Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/484325ACCD2011EFBF334974762E951A.roa
File: 484325ACCD2011EFBF334974762E951A.roa (raw, json)
Hash identifier: 2MUEo34WKIHUrl5LIrfS6vPVTizg4yGCjev+PQNwujY=
Subject key identifier: 55:C3:77:6C:46:20:61:28:73:85:A9:40:65:49:32:47:ED:D4:79:51
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FD6D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/484325ACCD2011EFBF334974762E951A.roa
Signing time: Tue 07 Jan 2025 17:53:21 +0000
ROA not before: Tue 07 Jan 2025 17:53:17 +0000
ROA not after: Mon 13 Dec 2027 17:53:17 +0000
asID: 17561
IP address blocks: 156.241.192.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64877 (0xfd6d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 17:53:17 2025 GMT
Not After : Dec 13 17:53:17 2027 GMT
Subject: CN=677d6a11-407e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:72:b8:7b:7e:62:ed:13:3f:72:a2:26:12:1d:
f2:1d:53:08:88:c2:a4:b6:87:20:b6:bd:c2:59:84:
b7:73:89:b1:0a:a1:87:bb:2c:5e:ae:ff:dd:0c:c2:
84:05:71:6f:b9:27:a4:b2:c5:b2:2a:82:f0:62:77:
09:bd:40:c8:c6:83:3f:d3:25:12:fe:ab:a8:72:0b:
18:2e:40:cf:1d:31:fe:3d:5f:4b:ef:22:e6:a5:f1:
33:03:82:08:97:01:45:dd:4c:fd:9e:5a:22:2a:13:
5e:96:a0:73:19:00:29:3d:e3:ec:27:a6:ac:c2:b9:
e0:7a:8d:af:bb:b6:2f:66:d5:29:77:e1:44:f3:31:
1c:84:ba:a9:0f:b6:70:db:53:d6:d6:92:7a:2e:f6:
97:36:c0:df:be:fb:54:78:f7:a3:87:9a:9b:6e:58:
c1:f4:ac:b3:93:fe:52:9a:f4:d0:6d:40:23:fc:e5:
d0:38:d8:df:95:dc:9b:4b:4d:21:f9:48:76:85:2a:
e5:4b:50:f5:29:a6:71:53:7f:9e:53:29:06:83:61:
8c:36:42:96:3d:93:a0:3d:a5:35:52:f5:77:8f:86:
a4:23:e7:34:09:c8:93:72:99:6b:5e:b9:71:73:34:
ed:65:09:7e:96:1b:52:fd:46:74:9c:4d:01:c9:47:
1f:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:C3:77:6C:46:20:61:28:73:85:A9:40:65:49:32:47:ED:D4:79:51
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/484325ACCD2011EFBF334974762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.241.192.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:68:24:91:af:e2:25:a4:df:26:77:8c:b2:e8:01:cb:09:66:
0d:55:ba:06:b2:42:eb:66:7c:ae:e7:26:4f:49:b2:b6:cd:2b:
f3:b3:61:5d:6d:21:9b:84:c8:79:6c:41:d5:fe:bb:31:36:f5:
71:04:17:21:7e:dc:14:ea:9c:54:e1:56:a4:56:9b:a7:41:e6:
8e:99:65:75:d2:5b:9f:a4:87:d5:5f:aa:45:6c:73:89:57:9e:
e9:33:d8:9e:97:98:2d:0e:58:72:6d:a7:a2:62:09:40:4b:0f:
85:57:9b:35:b3:62:db:8c:3f:54:bc:e6:bb:57:62:15:53:59:
73:ed:55:66:b3:cd:ea:d2:5d:46:0f:4e:9a:d0:aa:fe:a2:99:
76:3b:fa:f2:24:04:73:28:79:20:fa:d3:a8:e8:88:23:cf:46:
2b:14:13:a2:58:96:e6:65:b7:03:a8:b8:41:11:bd:7f:1b:f0:
7a:fd:3e:b4:a8:a2:03:ca:17:1c:97:71:f8:4c:ac:2a:3d:63:
16:f2:97:d4:89:70:ff:4f:a4:b0:27:78:11:02:1c:b7:b2:8b:
03:27:de:fa:b3:22:47:10:95:1c:0f:0c:ff:36:bd:d2:6a:28:
af:18:4a:67:75:2e:c4:ac:61:5c:5b:55:70:2f:cf:45:79:48:
ed:ac:c5:12
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP1tMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTc1MzE3WhcNMjcxMjEzMTc1MzE3WjAYMRYw
FAYDVQQDEw02NzdkNmExMS00MDdlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApXK4e35i7RM/cqImEh3yHVMIiMKktocgtr3CWYS3c4mxCqGHuyxerv/d
DMKEBXFvuSekssWyKoLwYncJvUDIxoM/0yUS/quocgsYLkDPHTH+PV9L7yLmpfEz
A4IIlwFF3Uz9nloiKhNelqBzGQApPePsJ6aswrngeo2vu7YvZtUpd+FE8zEchLqp
D7Zw21PW1pJ6LvaXNsDfvvtUePejh5qbbljB9Kyzk/5SmvTQbUAj/OXQONjfldyb
S00h+Uh2hSrlS1D1KaZxU3+eUykGg2GMNkKWPZOgPaU1UvV3j4akI+c0CciTcplr
XrlxczTtZQl+lhtS/UZ0nE0ByUcfCQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFXD
d2xGIGEoc4WpQGVJMkft1HlRMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80ODQzMjVBQ0NEMjAxMUVGQkYzMzQ5NzQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPHAMA0GCSqGSIb3DQEBCwUA
A4IBAQCyaCSRr+IlpN8md4yy6AHLCWYNVboGskLrZnyu5yZPSbK2zSvzs2FdbSGb
hMh5bEHV/rsxNvVxBBchftwU6pxU4VakVpunQeaOmWV10lufpIfVX6pFbHOJV57p
M9iel5gtDlhybaeiYglASw+FV5s1s2LbjD9UvOa7V2IVU1lz7VVms83q0l1GD06a
0Kr+opl2O/ryJARzKHkg+tOo6Igjz0YrFBOiWJbmZbcDqLhBEb1/G/B6/T60qKID
yhccl3H4TKwqPWMW8pfUiXD/T6SwJ3gRAhy3sosDJ976syJHEJUcDwz/Nr3Saiiv
GEpndS7ErGFcW1VwL89FeUjtrMUS
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:59:22 2025 by rpki-client