Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/474FD048C35A11EFBEF0865B762E951A.roa
File: 474FD048C35A11EFBEF0865B762E951A.roa (raw, json)
Hash identifier: DqxvdrnCDBfuE+H7lqRB1zkZbpM1IwhYGrigrFK5xwc=
Subject key identifier: 0F:5E:6C:EA:78:DA:02:36:19:65:1E:38:07:86:9C:1F:83:F8:48:2C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EC59
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/474FD048C35A11EFBEF0865B762E951A.roa
Signing time: Thu 26 Dec 2024 07:23:18 +0000
ROA not before: Thu 26 Dec 2024 07:23:15 +0000
ROA not after: Sun 23 Feb 2025 07:23:15 +0000
asID: 63139
IP address blocks: 156.227.224.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60505 (0xec59)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 07:23:15 2024 GMT
Not After : Feb 23 07:23:15 2025 GMT
Subject: CN=676d0466-4172
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:61:f4:52:e5:bc:bc:ed:cd:fc:1d:de:d0:06:
c4:b3:fb:a0:54:a2:39:04:6b:c7:06:cc:12:92:76:
73:72:cc:fe:3f:3f:17:6e:05:99:9b:af:9a:df:59:
e7:b7:71:8a:95:63:e4:f8:53:dd:bf:72:05:a0:ae:
e3:06:8b:ca:35:ee:2a:07:01:a0:4d:62:4e:a4:6f:
ee:45:76:ce:5c:d0:d4:8d:4c:cd:cf:da:48:c6:c8:
d0:73:13:37:3c:49:d0:76:d7:e7:42:40:26:53:bb:
cf:ba:51:87:68:c0:09:9d:0a:fd:c4:62:c9:5f:6f:
87:f0:aa:56:3f:df:b0:b4:02:03:35:e5:4f:85:c4:
a5:6e:41:d0:6d:98:e3:7d:75:18:f0:e3:11:a5:e4:
55:78:83:35:54:4e:79:96:a7:dc:ba:da:d6:6c:81:
fd:6d:37:13:4c:d3:df:10:af:a0:5a:dc:15:42:16:
9a:f6:4d:61:a3:38:dd:b6:18:f4:ed:3e:01:1f:66:
ae:2b:61:c3:55:91:f7:f5:b8:da:d6:aa:5d:1e:9f:
c8:8e:d9:87:09:7a:51:03:60:1e:a0:6f:c3:5e:40:
b9:df:55:91:72:ca:87:fb:96:f8:19:86:4b:53:ef:
86:d5:97:1e:7b:93:aa:ec:6e:9f:1f:f6:70:72:af:
b2:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:5E:6C:EA:78:DA:02:36:19:65:1E:38:07:86:9C:1F:83:F8:48:2C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/474FD048C35A11EFBEF0865B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.224.0/21
Signature Algorithm: sha256WithRSAEncryption
15:a4:89:2b:2a:34:e4:a6:57:95:90:0c:fe:73:2f:86:d4:93:
70:fa:99:9b:25:18:31:3f:39:dd:c9:48:6c:79:b9:61:c4:b6:
61:0a:01:5e:16:73:c7:4a:56:5b:28:42:ba:50:20:cc:fe:38:
d6:2b:a0:14:45:ea:d0:78:59:af:74:0c:31:4e:06:e0:42:d5:
c5:ad:d9:9b:13:c4:91:a5:65:12:46:33:d0:bd:1b:a7:d6:0e:
78:20:ee:42:f0:28:a2:dc:ed:04:f4:4c:b2:dd:2e:0c:61:be:
2d:7d:5d:bb:60:11:b9:a4:66:9b:72:ab:7e:de:da:84:b0:aa:
ef:e2:a0:63:b4:3e:ee:cf:14:03:ce:b8:e6:49:b4:a8:ba:13:
8f:19:68:28:2f:1e:44:05:4d:54:ce:61:91:97:a0:67:fb:1d:
f8:e7:35:33:73:83:2e:f4:19:8c:5b:b5:17:ac:5b:c2:50:56:
1a:90:28:45:54:05:17:b9:05:1f:cd:e3:49:1d:1d:48:49:d0:
fe:67:4a:5d:d6:bf:95:a3:73:62:ec:4d:15:b1:0a:9b:9c:ea:
8c:e1:12:2f:66:27:da:c2:1a:a0:59:29:3f:e7:a4:68:14:b5:
41:93:05:e4:48:27:14:7f:fc:c4:e6:c9:bd:53:c8:d0:ae:11:
46:6c:91:ea
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOxZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDcyMzE1WhcNMjUwMjIzMDcyMzE1WjAYMRYw
FAYDVQQDEw02NzZkMDQ2Ni00MTcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAlGH0UuW8vO3N/B3e0AbEs/ugVKI5BGvHBswSknZzcsz+Pz8XbgWZm6+a
31nnt3GKlWPk+FPdv3IFoK7jBovKNe4qBwGgTWJOpG/uRXbOXNDUjUzNz9pIxsjQ
cxM3PEnQdtfnQkAmU7vPulGHaMAJnQr9xGLJX2+H8KpWP9+wtAIDNeVPhcSlbkHQ
bZjjfXUY8OMRpeRVeIM1VE55lqfcutrWbIH9bTcTTNPfEK+gWtwVQhaa9k1hozjd
thj07T4BH2auK2HDVZH39bja1qpdHp/IjtmHCXpRA2AeoG/DXkC531WRcsqH+5b4
GYZLU++G1Zcee5Oq7G6fH/Zwcq+yKQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFA9e
bOp42gI2GWUeOAeGnB+D+EgsMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80NzRGRDA0OEMzNUExMUVGQkVGMDg2NUI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnOPgMA0GCSqGSIb3DQEBCwUA
A4IBAQAVpIkrKjTkpleVkAz+cy+G1JNw+pmbJRgxPzndyUhseblhxLZhCgFeFnPH
SlZbKEK6UCDM/jjWK6AURerQeFmvdAwxTgbgQtXFrdmbE8SRpWUSRjPQvRun1g54
IO5C8Cii3O0E9Eyy3S4MYb4tfV27YBG5pGabcqt+3tqEsKrv4qBjtD7uzxQDzrjm
SbSouhOPGWgoLx5EBU1UzmGRl6Bn+x345zUzc4Mu9BmMW7UXrFvCUFYakChFVAUX
uQUfzeNJHR1ISdD+Z0pd1r+Vo3Ni7E0VsQqbnOqM4RIvZifawhqgWSk/56RoFLVB
kwXkSCcUf/zE5sm9U8jQrhFGbJHq
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:55:33 2025 by rpki-client