Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/547AD9E8C28311EF932EE087762E951A.roa
File: 547AD9E8C28311EF932EE087762E951A.roa (raw, json)
Hash identifier: xcVTocOQnRmksOU6c0u29g2JgDXy37Cs3nyOVYg9DVs=
Subject key identifier: 16:BE:BE:7D:23:DE:F5:A1:99:45:46:F9:98:7C:0B:6A:1B:D7:5F:DC
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E905
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/547AD9E8C28311EF932EE087762E951A.roa
Signing time: Wed 25 Dec 2024 05:44:39 +0000
ROA not before: Wed 25 Dec 2024 05:44:35 +0000
ROA not after: Wed 10 Dec 2025 05:44:35 +0000
asID: 984
IP address blocks: 156.228.34.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59653 (0xe905)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 25 05:44:35 2024 GMT
Not After : Dec 10 05:44:35 2025 GMT
Subject: CN=676b9bc6-8151
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:dc:45:07:bc:d6:6b:45:89:1c:0f:4d:97:f9:
7f:c1:89:3d:fc:0c:e3:b5:10:2d:82:f3:e0:18:61:
35:ae:24:53:10:30:e7:24:87:44:2c:15:2b:8f:76:
20:7e:5d:9e:e6:c0:a6:8d:41:48:8e:9e:4b:74:4f:
22:58:33:8c:d7:6a:68:27:57:9c:47:d0:19:97:c9:
29:6f:f6:d6:4e:13:a6:6e:12:59:d1:be:0d:c9:2c:
13:ae:f1:3d:d2:22:74:6a:40:06:2f:a0:8e:e8:a7:
2e:9f:3b:84:92:73:3c:9b:06:79:0f:32:7f:98:0e:
ab:0b:bf:69:fd:8e:a3:97:0f:ee:ce:5c:6f:07:79:
16:dd:15:39:23:44:a5:cb:63:4d:13:46:eb:5b:82:
8e:5b:a0:3a:5f:66:4e:7e:0c:e0:b1:53:83:2e:6a:
30:fe:f7:79:4f:b3:2d:d9:40:47:0b:b9:cf:a1:5c:
42:2c:19:58:dd:07:56:77:58:7f:c8:6f:16:bd:79:
ce:29:55:ff:f2:a9:35:b4:9b:8f:38:48:29:a5:60:
e2:ce:80:ca:44:96:31:84:f7:28:b8:2a:11:b8:38:
67:34:e9:db:8b:64:82:bd:96:ce:39:4a:65:d9:57:
2d:8c:1d:00:b4:88:9a:c1:d9:4a:73:4d:bf:34:3b:
49:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:BE:BE:7D:23:DE:F5:A1:99:45:46:F9:98:7C:0B:6A:1B:D7:5F:DC
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/547AD9E8C28311EF932EE087762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.34.0/24
Signature Algorithm: sha256WithRSAEncryption
28:8c:42:8e:eb:3d:bc:62:d6:2c:a3:8c:b9:21:81:40:ac:75:
5a:0b:63:eb:0a:b2:b8:2f:60:0e:c4:45:12:71:12:95:0b:a7:
8e:18:1a:74:96:5a:a5:2e:c4:8c:d2:de:fd:17:a9:8a:45:a9:
95:2c:ad:75:9e:d1:6b:57:42:42:ff:84:db:77:da:67:44:c5:
30:1e:81:b1:0c:ca:a6:79:5d:be:79:e2:a9:ae:3b:ae:49:f9:
46:e9:ff:93:e2:86:6c:93:59:6c:63:64:1d:df:94:56:95:63:
c6:71:3b:d8:c6:27:01:e3:3b:63:33:4d:67:5c:aa:de:4a:5f:
38:65:65:71:c7:f0:0b:12:ea:0f:a4:c6:5a:9b:11:85:d9:36:
23:92:f6:a3:78:63:c5:f4:a5:0c:73:7e:b4:65:6a:b0:24:d4:
2b:fb:c3:b3:c2:87:3d:66:e5:ec:7c:28:4c:60:05:a4:e2:b5:
79:92:70:f6:65:5b:ef:7c:ed:04:a8:14:6f:30:fa:27:e7:c0:
83:b1:78:24:f2:cf:0d:5e:4d:4a:49:f6:d7:8c:f4:62:a3:58:
85:fa:8f:e0:14:59:22:0e:1d:eb:95:82:34:4b:fe:a5:bf:3f:
a5:93:7c:cd:43:8e:c4:b8:fc:77:13:87:2d:e0:94:1d:88:24:
ee:5b:a2:10
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOkFMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI1MDU0NDM1WhcNMjUxMjEwMDU0NDM1WjAYMRYw
FAYDVQQDEw02NzZiOWJjNi04MTUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApNxFB7zWa0WJHA9Nl/l/wYk9/AzjtRAtgvPgGGE1riRTEDDnJIdELBUr
j3Ygfl2e5sCmjUFIjp5LdE8iWDOM12poJ1ecR9AZl8kpb/bWThOmbhJZ0b4NySwT
rvE90iJ0akAGL6CO6KcunzuEknM8mwZ5DzJ/mA6rC79p/Y6jlw/uzlxvB3kW3RU5
I0Sly2NNE0brW4KOW6A6X2ZOfgzgsVODLmow/vd5T7Mt2UBHC7nPoVxCLBlY3QdW
d1h/yG8WvXnOKVX/8qk1tJuPOEgppWDizoDKRJYxhPcouCoRuDhnNOnbi2SCvZbO
OUpl2VctjB0AtIiawdlKc02/NDtJ7QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBa+
vn0j3vWhmUVG+Zh8C2ob11/cMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81NDdBRDlFOEMyODMxMUVGOTMyRUUwODc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOQiMA0GCSqGSIb3DQEBCwUA
A4IBAQAojEKO6z28YtYso4y5IYFArHVaC2PrCrK4L2AOxEUScRKVC6eOGBp0llql
LsSM0t79F6mKRamVLK11ntFrV0JC/4Tbd9pnRMUwHoGxDMqmeV2+eeKprjuuSflG
6f+T4oZsk1lsY2Qd35RWlWPGcTvYxicB4ztjM01nXKreSl84ZWVxx/ALEuoPpMZa
mxGF2TYjkvajeGPF9KUMc360ZWqwJNQr+8Ozwoc9ZuXsfChMYAWk4rV5knD2ZVvv
fO0EqBRvMPon58CDsXgk8s8NXk1KSfbXjPRio1iF+o/gFFkiDh3rlYI0S/6lvz+l
k3zNQ47EuPx3E4ct4JQdiCTuW6IQ
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:48:59 2025 by rpki-client