Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/56D8C242C98911EF8521F4B5762E951A.roa
File: 56D8C242C98911EF8521F4B5762E951A.roa (raw, json)
Hash identifier: df0K6mKAnhC8/wQHRZZaV1Xz9v8Egsi5z6L1blkfBUk=
Subject key identifier: 63:D8:B2:02:00:86:66:70:90:82:F6:F6:D7:4E:55:8A:5D:B7:BA:CA
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F59D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/56D8C242C98911EF8521F4B5762E951A.roa
Signing time: Fri 03 Jan 2025 04:15:18 +0000
ROA not before: Fri 03 Jan 2025 04:15:14 +0000
ROA not after: Sat 13 Dec 2025 04:15:14 +0000
asID: 984
IP address blocks: 156.233.32.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62877 (0xf59d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 04:15:14 2025 GMT
Not After : Dec 13 04:15:14 2025 GMT
Subject: CN=67776456-bab0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:29:2f:ae:b2:9e:ee:bd:12:7c:3f:fb:94:7d:
d0:0b:23:3b:b8:5d:bd:3c:a0:c4:41:ec:35:73:47:
19:be:88:91:2b:60:ef:3a:c2:73:21:ad:5d:bc:87:
fe:4b:88:fa:bc:23:a5:21:b2:90:6b:df:3b:62:88:
22:e9:81:16:3a:17:39:38:57:6f:b1:fd:89:9b:8d:
b2:8d:b2:90:ab:5f:e0:f5:66:9b:00:e5:d0:6c:06:
79:6a:72:94:56:aa:2d:93:bf:03:2b:e6:91:27:8b:
b4:9a:87:6d:3e:67:57:47:7e:b4:69:03:3b:77:25:
ad:3f:c8:13:87:0a:b9:9d:24:a4:10:81:06:7c:88:
56:d2:04:7e:69:50:7a:e3:87:2d:aa:c5:bd:b1:90:
25:8b:c4:dd:62:c8:8e:e1:bc:78:3e:51:42:8f:d9:
58:03:c7:fd:6b:c2:f6:83:7e:1d:4a:4c:f6:94:b4:
f7:50:4e:04:4e:0c:3a:0d:e0:49:8d:0c:79:00:f1:
92:04:9c:2c:d7:d9:38:4e:1e:60:bb:77:b9:2d:7c:
b3:69:a5:65:2c:32:a0:70:e4:b4:76:55:3a:52:73:
90:1f:8b:f6:4e:51:0d:d7:65:06:75:74:72:27:85:
eb:69:04:c2:83:69:4a:60:ec:a8:29:72:c0:5d:b3:
32:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:D8:B2:02:00:86:66:70:90:82:F6:F6:D7:4E:55:8A:5D:B7:BA:CA
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/56D8C242C98911EF8521F4B5762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.32.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:db:b6:27:28:d5:ef:99:41:50:60:8e:04:de:56:44:13:c4:
47:c4:e2:a8:4c:fd:12:af:fe:ed:2b:a7:a2:02:8b:96:43:17:
2f:8f:82:a4:63:a9:67:66:6c:97:4f:da:1a:72:2a:53:f4:22:
45:57:b9:f3:e3:b5:0b:ed:d7:b5:ad:4d:47:b1:14:68:cb:db:
e2:e1:20:fe:b1:cc:a7:ea:96:41:84:b8:cb:f9:0d:c3:93:e5:
19:10:53:b8:2b:14:67:a2:c8:bc:57:aa:f3:c4:a6:c3:31:3f:
b2:4b:ae:bc:e3:89:1f:8e:3f:d2:0f:68:c2:96:ed:e3:f5:ee:
d3:d6:c6:be:ef:fa:ee:32:ca:83:85:5c:87:f0:1c:86:47:a1:
b6:24:6d:f4:e5:45:89:51:ef:0d:6c:83:17:6e:0d:d2:ae:0f:
1c:d2:23:71:e5:8e:73:30:73:cb:e5:c9:c0:33:02:59:5d:73:
b2:17:d5:c0:87:60:ba:a5:09:99:b9:2e:e3:da:9f:92:b6:91:
2a:69:33:b9:06:7f:6b:70:d0:88:02:cb:fe:74:19:3c:ab:5e:
02:7f:85:ab:63:ae:2d:2a:31:3d:86:26:b3:40:f5:8c:8d:41:
5d:6d:7c:51:4b:67:2d:4b:7c:db:38:c0:5a:e6:57:5d:c6:e2:
80:65:ff:eb
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPWdMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDQxNTE0WhcNMjUxMjEzMDQxNTE0WjAYMRYw
FAYDVQQDEw02Nzc3NjQ1Ni1iYWIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtykvrrKe7r0SfD/7lH3QCyM7uF29PKDEQew1c0cZvoiRK2DvOsJzIa1d
vIf+S4j6vCOlIbKQa987Yogi6YEWOhc5OFdvsf2Jm42yjbKQq1/g9WabAOXQbAZ5
anKUVqotk78DK+aRJ4u0modtPmdXR360aQM7dyWtP8gThwq5nSSkEIEGfIhW0gR+
aVB644ctqsW9sZAli8TdYsiO4bx4PlFCj9lYA8f9a8L2g34dSkz2lLT3UE4ETgw6
DeBJjQx5APGSBJws19k4Th5gu3e5LXyzaaVlLDKgcOS0dlU6UnOQH4v2TlEN12UG
dXRyJ4XraQTCg2lKYOyoKXLAXbMyXQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGPY
sgIAhmZwkIL29tdOVYpdt7rKMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81NkQ4QzI0MkM5ODkxMUVGODUyMUY0QjU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOkgMA0GCSqGSIb3DQEBCwUA
A4IBAQBc27YnKNXvmUFQYI4E3lZEE8RHxOKoTP0Sr/7tK6eiAouWQxcvj4KkY6ln
ZmyXT9oacipT9CJFV7nz47UL7de1rU1HsRRoy9vi4SD+scyn6pZBhLjL+Q3Dk+UZ
EFO4KxRnosi8V6rzxKbDMT+yS66844kfjj/SD2jClu3j9e7T1sa+7/ruMsqDhVyH
8ByGR6G2JG305UWJUe8NbIMXbg3Srg8c0iNx5Y5zMHPL5cnAMwJZXXOyF9XAh2C6
pQmZuS7j2p+StpEqaTO5Bn9rcNCIAsv+dBk8q14Cf4WrY64tKjE9hiazQPWMjUFd
bXxRS2ctS3zbOMBa5lddxuKAZf/r
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:59:22 2025 by rpki-client