Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5F1D9FD2CAD711EFB2CDF06C762E951A.roa
File: 5F1D9FD2CAD711EFB2CDF06C762E951A.roa (raw, json)
Hash identifier: eNzRGBsQX6m8gQsbajisLWGDGNGuTjQOuF3FKJU0DAk=
Subject key identifier: 18:F7:09:CE:60:F2:9F:61:12:8F:3C:AD:08:DC:86:B7:5C:44:30:6C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F78E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5F1D9FD2CAD711EFB2CDF06C762E951A.roa
Signing time: Sat 04 Jan 2025 20:06:24 +0000
ROA not before: Sun 05 Jan 2025 20:06:20 +0000
ROA not after: Thu 06 Feb 2025 20:06:20 +0000
asID: 49434
IP address blocks: 156.229.228.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 06 Feb 2025 20:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63374 (0xf78e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 5 20:06:20 2025 GMT
Not After : Feb 6 20:06:20 2025 GMT
Subject: CN=677994bf-7aa0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:ee:bc:56:96:5b:b6:24:72:99:9e:70:79:9a:
63:d4:71:8e:8e:88:2b:5b:48:d0:98:31:05:3a:ef:
88:47:d2:9a:2b:d4:c0:2c:9c:e5:69:fa:cb:ea:08:
61:4b:21:72:0a:9c:fd:83:83:b3:03:e1:d5:cd:3e:
16:20:a2:37:95:2e:05:54:13:7d:45:ec:45:b3:72:
fa:8a:1d:b1:4b:44:f3:28:fc:54:f0:16:e8:14:70:
d8:11:b2:e2:5e:5b:50:e0:97:55:a5:d6:df:ab:4d:
fb:d0:ce:a8:13:d9:36:c1:02:f7:47:c0:4b:21:7b:
a8:14:0b:79:27:d7:d4:10:55:73:d5:ab:e1:07:7b:
84:25:3c:c7:88:58:76:f5:21:67:dd:c5:65:0b:94:
95:b1:90:32:fc:d3:06:fb:a0:07:0a:7d:bf:30:b9:
56:81:af:42:75:05:67:50:95:45:78:df:1c:0c:34:
6f:54:c6:6f:a9:69:fb:0c:6d:99:c8:c0:a3:9a:ef:
d1:6e:92:2d:7c:1b:09:cf:e9:25:6e:9a:9d:97:51:
ad:a4:5d:8f:63:00:a6:ef:54:82:42:e4:88:fe:fa:
df:58:ad:e1:f3:89:64:0b:fa:e0:a7:7a:61:0a:f1:
68:7e:8e:df:e0:3e:b2:89:23:76:5e:2c:d5:0f:a2:
3e:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:F7:09:CE:60:F2:9F:61:12:8F:3C:AD:08:DC:86:B7:5C:44:30:6C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5F1D9FD2CAD711EFB2CDF06C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.228.0/22
Signature Algorithm: sha256WithRSAEncryption
9a:1c:46:1b:00:1e:6a:48:10:07:b8:58:8e:f3:4e:3a:0a:2e:
32:54:0e:b5:b9:52:f8:f4:5c:2a:82:f7:98:bc:e1:14:f5:d4:
ef:13:08:7b:f7:8c:0b:8c:42:e7:bf:6a:49:3b:4b:18:ca:e9:
d1:f6:4b:69:22:49:27:35:0d:2b:ac:57:ca:b4:91:19:f8:5b:
ca:36:74:9c:ef:65:fc:2e:a2:7b:5c:07:24:89:e5:f6:c3:ba:
b4:bf:7f:aa:d5:68:02:b8:d2:9d:06:02:72:5f:4a:49:f4:d3:
83:ac:66:ae:1f:5a:21:d3:a1:34:95:6b:2b:2f:1e:17:f4:e1:
8d:c7:fb:38:7e:d0:14:9e:b0:83:bf:c6:e0:12:97:e6:5c:00:
d1:d6:30:32:b3:a6:79:e6:50:58:74:37:8e:3b:3d:9e:c3:e2:
ee:78:c7:83:28:02:6b:f7:0c:ba:c4:1f:c2:da:02:00:0b:15:
45:b0:c0:02:84:ab:8c:2b:46:55:17:e6:26:8a:62:ae:ef:91:
01:4e:db:2d:25:de:a7:28:f3:41:b7:47:d6:8b:3f:07:bf:d5:
96:eb:fe:a0:a7:4c:26:2f:41:fd:70:51:6a:0c:03:1f:d6:9f:
f5:4f:7b:6f:ec:78:a9:86:f5:0e:98:15:02:d7:2e:c9:cf:ad:
a5:d2:36:db
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPeOMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA1MjAwNjIwWhcNMjUwMjA2MjAwNjIwWjAYMRYw
FAYDVQQDEw02Nzc5OTRiZi03YWEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzu68VpZbtiRymZ5weZpj1HGOjogrW0jQmDEFOu+IR9KaK9TALJzlafrL
6ghhSyFyCpz9g4OzA+HVzT4WIKI3lS4FVBN9RexFs3L6ih2xS0TzKPxU8BboFHDY
EbLiXltQ4JdVpdbfq0370M6oE9k2wQL3R8BLIXuoFAt5J9fUEFVz1avhB3uEJTzH
iFh29SFn3cVlC5SVsZAy/NMG+6AHCn2/MLlWga9CdQVnUJVFeN8cDDRvVMZvqWn7
DG2ZyMCjmu/RbpItfBsJz+klbpqdl1GtpF2PYwCm71SCQuSI/vrfWK3h84lkC/rg
p3phCvFofo7f4D6yiSN2XizVD6I+uwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBj3
Cc5g8p9hEo88rQjchrdcRDBsMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81RjFEOUZEMkNBRDcxMUVGQjJDREYwNkM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnOXkMA0GCSqGSIb3DQEBCwUA
A4IBAQCaHEYbAB5qSBAHuFiO8046Ci4yVA61uVL49FwqgveYvOEU9dTvEwh794wL
jELnv2pJO0sYyunR9ktpIkknNQ0rrFfKtJEZ+FvKNnSc72X8LqJ7XAckieX2w7q0
v3+q1WgCuNKdBgJyX0pJ9NODrGauH1oh06E0lWsrLx4X9OGNx/s4ftAUnrCDv8bg
EpfmXADR1jAys6Z55lBYdDeOOz2ew+LueMeDKAJr9wy6xB/C2gIACxVFsMAChKuM
K0ZVF+YmimKu75EBTtstJd6nKPNBt0fWiz8Hv9WW6/6gp0wmL0H9cFFqDAMf1p/1
T3tv7HiphvUOmBUC1y7Jz62l0jbb
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:43:04 2025 by rpki-client