Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/44026C86C28611EF89E0149B762E951A.roa
File: 44026C86C28611EF89E0149B762E951A.roa (raw, json)
Hash identifier: /io9tCqq90nN5EfZo5MAmUxc86OTrMgwLbc6araNwRY=
Subject key identifier: 63:6F:A6:3C:C4:32:CF:AD:D5:33:C3:3A:01:EC:22:62:33:28:E1:E8
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E929
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/44026C86C28611EF89E0149B762E951A.roa
Signing time: Wed 25 Dec 2024 06:05:39 +0000
ROA not before: Wed 25 Dec 2024 06:05:36 +0000
ROA not after: Wed 10 Dec 2025 06:05:36 +0000
asID: 984
IP address blocks: 156.228.52.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59689 (0xe929)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 25 06:05:36 2024 GMT
Not After : Dec 10 06:05:36 2025 GMT
Subject: CN=676ba0b3-49fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:6d:5e:09:37:4f:05:af:0a:aa:7c:32:e9:90:
ea:ef:4c:cd:be:6d:14:c2:18:04:22:05:67:93:00:
1d:d7:48:c2:b6:7a:ba:98:f5:dd:06:42:e3:72:23:
13:a7:10:d2:79:8f:27:48:cf:49:e7:a2:ec:69:df:
95:73:c2:df:a1:08:71:a5:71:13:1c:d6:cb:8f:92:
2c:1d:af:70:45:57:96:bb:ad:b2:19:1c:36:79:7b:
45:0e:cc:d9:4a:1f:5f:86:3f:af:e1:6b:d1:5d:0d:
2c:a7:eb:d7:bf:d8:f7:3f:01:ff:48:ca:04:1c:0c:
48:26:bf:d6:d3:c2:cf:d1:01:17:68:ea:d0:a2:78:
83:19:6f:57:1c:c0:81:97:07:49:01:d9:f7:f8:6a:
2b:60:d5:0a:db:49:76:c7:37:ca:c4:48:74:e7:c2:
e8:1a:66:01:67:21:fc:4c:fd:f8:36:09:25:15:a4:
c1:12:2b:24:63:6a:89:b7:ab:fc:b7:4e:86:b4:2f:
63:bb:bb:e9:2b:f8:b2:d6:09:8c:88:26:8e:15:90:
da:d2:8c:b8:cb:0c:c8:63:f9:c5:24:3c:17:cc:4e:
77:86:ce:67:be:eb:61:fb:01:d1:9b:9a:4c:60:15:
38:42:dd:b5:93:01:f5:a3:4b:57:c7:1f:1c:f6:86:
a5:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:6F:A6:3C:C4:32:CF:AD:D5:33:C3:3A:01:EC:22:62:33:28:E1:E8
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/44026C86C28611EF89E0149B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.52.0/24
Signature Algorithm: sha256WithRSAEncryption
44:63:85:a5:be:56:2b:e4:e0:e7:44:8a:c9:7d:96:59:cd:5a:
82:87:93:6b:07:32:e4:c5:ec:d9:01:5a:58:cb:45:9b:21:b3:
06:85:9b:03:ca:9f:5a:55:71:a2:b0:69:49:e7:a0:87:4c:f9:
ad:97:fd:85:ae:6e:aa:c9:1a:82:40:19:3e:81:a4:f5:1b:ff:
51:12:76:cb:da:0b:d4:51:8e:e4:db:0f:de:65:e0:72:4e:65:
76:92:d5:44:76:08:ea:42:f2:ab:8e:3e:8b:be:d8:1a:63:11:
17:6c:b9:92:e8:b4:ce:c5:76:9a:47:61:a5:55:3c:55:85:78:
39:f7:39:33:bd:35:39:a4:aa:9f:e9:84:e5:b9:66:82:c4:44:
2a:d6:df:22:df:ad:d0:26:99:27:7f:6f:ea:5b:06:20:11:5e:
3c:a4:40:3a:c3:c4:f5:2b:58:87:75:35:ef:05:48:5f:a3:81:
72:7b:51:a0:17:fe:e5:04:e4:71:54:8a:61:cb:ca:11:0a:b5:
9a:11:b9:6c:2f:46:fc:66:1c:48:31:35:15:dc:0c:b1:07:a3:
eb:a2:6f:90:06:7f:84:a2:fb:36:db:d0:c0:91:2c:2c:27:46:
88:b9:6d:3d:2e:53:97:ad:c7:06:9a:ae:7e:0f:94:0e:65:9b:
3f:7c:b7:38
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOkpMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI1MDYwNTM2WhcNMjUxMjEwMDYwNTM2WjAYMRYw
FAYDVQQDEw02NzZiYTBiMy00OWZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzm1eCTdPBa8Kqnwy6ZDq70zNvm0UwhgEIgVnkwAd10jCtnq6mPXdBkLj
ciMTpxDSeY8nSM9J56Lsad+Vc8LfoQhxpXETHNbLj5IsHa9wRVeWu62yGRw2eXtF
DszZSh9fhj+v4WvRXQ0sp+vXv9j3PwH/SMoEHAxIJr/W08LP0QEXaOrQoniDGW9X
HMCBlwdJAdn3+GorYNUK20l2xzfKxEh058LoGmYBZyH8TP34NgklFaTBEiskY2qJ
t6v8t06GtC9ju7vpK/iy1gmMiCaOFZDa0oy4ywzIY/nFJDwXzE53hs5nvuth+wHR
m5pMYBU4Qt21kwH1o0tXxx8c9oalwQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGNv
pjzEMs+t1TPDOgHsImIzKOHoMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80NDAyNkM4NkMyODYxMUVGODlFMDE0OUI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOQ0MA0GCSqGSIb3DQEBCwUA
A4IBAQBEY4WlvlYr5ODnRIrJfZZZzVqCh5NrBzLkxezZAVpYy0WbIbMGhZsDyp9a
VXGisGlJ56CHTPmtl/2Frm6qyRqCQBk+gaT1G/9REnbL2gvUUY7k2w/eZeByTmV2
ktVEdgjqQvKrjj6LvtgaYxEXbLmS6LTOxXaaR2GlVTxVhXg59zkzvTU5pKqf6YTl
uWaCxEQq1t8i363QJpknf2/qWwYgEV48pEA6w8T1K1iHdTXvBUhfo4Fye1GgF/7l
BORxVIphy8oRCrWaEblsL0b8ZhxIMTUV3AyxB6Prom+QBn+Eovs229DAkSwsJ0aI
uW09LlOXrccGmq5+D5QOZZs/fLc4
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:49:55 2025 by rpki-client