Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/452C9DFEC27F11EFB0ED3270762E951A.roa
File: 452C9DFEC27F11EFB0ED3270762E951A.roa (raw, json)
Hash identifier: D+ZWy5Jm7W56rZwerpe756ZQ+GZX3rXgyR67s8BfMu8=
Subject key identifier: 38:B3:0F:45:D0:4C:26:09:22:0E:8C:BC:07:3C:2B:DC:DA:45:05:F3
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E8D3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/452C9DFEC27F11EFB0ED3270762E951A.roa
Signing time: Wed 25 Dec 2024 05:15:35 +0000
ROA not before: Wed 25 Dec 2024 05:15:31 +0000
ROA not after: Wed 10 Dec 2025 05:15:31 +0000
asID: 984
IP address blocks: 156.227.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59603 (0xe8d3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 25 05:15:31 2024 GMT
Not After : Dec 10 05:15:31 2025 GMT
Subject: CN=676b94f7-a723
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:1c:87:ca:c3:00:28:2a:5a:12:e1:84:bd:db:
1d:6a:44:63:93:99:b4:b5:91:70:97:ef:5b:cc:95:
0c:3f:07:87:1d:47:23:fd:9f:9a:93:c2:d1:b7:ce:
8a:a8:6f:e8:e6:e3:9f:8c:59:d7:22:34:02:5c:de:
3a:21:e2:01:54:42:c9:3d:c7:fe:fe:6f:51:49:6f:
7f:39:7a:66:e4:a1:95:62:f0:b5:3d:9e:3a:9f:25:
4b:c8:25:b0:bd:df:41:95:0b:29:49:7a:06:e7:25:
f3:e7:82:0c:b5:fc:6f:1b:0c:b3:59:d2:66:bc:a8:
16:0a:91:fe:ba:96:80:51:4d:7f:aa:1c:ad:1a:9f:
a9:e2:74:a3:9c:16:ec:b0:3b:81:3b:9d:cb:6b:d0:
e2:eb:25:e0:09:4a:ff:d2:23:50:67:8d:a0:39:45:
2d:15:0f:1a:a5:62:36:17:e7:64:d7:cf:23:ec:8b:
ef:02:6f:12:8c:04:5e:54:ae:f3:f9:a4:b4:41:35:
b6:6a:01:db:b3:b6:0a:6e:da:f4:7e:4f:a2:6e:ef:
d0:88:2e:f1:d8:b4:c9:e4:74:c4:07:f9:a8:f8:31:
c9:bc:75:05:a5:d4:8b:0f:66:2d:36:93:ad:e1:76:
a8:31:3b:9f:8f:68:4c:6a:96:86:11:35:ab:9d:28:
a3:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:B3:0F:45:D0:4C:26:09:22:0E:8C:BC:07:3C:2B:DC:DA:45:05:F3
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/452C9DFEC27F11EFB0ED3270762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.187.0/24
Signature Algorithm: sha256WithRSAEncryption
68:cb:47:1a:92:33:61:98:00:d3:99:17:3f:24:16:d3:24:a8:
a8:48:7c:88:83:cf:1c:af:5f:40:17:20:05:d5:f3:72:d5:ec:
52:63:e2:9d:d7:0c:a3:1a:eb:1c:fa:0a:f1:05:cf:66:be:95:
74:75:b4:74:a7:97:d1:e7:d7:03:a4:0a:6b:b7:d9:f6:3f:02:
ca:65:f2:95:c1:03:f5:a8:20:e3:2a:57:7b:89:27:0b:32:d9:
45:d1:e2:da:67:7e:1c:4b:f0:ba:eb:39:ff:8b:7a:5f:e5:33:
13:dd:b5:52:32:33:95:6e:24:90:60:74:22:76:3f:34:dc:60:
3a:b8:e2:3b:8b:a2:ab:f6:28:be:95:83:81:40:da:0f:03:3e:
06:05:1f:74:d9:e2:b1:60:cb:f0:54:5e:a4:58:a0:08:ce:4a:
ba:ea:23:6f:d3:f1:d4:27:b4:61:98:a6:d3:76:9e:20:ec:b9:
f6:45:a1:58:12:df:95:e8:ae:ad:be:e8:e0:21:bb:71:0a:fb:
21:0d:b5:b3:7f:d9:1a:4e:9d:36:25:28:70:b5:ad:ab:94:93:
f9:f4:b2:a6:30:ee:dd:af:4c:61:0c:b6:19:67:ee:ef:51:7f:
01:7a:3a:99:91:90:86:bd:5e:dd:1d:7d:e3:3a:a8:5f:65:55:
18:5f:f0:4f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOjTMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI1MDUxNTMxWhcNMjUxMjEwMDUxNTMxWjAYMRYw
FAYDVQQDEw02NzZiOTRmNy1hNzIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1xyHysMAKCpaEuGEvdsdakRjk5m0tZFwl+9bzJUMPweHHUcj/Z+ak8LR
t86KqG/o5uOfjFnXIjQCXN46IeIBVELJPcf+/m9RSW9/OXpm5KGVYvC1PZ46nyVL
yCWwvd9BlQspSXoG5yXz54IMtfxvGwyzWdJmvKgWCpH+upaAUU1/qhytGp+p4nSj
nBbssDuBO53La9Di6yXgCUr/0iNQZ42gOUUtFQ8apWI2F+dk188j7IvvAm8SjARe
VK7z+aS0QTW2agHbs7YKbtr0fk+ibu/QiC7x2LTJ5HTEB/mo+DHJvHUFpdSLD2Yt
NpOt4XaoMTufj2hMapaGETWrnSijAwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDiz
D0XQTCYJIg6MvAc8K9zaRQXzMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80NTJDOURGRUMyN0YxMUVGQjBFRDMyNzA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOO7MA0GCSqGSIb3DQEBCwUA
A4IBAQBoy0cakjNhmADTmRc/JBbTJKioSHyIg88cr19AFyAF1fNy1exSY+Kd1wyj
Gusc+grxBc9mvpV0dbR0p5fR59cDpAprt9n2PwLKZfKVwQP1qCDjKld7iScLMtlF
0eLaZ34cS/C66zn/i3pf5TMT3bVSMjOVbiSQYHQidj803GA6uOI7i6Kr9ii+lYOB
QNoPAz4GBR902eKxYMvwVF6kWKAIzkq66iNv0/HUJ7RhmKbTdp4g7Ln2RaFYEt+V
6K6tvujgIbtxCvshDbWzf9kaTp02JShwta2rlJP59LKmMO7dr0xhDLYZZ+7vUX8B
ejqZkZCGvV7dHX3jOqhfZVUYX/BP
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:00:14 2025 by rpki-client