Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/40421682C74511EF842BFDBC762E951A.roa
File: 40421682C74511EF842BFDBC762E951A.roa (raw, json)
Hash identifier: Zd4diyw7ikKJ4S9jUBV4YyikWTeOYXIiy8PbDW0ysPg=
Subject key identifier: 0E:33:C7:44:E8:48:23:25:D0:8C:4C:32:B6:D0:E9:12:D2:96:9A:2A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F29F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/40421682C74511EF842BFDBC762E951A.roa
Signing time: Tue 31 Dec 2024 07:02:52 +0000
ROA not before: Tue 31 Dec 2024 07:02:48 +0000
ROA not after: Fri 07 Feb 2025 07:02:48 +0000
asID: 205125
IP address blocks: 156.255.8.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62111 (0xf29f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 31 07:02:48 2024 GMT
Not After : Feb 7 07:02:48 2025 GMT
Subject: CN=6773971c-3ce8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:02:c1:db:7b:77:88:72:ea:61:84:b5:bf:01:
53:e6:0f:71:7c:05:36:2a:5c:d6:f9:61:2d:a4:c4:
58:42:2f:0f:cf:42:76:51:68:3c:aa:c5:ae:1d:d5:
52:9a:7b:f6:bf:76:32:f0:92:63:51:66:51:b5:0e:
04:83:4e:58:72:77:a5:c0:79:f9:c9:76:27:63:fd:
e1:a2:6c:e9:1b:2a:d5:e3:23:b3:6d:a4:89:8b:03:
20:67:c7:17:fc:03:18:2b:55:63:71:c2:86:b8:64:
9d:52:fd:54:62:b7:2a:e0:1b:0d:7b:c2:17:34:d3:
be:89:e4:76:a1:ed:cb:99:96:4e:56:b0:cb:a3:fc:
f4:26:4f:27:55:d6:ae:7c:54:48:57:c2:b0:2d:6c:
a8:c5:88:14:1a:27:3b:5f:d0:88:93:43:53:26:ff:
db:e4:0b:9e:87:4f:84:05:cd:04:e9:ff:e4:f5:fb:
03:35:5c:a4:60:0c:92:11:ba:90:12:29:2d:88:43:
ba:4b:74:92:19:98:5a:ec:b3:60:9b:73:44:fc:3b:
06:c6:c9:d0:61:84:be:8b:63:af:61:45:09:a6:d4:
d2:4d:a0:b7:22:b0:a9:b7:c9:43:f4:a1:8a:d2:7f:
c5:5c:82:02:23:eb:fb:47:a8:22:b5:79:34:36:cc:
cc:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:33:C7:44:E8:48:23:25:D0:8C:4C:32:B6:D0:E9:12:D2:96:9A:2A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/40421682C74511EF842BFDBC762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.255.8.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:f8:58:9b:c0:8d:a9:2e:f9:03:89:ed:cb:e2:b7:c2:69:e6:
fe:f2:86:41:a7:9c:a6:6d:2b:21:37:02:5a:a4:2d:21:29:24:
41:da:3d:cd:41:a4:45:a3:3d:22:21:cb:27:77:7c:20:b7:e2:
26:a5:5a:7a:bf:a6:bb:29:5a:30:8e:ee:07:b7:71:2c:1b:e2:
e9:b6:dc:0b:0c:7e:af:0d:8c:50:42:3b:4b:08:1e:fb:3e:df:
34:5b:a1:79:90:66:1f:c4:a3:fe:69:52:dd:74:54:06:6d:42:
89:83:58:eb:df:48:7e:c8:34:c5:0b:77:30:ad:38:15:86:66:
3f:f5:22:b4:33:0f:40:fc:44:81:dd:e9:45:79:cc:e5:7e:98:
b7:f7:b1:e4:e9:da:1d:4e:b4:ef:52:9c:b4:62:ef:0b:3b:9a:
04:9b:c4:4f:2a:86:1b:82:de:78:3a:24:2a:a1:fd:46:37:d4:
21:47:9e:23:be:59:20:85:62:ae:97:cb:3f:08:98:b7:d3:c8:
e8:c6:a9:3e:8d:5c:39:3c:d4:1b:26:28:80:54:77:22:ea:9a:
47:f1:50:f9:c9:57:2b:c4:f7:0a:a1:27:f2:b5:be:67:45:6b:
25:84:23:92:5e:8a:08:39:e8:3e:e0:2c:ff:29:fd:d0:8b:7d:
2e:3c:79:ef
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPKfMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjMxMDcwMjQ4WhcNMjUwMjA3MDcwMjQ4WjAYMRYw
FAYDVQQDEw02NzczOTcxYy0zY2U4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvQLB23t3iHLqYYS1vwFT5g9xfAU2KlzW+WEtpMRYQi8Pz0J2UWg8qsWu
HdVSmnv2v3Yy8JJjUWZRtQ4Eg05YcnelwHn5yXYnY/3homzpGyrV4yOzbaSJiwMg
Z8cX/AMYK1VjccKGuGSdUv1UYrcq4BsNe8IXNNO+ieR2oe3LmZZOVrDLo/z0Jk8n
VdaufFRIV8KwLWyoxYgUGic7X9CIk0NTJv/b5Aueh0+EBc0E6f/k9fsDNVykYAyS
EbqQEiktiEO6S3SSGZha7LNgm3NE/DsGxsnQYYS+i2OvYUUJptTSTaC3IrCpt8lD
9KGK0n/FXIICI+v7R6gitXk0NszMnQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFA4z
x0ToSCMl0IxMMrbQ6RLSlpoqMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80MDQyMTY4MkM3NDUxMUVGODQyQkZEQkM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP8IMA0GCSqGSIb3DQEBCwUA
A4IBAQB6+FibwI2pLvkDie3L4rfCaeb+8oZBp5ymbSshNwJapC0hKSRB2j3NQaRF
oz0iIcsnd3wgt+ImpVp6v6a7KVowju4Ht3EsG+LpttwLDH6vDYxQQjtLCB77Pt80
W6F5kGYfxKP+aVLddFQGbUKJg1jr30h+yDTFC3cwrTgVhmY/9SK0Mw9A/ESB3elF
eczlfpi397Hk6dodTrTvUpy0Yu8LO5oEm8RPKoYbgt54OiQqof1GN9QhR54jvlkg
hWKul8s/CJi308joxqk+jVw5PNQbJiiAVHci6ppH8VD5yVcrxPcKoSfytb5nRWsl
hCOSXooIOeg+4Cz/Kf3Qi30uPHnv
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:48:14 2025 by rpki-client