Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/41DC5076C34D11EF86D06589762E951A.roa
File: 41DC5076C34D11EF86D06589762E951A.roa (raw, json)
Hash identifier: phbVo2vTmT5abjbdyCYB/UBiez1O3Rsp1i2OcQf7IkU=
Subject key identifier: F8:DF:29:A0:FD:2F:07:68:64:B0:82:A1:9A:EA:24:E0:13:86:67:47
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EC4D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/41DC5076C34D11EF86D06589762E951A.roa
Signing time: Thu 26 Dec 2024 05:50:06 +0000
ROA not before: Thu 26 Dec 2024 05:50:02 +0000
ROA not after: Thu 11 Dec 2025 05:50:02 +0000
asID: 984
IP address blocks: 156.228.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60493 (0xec4d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 05:50:02 2024 GMT
Not After : Dec 11 05:50:02 2025 GMT
Subject: CN=676cee8e-64f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:67:0a:d0:f1:e4:2d:2d:7e:ae:38:22:54:4f:
4b:7c:de:de:6f:cd:77:88:e9:32:77:b8:28:73:ee:
46:0e:b1:76:63:53:29:a2:b6:b9:b8:20:37:96:01:
09:02:77:ce:c7:28:48:51:94:32:36:6c:83:2f:5c:
47:af:eb:55:0f:03:d1:44:fd:c5:99:81:8b:09:94:
3f:f3:45:f9:ef:e2:6e:8e:bf:a8:ab:f9:01:f6:5f:
7b:8d:42:68:a9:5a:7e:81:f8:76:d8:24:b9:1b:f1:
28:03:06:07:28:79:20:b7:f3:a7:39:8a:59:4f:bc:
51:ab:46:ca:ea:73:08:c4:ab:be:b1:c6:71:73:67:
a2:f7:91:55:6c:ec:90:03:da:3d:7b:f1:5a:80:26:
31:ff:ad:1e:98:cb:86:1a:e3:6f:6a:92:14:7d:92:
41:de:a8:2f:d1:99:68:b8:5d:ed:da:c5:81:26:92:
9b:61:02:77:42:a5:39:47:66:e7:84:82:70:64:86:
65:0f:e6:f1:70:30:fa:7e:f4:60:1a:1f:35:bb:19:
11:41:31:bf:a1:5a:eb:15:40:28:8e:e0:a3:5c:ad:
82:13:8c:01:5e:f4:aa:79:f8:6d:cb:f1:97:4c:ff:
00:59:f2:a7:ce:d9:4d:97:47:be:69:eb:2f:b9:00:
f2:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:DF:29:A0:FD:2F:07:68:64:B0:82:A1:9A:EA:24:E0:13:86:67:47
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/41DC5076C34D11EF86D06589762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.220.0/24
Signature Algorithm: sha256WithRSAEncryption
73:c5:86:ee:41:c9:40:6e:ab:69:45:46:4d:cd:20:4e:ad:76:
bf:57:57:7a:99:88:32:41:89:e7:34:b6:07:18:35:b2:ea:ca:
1d:b3:61:9c:59:b8:3b:89:fe:06:c6:56:cd:b9:3c:bf:69:18:
18:24:31:3b:38:4b:cc:8b:e4:9f:f4:41:e2:74:f1:34:ff:e9:
94:5e:0f:ac:74:59:1b:8c:d8:12:d9:18:fa:84:1d:62:56:a0:
8e:8e:5c:a3:2c:30:b0:7f:f0:6a:ff:39:c0:36:81:32:07:73:
d3:fe:28:e9:36:57:da:63:b3:68:e2:32:6b:f9:5b:4e:67:76:
a8:ff:bb:f9:cd:f4:d3:ba:f1:93:aa:6e:0b:5a:ad:fd:b5:71:
ce:04:12:ea:e4:8a:e4:e3:c0:78:3a:a5:46:e7:a9:57:fd:7d:
3f:85:b5:c1:32:bf:4d:5a:19:d3:d9:68:2f:1c:8b:db:92:ac:
d0:2e:51:10:74:39:f7:a5:a8:cf:28:47:d8:8d:f0:ed:fd:a8:
6f:0b:4b:54:f7:26:50:d1:43:d0:7f:1f:20:f5:d3:3d:eb:d5:
a8:9e:e0:64:2e:cf:50:0b:2c:64:c7:01:d8:1e:68:78:e8:0c:
ef:17:4e:60:af:96:6c:dd:aa:74:d1:ff:8e:14:5e:86:00:93:
26:0b:6f:83
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOxNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDU1MDAyWhcNMjUxMjExMDU1MDAyWjAYMRYw
FAYDVQQDEw02NzZjZWU4ZS02NGY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzGcK0PHkLS1+rjgiVE9LfN7eb813iOkyd7goc+5GDrF2Y1Mpora5uCA3
lgEJAnfOxyhIUZQyNmyDL1xHr+tVDwPRRP3FmYGLCZQ/80X57+Jujr+oq/kB9l97
jUJoqVp+gfh22CS5G/EoAwYHKHkgt/OnOYpZT7xRq0bK6nMIxKu+scZxc2ei95FV
bOyQA9o9e/FagCYx/60emMuGGuNvapIUfZJB3qgv0ZlouF3t2sWBJpKbYQJ3QqU5
R2bnhIJwZIZlD+bxcDD6fvRgGh81uxkRQTG/oVrrFUAojuCjXK2CE4wBXvSqefht
y/GXTP8AWfKnztlNl0e+aesvuQDytwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPjf
KaD9LwdoZLCCoZrqJOAThmdHMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80MURDNTA3NkMzNEQxMUVGODZEMDY1ODk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOTcMA0GCSqGSIb3DQEBCwUA
A4IBAQBzxYbuQclAbqtpRUZNzSBOrXa/V1d6mYgyQYnnNLYHGDWy6sods2GcWbg7
if4GxlbNuTy/aRgYJDE7OEvMi+Sf9EHidPE0/+mUXg+sdFkbjNgS2Rj6hB1iVqCO
jlyjLDCwf/Bq/znANoEyB3PT/ijpNlfaY7No4jJr+VtOZ3ao/7v5zfTTuvGTqm4L
Wq39tXHOBBLq5Irk48B4OqVG56lX/X0/hbXBMr9NWhnT2WgvHIvbkqzQLlEQdDn3
pajPKEfYjfDt/ahvC0tU9yZQ0UPQfx8g9dM969WonuBkLs9QCyxkxwHYHmh46Azv
F05gr5Zs3ap00f+OFF6GAJMmC2+D
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:42:58 2025 by rpki-client