Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5483ABE0D24111EF9F75A589762E951A.roa
File: 5483ABE0D24111EF9F75A589762E951A.roa (raw, json)
Hash identifier: xkVERd2/dPOquIP6gJVh1CrqVgjpQ+2SPRQBThASeXs=
Subject key identifier: A3:C8:29:F7:4E:AF:B4:F6:7B:A4:97:A7:73:87:EC:70:F2:F0:0B:02
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0106AE
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5483ABE0D24111EF9F75A589762E951A.roa
Signing time: Tue 14 Jan 2025 06:32:30 +0000
ROA not before: Tue 14 Jan 2025 06:32:27 +0000
ROA not after: Thu 15 May 2025 06:32:27 +0000
asID: 152705
IP address blocks: 156.224.28.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67246 (0x106ae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 14 06:32:27 2025 GMT
Not After : May 15 06:32:27 2025 GMT
Subject: CN=678604fe-b836
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:61:04:7b:94:07:96:d0:1b:ac:86:8e:af:7b:
5e:86:d7:32:00:cc:13:b2:b3:4b:63:45:dc:d9:e5:
39:b5:8e:f6:d8:18:24:f6:8e:92:03:83:67:cd:9c:
ac:b3:a6:51:f6:f5:45:19:3e:d3:14:32:2b:2d:fc:
7b:8b:b4:87:e1:88:94:25:3a:f6:3f:2d:9e:6f:ab:
a5:df:50:b8:a6:c1:2a:a1:0a:7f:a7:cf:54:1b:03:
ce:e0:56:11:fc:0b:9e:16:91:c3:21:a6:bf:41:00:
0e:d2:81:b9:ca:d9:08:8a:38:4b:38:79:e4:2c:22:
b2:cd:37:b9:d0:e7:d7:95:f5:7b:38:79:9f:c9:a5:
36:08:b5:2a:eb:c7:60:76:da:40:6b:51:f6:c1:8a:
90:20:b7:6b:8c:79:e7:f4:de:ad:23:a4:b3:fe:c5:
05:94:72:d8:9d:57:31:fd:47:22:96:14:e6:2c:2d:
d4:d2:e2:13:d7:04:68:c2:94:26:7a:ba:45:27:cc:
a8:79:d6:af:26:46:3b:fd:8f:c7:ff:d8:8a:12:05:
80:5c:4e:50:1e:f7:af:f1:1f:3e:dd:4c:09:93:29:
69:a8:1b:96:7a:14:ab:11:67:5f:4e:01:d4:dd:43:
9e:0f:ca:a6:d5:52:d7:c9:22:cc:b9:2a:b6:32:9c:
97:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:C8:29:F7:4E:AF:B4:F6:7B:A4:97:A7:73:87:EC:70:F2:F0:0B:02
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5483ABE0D24111EF9F75A589762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.224.28.0/23
Signature Algorithm: sha256WithRSAEncryption
02:18:49:4a:00:01:46:a8:01:3e:0d:db:60:83:39:57:44:bc:
44:be:ff:d7:21:c6:cc:92:62:e1:84:0a:e3:ff:88:7b:d1:4b:
45:21:91:c0:f9:b9:f1:9b:02:25:f5:88:d4:94:9f:e5:a5:df:
6e:02:d0:50:56:9d:d2:76:58:3f:57:12:dd:d6:3f:95:49:df:
c1:99:c0:68:95:4e:4c:54:3a:84:e4:e8:7d:66:38:95:1b:92:
59:88:27:5b:7d:84:9c:12:d8:af:78:f1:91:85:7c:8b:59:9f:
d3:be:f4:39:1b:da:62:c1:c4:63:f7:4b:92:99:19:24:5f:38:
88:77:cf:84:bc:91:aa:5d:11:3d:26:b7:45:e9:77:38:ee:34:
3e:42:bb:a2:8f:9d:4c:6b:d0:5f:a2:c7:0e:a3:ab:01:36:9c:
c2:18:4a:03:f8:ac:88:c3:fb:e5:39:cb:74:18:1d:cb:54:b0:
af:b7:4b:2d:35:78:20:ea:81:ec:0b:60:78:a9:73:61:a2:ce:
0e:c2:ff:bb:55:81:39:13:4e:b3:a2:59:ab:a5:86:8a:e0:14:
d1:95:94:a4:99:57:b6:6e:f9:8a:c0:95:20:e8:29:cc:69:62:
68:5c:43:96:f1:03:ce:09:94:32:d4:53:8e:18:0b:51:a4:a3:
31:51:52:df
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQauMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE0MDYzMjI3WhcNMjUwNTE1MDYzMjI3WjAYMRYw
FAYDVQQDEw02Nzg2MDRmZS1iODM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3mEEe5QHltAbrIaOr3tehtcyAMwTsrNLY0Xc2eU5tY722Bgk9o6SA4Nn
zZyss6ZR9vVFGT7TFDIrLfx7i7SH4YiUJTr2Py2eb6ul31C4psEqoQp/p89UGwPO
4FYR/AueFpHDIaa/QQAO0oG5ytkIijhLOHnkLCKyzTe50OfXlfV7OHmfyaU2CLUq
68dgdtpAa1H2wYqQILdrjHnn9N6tI6Sz/sUFlHLYnVcx/UcilhTmLC3U0uIT1wRo
wpQmerpFJ8yoedavJkY7/Y/H/9iKEgWAXE5QHvev8R8+3UwJkylpqBuWehSrEWdf
TgHU3UOeD8qm1VLXySLMuSq2MpyXgQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKPI
KfdOr7T2e6SXp3OH7HDy8AsCMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81NDgzQUJFMEQyNDExMUVGOUY3NUE1ODk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnOAcMA0GCSqGSIb3DQEBCwUA
A4IBAQACGElKAAFGqAE+DdtggzlXRLxEvv/XIcbMkmLhhArj/4h70UtFIZHA+bnx
mwIl9YjUlJ/lpd9uAtBQVp3Sdlg/VxLd1j+VSd/BmcBolU5MVDqE5Oh9ZjiVG5JZ
iCdbfYScEtivePGRhXyLWZ/TvvQ5G9piwcRj90uSmRkkXziId8+EvJGqXRE9JrdF
6Xc47jQ+Qruij51Ma9BfoscOo6sBNpzCGEoD+KyIw/vlOct0GB3LVLCvt0stNXgg
6oHsC2B4qXNhos4Owv+7VYE5E06zolmrpYaK4BTRlZSkmVe2bvmKwJUg6CnMaWJo
XEOW8QPOCZQy1FOOGAtRpKMxUVLf
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:44:16 2025 by rpki-client