Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4A8EA1A2C97311EFBA0FFD96762E951A.roa
File: 4A8EA1A2C97311EFBA0FFD96762E951A.roa (raw, json)
Hash identifier: bexl5OXb1Fno51UxP1T8jfEPDsidrrbjeuCkGdhC1Vg=
Subject key identifier: E7:EF:49:44:76:FD:84:54:3A:DC:DD:4C:D5:1B:01:FD:06:2D:3B:2A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F4CB
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4A8EA1A2C97311EFBA0FFD96762E951A.roa
Signing time: Fri 03 Jan 2025 01:37:28 +0000
ROA not before: Fri 03 Jan 2025 01:37:24 +0000
ROA not after: Mon 13 Dec 2027 01:37:24 +0000
asID: 17561
IP address blocks: 156.227.87.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62667 (0xf4cb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 01:37:24 2025 GMT
Not After : Dec 13 01:37:24 2027 GMT
Subject: CN=67773f58-3d76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:38:79:10:ef:a5:61:6f:73:2f:27:c2:5e:aa:
b4:f7:93:29:06:a1:6b:2a:6d:c9:06:32:df:89:ad:
1d:89:60:1d:e4:9b:03:de:63:e8:fd:6f:15:b3:89:
f5:35:f5:4e:63:29:68:87:27:b9:9f:a2:78:07:72:
c4:b7:eb:b0:42:d6:18:f5:27:6a:fc:aa:f0:57:45:
cb:45:39:9c:08:be:e1:24:d4:11:05:54:d7:41:a5:
a9:58:eb:fd:4e:e4:ad:2c:5b:d0:92:3f:37:31:4b:
a7:15:d1:5e:8e:e4:4e:19:de:ec:34:82:ff:b4:ae:
61:47:f8:8c:cc:82:65:a8:81:c9:f0:b1:8f:af:29:
d1:e3:d9:40:d8:ca:5a:8f:90:18:27:fa:0a:33:7a:
0b:68:12:73:d1:c0:2c:95:9e:cf:64:8b:c9:ca:e3:
a7:74:50:41:60:0e:4f:54:57:17:7d:49:bc:14:75:
5f:55:8b:d8:e1:c6:13:2b:1e:84:c4:47:7d:d6:82:
a2:0a:c1:e2:1a:fc:ed:ed:af:1b:74:9a:9d:81:89:
c4:10:c9:2e:92:4d:83:cd:22:79:b6:1d:ec:25:75:
7e:78:53:22:0a:cb:de:c2:61:4f:b2:24:ab:c1:87:
1b:4a:85:11:5d:e0:d4:f5:ed:2e:53:b0:cd:50:b9:
54:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:EF:49:44:76:FD:84:54:3A:DC:DD:4C:D5:1B:01:FD:06:2D:3B:2A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4A8EA1A2C97311EFBA0FFD96762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.87.0/24
Signature Algorithm: sha256WithRSAEncryption
39:76:0b:41:94:3c:55:0e:a6:86:75:7b:aa:ee:37:44:53:ea:
01:74:e3:40:9f:db:f4:d4:a4:69:6f:5f:6c:62:e0:ba:88:f4:
67:b5:91:30:7f:c4:a3:b0:16:bd:0a:e6:b3:ef:95:e2:d0:9d:
9f:20:21:3b:94:79:e4:45:da:e1:c6:44:3c:76:c2:0c:68:b5:
64:95:8a:1d:ce:93:dc:85:00:60:5f:77:05:d9:36:30:45:76:
88:10:5e:a5:07:03:db:08:43:e9:e5:bc:84:7e:27:1a:ce:51:
7c:09:38:98:78:99:c6:f4:1c:9d:31:41:f8:f9:10:b8:61:03:
7e:5f:80:a6:96:02:e7:04:73:c1:7e:05:24:4e:11:e1:52:38:
fb:80:fb:e8:2f:ef:3c:66:6e:31:cd:1a:7d:fb:21:79:28:c1:
94:63:41:56:b1:cc:ba:17:5f:46:ae:ad:59:3d:11:48:17:15:
04:25:63:51:85:23:7c:84:29:c1:c7:df:27:76:fa:4a:d7:83:
ef:86:30:a2:73:68:bf:a8:f2:18:eb:5b:c1:e3:37:c3:dc:81:
9d:18:ca:1f:c4:68:94:d3:c9:e0:a9:6d:99:69:c9:65:e5:ed:
e4:4d:e0:34:15:e1:57:b8:57:85:66:32:e3:8d:5b:aa:10:eb:
89:9e:19:75
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPTLMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDEzNzI0WhcNMjcxMjEzMDEzNzI0WjAYMRYw
FAYDVQQDEw02Nzc3M2Y1OC0zZDc2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxjh5EO+lYW9zLyfCXqq095MpBqFrKm3JBjLfia0diWAd5JsD3mPo/W8V
s4n1NfVOYylohye5n6J4B3LEt+uwQtYY9Sdq/KrwV0XLRTmcCL7hJNQRBVTXQaWp
WOv9TuStLFvQkj83MUunFdFejuROGd7sNIL/tK5hR/iMzIJlqIHJ8LGPrynR49lA
2Mpaj5AYJ/oKM3oLaBJz0cAslZ7PZIvJyuOndFBBYA5PVFcXfUm8FHVfVYvY4cYT
Kx6ExEd91oKiCsHiGvzt7a8bdJqdgYnEEMkukk2DzSJ5th3sJXV+eFMiCsvewmFP
siSrwYcbSoURXeDU9e0uU7DNULlU7QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOfv
SUR2/YRUOtzdTNUbAf0GLTsqMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80QThFQTFBMkM5NzMxMUVGQkEwRkZEOTY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnONXMA0GCSqGSIb3DQEBCwUA
A4IBAQA5dgtBlDxVDqaGdXuq7jdEU+oBdONAn9v01KRpb19sYuC6iPRntZEwf8Sj
sBa9Cuaz75Xi0J2fICE7lHnkRdrhxkQ8dsIMaLVklYodzpPchQBgX3cF2TYwRXaI
EF6lBwPbCEPp5byEficazlF8CTiYeJnG9BydMUH4+RC4YQN+X4CmlgLnBHPBfgUk
ThHhUjj7gPvoL+88Zm4xzRp9+yF5KMGUY0FWscy6F19Grq1ZPRFIFxUEJWNRhSN8
hCnBx98ndvpK14PvhjCic2i/qPIY61vB4zfD3IGdGMofxGiU08ngqW2Zacll5e3k
TeA0FeFXuFeFZjLjjVuqEOuJnhl1
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:52:54 2025 by rpki-client