Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5F2F6CFCC28111EF93AB097D762E951A.roa
File: 5F2F6CFCC28111EF93AB097D762E951A.roa (raw, json)
Hash identifier: UYBajWLjD+zUha62gkbh/NZChkXiVub4sobbqnyNcJw=
Subject key identifier: 9E:B6:5C:51:48:99:54:86:9C:79:0F:76:DC:C1:B8:7F:C8:66:CF:F2
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E8ED
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5F2F6CFCC28111EF93AB097D762E951A.roa
Signing time: Wed 25 Dec 2024 05:30:37 +0000
ROA not before: Wed 25 Dec 2024 05:30:34 +0000
ROA not after: Wed 10 Dec 2025 05:30:34 +0000
asID: 984
IP address blocks: 156.228.21.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59629 (0xe8ed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 25 05:30:34 2024 GMT
Not After : Dec 10 05:30:34 2025 GMT
Subject: CN=676b987d-f334
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:90:c2:1b:38:bc:29:c9:35:a7:69:fc:cb:c5:
25:7c:5c:ee:58:d1:8a:66:57:01:d8:b7:18:e2:00:
68:23:ef:8d:3f:70:b7:a2:c7:e7:1a:4c:53:50:2d:
35:4a:c1:99:81:5e:e3:ba:55:31:19:6e:c7:4d:49:
ee:ad:15:43:3e:7a:2a:d7:3f:c5:0e:b2:51:5d:d9:
c0:06:4d:10:4d:41:f5:82:2b:4a:50:1b:28:9a:4d:
55:0f:ff:24:2c:67:61:55:2b:f6:0b:55:09:cd:13:
f8:48:04:ab:9b:c0:c1:6c:13:50:da:45:c1:ce:96:
3c:46:71:6d:eb:d9:0f:f3:ab:ed:9e:c1:1d:77:e4:
26:8e:cf:b6:eb:68:36:ea:b7:0b:43:2c:6e:c5:32:
01:c9:bd:a0:2d:d1:a4:8c:19:06:5c:26:3d:54:7c:
a6:8b:b4:5c:8b:97:fd:27:43:34:2c:18:aa:c9:74:
09:60:51:cb:df:5a:93:b6:b2:c4:eb:63:ee:06:a7:
8a:32:25:95:56:1c:96:62:75:b1:a7:d3:6f:87:3f:
a0:6e:e2:65:85:7a:fb:94:e4:9a:d6:28:70:5e:48:
be:b5:fd:a0:4d:82:00:08:c0:6c:68:86:51:c1:2b:
8a:52:96:4e:d4:eb:a5:86:b6:f0:74:b1:4e:88:23:
00:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:B6:5C:51:48:99:54:86:9C:79:0F:76:DC:C1:B8:7F:C8:66:CF:F2
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5F2F6CFCC28111EF93AB097D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.21.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:cc:e3:95:7b:e8:ae:d7:38:66:5c:1a:2d:24:cb:d7:d8:1c:
4e:0a:a6:7d:e4:a4:fc:79:2b:9b:78:51:dd:eb:80:39:00:bb:
69:c4:cf:40:6a:c4:d8:c9:b6:0d:95:44:09:42:5b:27:32:66:
b1:54:ba:43:18:87:42:6c:12:4b:2e:16:3f:84:84:67:9d:62:
57:0c:92:6a:d0:5a:18:3e:85:7b:1b:3d:54:ef:4b:a1:ec:b1:
cf:47:1e:8f:ac:f9:13:7b:c9:48:46:5c:8e:98:67:13:1c:1c:
38:64:ef:0c:86:90:a9:57:97:bc:d2:cc:f2:c6:dc:e7:2a:58:
ce:a5:21:e0:f4:b3:e3:e9:aa:df:92:f7:3f:92:26:50:db:1f:
0b:4c:2a:16:37:9e:0d:63:00:91:d6:89:2c:a1:e9:8f:6c:01:
ad:bc:4a:c3:9c:e6:b8:15:6f:8e:c2:1c:4a:18:ef:8a:e7:87:
2d:5c:38:59:6a:da:42:ad:3c:bc:b4:12:ab:48:8e:29:ad:fc:
31:c7:19:8a:20:78:fc:76:a2:43:14:88:68:f5:70:5d:73:3f:
17:e6:bc:ad:ad:40:8b:95:a9:d4:63:dc:20:c1:58:cc:27:cf:
65:42:b3:b3:5e:17:cd:6c:00:c5:19:11:9c:b2:cd:c7:4a:51:
c7:ba:9d:52
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOjtMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI1MDUzMDM0WhcNMjUxMjEwMDUzMDM0WjAYMRYw
FAYDVQQDEw02NzZiOTg3ZC1mMzM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzJDCGzi8Kck1p2n8y8UlfFzuWNGKZlcB2LcY4gBoI++NP3C3osfnGkxT
UC01SsGZgV7julUxGW7HTUnurRVDPnoq1z/FDrJRXdnABk0QTUH1gitKUBsomk1V
D/8kLGdhVSv2C1UJzRP4SASrm8DBbBNQ2kXBzpY8RnFt69kP86vtnsEdd+Qmjs+2
62g26rcLQyxuxTIByb2gLdGkjBkGXCY9VHymi7Rci5f9J0M0LBiqyXQJYFHL31qT
trLE62PuBqeKMiWVVhyWYnWxp9Nvhz+gbuJlhXr7lOSa1ihwXki+tf2gTYIACMBs
aIZRwSuKUpZO1OulhrbwdLFOiCMAhwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJ62
XFFImVSGnHkPdtzBuH/IZs/yMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81RjJGNkNGQ0MyODExMUVGOTNBQjA5N0Q3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOQVMA0GCSqGSIb3DQEBCwUA
A4IBAQCczOOVe+iu1zhmXBotJMvX2BxOCqZ95KT8eSubeFHd64A5ALtpxM9AasTY
ybYNlUQJQlsnMmaxVLpDGIdCbBJLLhY/hIRnnWJXDJJq0FoYPoV7Gz1U70uh7LHP
Rx6PrPkTe8lIRlyOmGcTHBw4ZO8MhpCpV5e80szyxtznKljOpSHg9LPj6arfkvc/
kiZQ2x8LTCoWN54NYwCR1oksoemPbAGtvErDnOa4FW+OwhxKGO+K54ctXDhZatpC
rTy8tBKrSI4prfwxxxmKIHj8dqJDFIho9XBdcz8X5rytrUCLlanUY9wgwVjMJ89l
QrOzXhfNbADFGRGcss3HSlHHup1S
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:52:14 2025 by rpki-client