:b3:2d:4c:40:48:5b:26:
1d:32:7b:c9:3c:5c:1f:ec:26:d2:8c:b0:c3:8c:dc:91:d0:62:
f8:f7:fd:ed:c5:09:f0:f2:f3:07:77:33:de:ae:16:86:e1:4d:
c3:55:86:65:58:1f:55:fd:fc:7f:1d:81:11:6a:79:fe:a2:0c:
10:0f:87:85:8a:a6:d4:66:da:03:89:a1:77:d7:fa:e6:86:af:
da:81:97:4d:c8:49:1e:d0:ce:3a:00:83:49:59:5a:85:03:2f:
6e:41:1c:4e:b7:90:26:f2:1c:9f:71:48:01:81:1a:db:b6:bd:
33:8f:fe:09:a8:0c:03:2f:9d:6e:02:16:4f:70:39:46:55:2e:
8e:ef:92:bb:d5:e7:b9:50:c0:dd:b2:d4:0d:74:f6:6e:19:98:
87:de:cc:44:9a:8c:40:ee:38:63:52:ac:57:8b:fd:20:31:7e:
75:6a:aa:e5:43:04:e5:d9:ab:24:e3:5f:ca:4b:9b:1e:fe:39:
a1:fa:63:0a:0f:f7:85:c3:ad:65:09:a3:bf:4e:0a:b4:8f:5d:
b1:3f:b8:1a:5b:60:7d:4a:ca:28:a7:d0:a1:af:68:8d:21:f6:
47:f0:b0:d5
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOpGMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDAwMDA3WhcNMjUxMjEwMDAwMDA3WjAYMRYw
FAYDVQQDEw02NzZjYTgwNi0zZTg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1Lm3zHoOCPo43vVCtccg5BEMzC6C0PMApU2s4zHtyuCOLFUxtFoWi1ZV
pmtWKEIWRPR/9QBKJWQw+yo45+LpnKVRpW724/5aQg4j6O9nPKCA+Hd/rcOzvMs5
W9Dz/QQAO12n0RVNQvhbLGwXweXji3k/o7tLeG1FN0TO7W0Zl23UPMCcpgPEY/P0
MpFXG/aq7h0tbCVjYBKNfXiBVxJ0EweFu2MaeB4vVvgF2O5H9tGrZ61zEgRO73l9
OXfSQvna0NeyO61OPOKfAm00Y2mRRvfbzfJMa1/AcFuou6R+mqwWTgcwbB3q5PXL
dCmg+GwseMNZZVIjpMp3SdgR6QreNQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFArj
nrJjXdYtfNCoKUZbVP8lZAa7MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zODBCMjhEMEMzMjMxMUVGQjUwMEE2Njg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOTuMA0GCSqGSIb3DQEBCwUA
A4IBAQCnG/5xovvDRldgVNxyAzKZ8Mu7ZuJXGLDGYmR3rLMtTEBIWyYdMnvJPFwf
7CbSjLDDjNyR0GL49/3txQnw8vMHdzPerhaG4U3DVYZlWB9V/fx/HYERann+ogwQ
D4eFiqbUZtoDiaF31/rmhq/agZdNyEke0M46AINJWVqFAy9uQRxOt5Am8hyfcUgB
gRrbtr0zj/4JqAwDL51uAhZPcDlGVS6O75K71ee5UMDdstQNdPZuGZiH3sxEmoxA
7jhjUqxXi/0gMX51aqrlQwTl2ask41/KS5se/jmh+mMKD/eFw61lCaO/Tgq0j12x
P7gaW2B9Ssoop9Chr2iNIfZH8LDV
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:43:24 2025 by rpki-client