Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5DB1C804C28911EF9AA5A2AD762E951A.roa
File: 5DB1C804C28911EF9AA5A2AD762E951A.roa (raw, json)
Hash identifier: c6DACA5tUf/RR6pvXvsLMT3CX3KYuFE9+KKhADR2RnE=
Subject key identifier: 66:4C:CB:1E:32:BE:08:E9:2B:12:CF:5A:07:EB:01:50:BF:79:F6:BE
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E94F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5DB1C804C28911EF9AA5A2AD762E951A.roa
Signing time: Wed 25 Dec 2024 06:27:51 +0000
ROA not before: Wed 25 Dec 2024 06:27:47 +0000
ROA not after: Wed 10 Dec 2025 06:27:47 +0000
asID: 984
IP address blocks: 156.228.72.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59727 (0xe94f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 25 06:27:47 2024 GMT
Not After : Dec 10 06:27:47 2025 GMT
Subject: CN=676ba5e7-7e08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:aa:c0:85:a7:d9:c9:4a:ee:52:b3:93:15:03:
e5:8f:6b:78:64:9d:ed:23:f1:05:77:4a:e6:9d:e7:
ca:e8:b9:96:da:7c:fe:39:45:78:3e:00:3d:87:30:
55:11:10:47:09:27:ec:70:99:69:78:fa:3a:d3:8f:
0c:dc:b9:31:14:48:45:b2:94:bb:ac:e1:81:67:cb:
c1:b0:b1:bc:d3:b7:fc:87:d0:d2:4b:f4:fe:80:01:
2f:2d:76:c7:fd:7f:ba:11:19:40:c5:af:1b:f1:ff:
c3:e1:06:d3:09:14:62:53:d3:7f:f9:bd:f7:47:f6:
b5:7d:12:83:1a:7c:42:67:81:68:e4:3a:a0:10:ad:
1f:ec:92:26:d3:c5:05:92:ec:7b:26:67:bd:5c:b4:
5d:6e:3d:ef:05:c9:20:9c:1d:65:08:10:6a:bc:17:
f2:52:3c:aa:2b:55:d4:04:f3:f0:f3:24:16:96:b1:
80:98:3d:9e:9b:d9:9d:bb:7a:27:05:70:83:18:0c:
5b:82:bf:b2:bc:96:fe:6e:6f:20:b9:0c:02:a8:75:
b3:65:b6:69:60:8c:07:91:1f:82:ad:05:d2:fd:a3:
c3:0d:d6:59:47:52:44:89:e8:c1:fc:b6:91:2f:24:
ce:9d:e9:7d:c0:40:e0:8a:09:16:5d:9c:f4:dd:55:
45:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:4C:CB:1E:32:BE:08:E9:2B:12:CF:5A:07:EB:01:50:BF:79:F6:BE
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5DB1C804C28911EF9AA5A2AD762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.72.0/24
Signature Algorithm: sha256WithRSAEncryption
41:97:64:89:0e:1d:9d:fb:43:59:fc:6b:0e:d5:d5:0c:e2:ca:
f7:b3:00:96:2a:c5:0f:2f:15:59:b6:0b:6d:cf:12:0e:30:66:
cc:18:68:e5:f5:5b:84:8f:08:ec:c2:1d:75:9c:05:fc:c2:74:
75:41:ee:b9:b5:45:82:48:1d:2a:5a:24:a4:f9:99:81:a0:83:
47:50:6d:59:a4:4d:24:7f:94:ea:3e:5e:c8:11:c0:94:a6:d9:
9d:9a:95:55:42:e3:bf:28:2f:82:4a:d1:81:f5:4c:10:31:0c:
66:52:8b:26:75:67:05:8e:96:44:7f:54:42:6d:62:94:1f:26:
03:14:5b:47:58:af:03:c5:4d:2f:8e:7f:49:d1:d7:4e:0f:15:
79:3d:9e:4a:b2:10:b3:9e:5a:06:29:32:27:96:c2:53:88:85:
43:36:20:1c:dd:dd:4a:45:aa:2c:ea:d7:3d:d9:3e:3c:cf:7e:
88:9e:39:26:6f:45:4d:74:07:de:42:37:0b:b0:91:7c:71:80:
5a:5b:df:05:8d:9c:2d:36:c4:82:46:c2:ee:d9:41:a7:86:e2:
d6:5b:15:9b:93:04:14:23:8a:68:d8:71:2d:88:0d:aa:11:3d:
86:22:fd:ab:88:ff:fa:c3:08:bc:87:9e:4d:f9:4e:06:2a:12:
b5:51:be:cd
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOlPMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI1MDYyNzQ3WhcNMjUxMjEwMDYyNzQ3WjAYMRYw
FAYDVQQDEw02NzZiYTVlNy03ZTA4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmarAhafZyUruUrOTFQPlj2t4ZJ3tI/EFd0rmnefK6LmW2nz+OUV4PgA9
hzBVERBHCSfscJlpePo6048M3LkxFEhFspS7rOGBZ8vBsLG807f8h9DSS/T+gAEv
LXbH/X+6ERlAxa8b8f/D4QbTCRRiU9N/+b33R/a1fRKDGnxCZ4Fo5DqgEK0f7JIm
08UFkux7Jme9XLRdbj3vBckgnB1lCBBqvBfyUjyqK1XUBPPw8yQWlrGAmD2em9md
u3onBXCDGAxbgr+yvJb+bm8guQwCqHWzZbZpYIwHkR+CrQXS/aPDDdZZR1JEiejB
/LaRLyTOnel9wEDgigkWXZz03VVFpQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGZM
yx4yvgjpKxLPWgfrAVC/efa+MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81REIxQzgwNEMyODkxMUVGOUFBNUEyQUQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnORIMA0GCSqGSIb3DQEBCwUA
A4IBAQBBl2SJDh2d+0NZ/GsO1dUM4sr3swCWKsUPLxVZtgttzxIOMGbMGGjl9VuE
jwjswh11nAX8wnR1Qe65tUWCSB0qWiSk+ZmBoINHUG1ZpE0kf5TqPl7IEcCUptmd
mpVVQuO/KC+CStGB9UwQMQxmUosmdWcFjpZEf1RCbWKUHyYDFFtHWK8DxU0vjn9J
0ddODxV5PZ5KshCznloGKTInlsJTiIVDNiAc3d1KRaos6tc92T48z36Injkmb0VN
dAfeQjcLsJF8cYBaW98FjZwtNsSCRsLu2UGnhuLWWxWbkwQUI4po2HEtiA2qET2G
Iv2riP/6wwi8h55N+U4GKhK1Ub7N
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:37:22 2025 by rpki-client