Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/555D006CC28C11EFA4AD1242762E951A.roa
File: 555D006CC28C11EFA4AD1242762E951A.roa (raw, json)
Hash identifier: yJunnKmiPsRm/g+gs9tyeJFdeGWPgaHFEbqzemCRZjc=
Subject key identifier: CA:02:AB:F6:76:B9:AB:AA:7E:2D:A1:54:3D:2F:61:2D:97:5E:F3:66
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E973
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/555D006CC28C11EFA4AD1242762E951A.roa
Signing time: Wed 25 Dec 2024 06:49:06 +0000
ROA not before: Wed 25 Dec 2024 06:49:02 +0000
ROA not after: Wed 10 Dec 2025 06:49:02 +0000
asID: 984
IP address blocks: 156.228.213.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59763 (0xe973)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 25 06:49:02 2024 GMT
Not After : Dec 10 06:49:02 2025 GMT
Subject: CN=676baae1-7c6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:1b:08:41:d1:b5:cf:4e:5e:91:26:96:d0:a3:
72:ee:bb:b6:98:29:ac:83:f8:55:25:09:b4:79:b5:
ce:55:0a:05:f8:06:28:e9:90:35:4f:9f:de:6e:a2:
c9:fe:cb:8e:2b:08:f4:39:58:14:7e:f3:d3:44:10:
12:1a:59:79:97:75:bb:5e:95:87:c4:cb:4c:6e:2d:
3f:db:6d:72:78:e1:31:20:1f:d2:6e:7b:86:fb:a2:
dd:01:58:ad:0a:64:95:00:f0:44:d3:63:ec:ea:e9:
90:9f:d0:a1:cb:52:0b:2b:5d:a4:77:f9:bb:1b:15:
d8:6e:9b:12:be:66:ac:9b:b9:2a:98:70:d8:84:a3:
58:ea:b6:c4:3e:78:70:5e:be:ef:09:c5:cd:0d:4e:
43:aa:32:f0:78:09:ff:b3:84:ad:79:09:e0:75:f2:
9a:a3:18:02:67:02:10:a0:00:9d:8d:52:cf:7c:00:
56:4b:db:bd:00:62:b9:39:cc:f6:8b:6c:33:47:e1:
78:cb:7d:e0:3f:a2:7f:c8:25:fe:bb:4f:f7:aa:eb:
f6:1e:23:25:5f:8e:e6:c6:1a:50:d2:88:d3:f5:7f:
f4:70:cb:47:c1:38:a6:95:ab:bb:93:eb:c2:6c:22:
ff:6b:5d:d7:d2:5f:6a:76:d2:ff:93:70:f8:72:c9:
f3:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:02:AB:F6:76:B9:AB:AA:7E:2D:A1:54:3D:2F:61:2D:97:5E:F3:66
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/555D006CC28C11EFA4AD1242762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.213.0/24
Signature Algorithm: sha256WithRSAEncryption
21:4c:38:e5:58:ef:3f:00:0d:90:3a:36:e4:5a:f8:96:02:38:
07:a8:f0:1e:63:dc:a6:ca:7d:70:5a:14:f4:97:2d:01:18:80:
1b:af:97:ce:09:b9:23:ba:85:3c:99:82:1e:40:ab:70:d8:e8:
10:39:90:00:ae:8f:aa:b5:5b:10:22:31:a1:85:35:10:20:ed:
cd:34:d0:80:66:d9:8a:13:92:12:3c:6a:17:5b:78:a7:a6:ec:
98:8c:15:e6:1f:ca:b3:1d:0e:b8:8a:39:59:0e:fc:a3:71:fa:
64:3b:17:0f:e6:19:10:6a:91:88:b2:10:33:d3:b0:a1:c2:b3:
b9:ed:87:9a:38:21:3b:fd:14:2d:74:be:41:bb:e7:ee:db:d7:
57:c6:b9:85:de:06:36:d7:92:68:b1:a9:41:be:6d:c0:e6:35:
0c:1e:42:14:c5:28:53:28:c7:df:4b:c2:4f:f6:00:70:b4:7a:
97:20:d8:6d:e9:1c:38:3a:f3:fd:b1:ce:34:d8:6c:57:3f:65:
8a:43:81:86:b5:db:14:87:f5:63:ce:8f:64:ea:5d:84:8a:11:
89:ef:7c:50:19:f6:29:a9:18:89:bd:b1:9d:dc:4d:96:98:be:
8a:c1:4f:2f:65:ab:18:4a:46:d6:8b:b4:d8:8c:af:6c:22:2a:
22:55:8f:50
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOlzMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI1MDY0OTAyWhcNMjUxMjEwMDY0OTAyWjAYMRYw
FAYDVQQDEw02NzZiYWFlMS03YzZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmhsIQdG1z05ekSaW0KNy7ru2mCmsg/hVJQm0ebXOVQoF+AYo6ZA1T5/e
bqLJ/suOKwj0OVgUfvPTRBASGll5l3W7XpWHxMtMbi0/221yeOExIB/SbnuG+6Ld
AVitCmSVAPBE02Ps6umQn9Chy1ILK12kd/m7GxXYbpsSvmasm7kqmHDYhKNY6rbE
PnhwXr7vCcXNDU5DqjLweAn/s4SteQngdfKaoxgCZwIQoACdjVLPfABWS9u9AGK5
Ocz2i2wzR+F4y33gP6J/yCX+u0/3quv2HiMlX47mxhpQ0ojT9X/0cMtHwTimlau7
k+vCbCL/a13X0l9qdtL/k3D4csnzQQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMoC
q/Z2uauqfi2hVD0vYS2XXvNmMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81NTVEMDA2Q0MyOEMxMUVGQTRBRDEyNDI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOTVMA0GCSqGSIb3DQEBCwUA
A4IBAQAhTDjlWO8/AA2QOjbkWviWAjgHqPAeY9ymyn1wWhT0ly0BGIAbr5fOCbkj
uoU8mYIeQKtw2OgQOZAAro+qtVsQIjGhhTUQIO3NNNCAZtmKE5ISPGoXW3inpuyY
jBXmH8qzHQ64ijlZDvyjcfpkOxcP5hkQapGIshAz07ChwrO57YeaOCE7/RQtdL5B
u+fu29dXxrmF3gY215JosalBvm3A5jUMHkIUxShTKMffS8JP9gBwtHqXINht6Rw4
OvP9sc402GxXP2WKQ4GGtdsUh/Vjzo9k6l2EihGJ73xQGfYpqRiJvbGd3E2WmL6K
wU8vZasYSkbWi7TYjK9sIioiVY9Q
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:39:12 2025 by rpki-client