Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/62A5484CC34011EF9C0A8AB6762E951A.roa
File: 62A5484CC34011EF9C0A8AB6762E951A.roa (raw, json)
Hash identifier: 8lfFwFRz5pP6sofKw31KkWdPcwjqGZ/REtPEW/kYpsk=
Subject key identifier: 5C:F2:91:00:F3:92:4E:D2:93:C8:68:B1:CE:44:9B:0D:11:CA:10:37
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EBC3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/62A5484CC34011EF9C0A8AB6762E951A.roa
Signing time: Thu 26 Dec 2024 04:17:57 +0000
ROA not before: Thu 26 Dec 2024 04:17:54 +0000
ROA not after: Fri 10 Dec 2027 04:17:54 +0000
asID: 17561
IP address blocks: 156.244.221.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60355 (0xebc3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 04:17:54 2024 GMT
Not After : Dec 10 04:17:54 2027 GMT
Subject: CN=676cd8f5-935f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:6f:ec:e8:77:b6:bf:9b:77:9e:e6:65:87:f7:
97:36:08:c8:47:38:0b:32:39:c7:da:cd:3b:05:ac:
a7:fd:09:70:2f:12:b5:bb:6b:a6:68:10:1a:ff:ae:
76:d1:24:3b:a8:9b:6f:9e:cb:d7:3d:8d:5c:e6:25:
e9:b8:a6:6f:77:7a:4c:57:d2:ee:e5:44:b8:70:e6:
99:de:4f:de:5b:54:1a:3d:d7:0d:c2:c9:83:9f:f6:
d6:52:1f:35:a8:87:2b:f8:9e:4f:9f:48:44:3d:22:
32:d9:4c:9a:82:dc:0b:69:9b:04:c1:02:6b:69:0b:
40:53:71:21:b6:68:f2:8a:17:53:98:82:a3:91:22:
4e:63:7b:93:ca:5d:bc:d1:d6:e6:4a:e5:b5:53:b0:
2e:47:00:d6:fe:6f:19:05:88:e4:f1:4e:f4:f1:28:
ee:59:19:59:0e:5e:2d:18:a6:5a:65:2b:c5:7b:2a:
5d:4a:20:fa:00:83:29:43:be:18:e7:a7:d0:02:a8:
9a:6a:d0:62:9c:25:64:03:53:b3:8f:15:10:41:d6:
9a:4d:5a:b3:6f:f3:27:92:5c:af:8e:61:62:6f:63:
82:d0:37:58:81:76:24:6b:b8:fd:0d:14:d0:4d:08:
76:e1:b0:ff:27:61:d1:35:a5:33:a2:0a:82:66:8b:
34:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:F2:91:00:F3:92:4E:D2:93:C8:68:B1:CE:44:9B:0D:11:CA:10:37
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/62A5484CC34011EF9C0A8AB6762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.244.221.0/24
Signature Algorithm: sha256WithRSAEncryption
13:16:6f:d7:8c:a0:b9:15:29:9a:64:90:1f:40:78:08:d3:02:
7d:ea:da:00:67:7e:ff:e8:15:73:07:86:73:a9:fd:ab:2c:e7:
6c:3f:bc:aa:e8:3f:87:83:42:52:a5:91:55:09:00:31:ac:d1:
b7:a9:d6:71:44:13:b7:8c:88:68:e5:b8:8e:83:90:db:5b:23:
7b:73:08:40:85:5f:90:f0:67:8a:cf:dc:6d:62:29:46:13:fc:
d9:82:43:64:e0:ab:cf:08:5c:64:be:b8:45:00:87:67:ec:1b:
de:07:53:f3:5a:4d:95:e7:df:29:9a:7d:48:dd:6e:2f:4d:48:
37:9b:88:68:4e:d4:48:9d:1a:a0:76:e6:53:fc:a5:22:35:67:
96:a2:36:9e:db:67:77:1a:22:1e:a6:66:ad:6f:7c:9b:a5:42:
f7:ad:5e:54:cd:b4:42:78:0d:c9:e8:5b:7b:b0:19:d4:a1:57:
be:02:3c:0a:9a:94:94:2c:17:e6:f3:bd:a8:27:6e:bd:cf:bb:
db:f4:eb:15:19:ac:6a:d0:0b:5a:29:6a:33:96:0d:a6:ea:c3:
39:b1:37:ab:49:98:c7:80:c0:18:ed:6b:19:f0:fb:d4:56:0d:
d6:85:fb:32:b8:be:32:63:45:c2:9c:4e:33:09:c2:6f:f1:ff:
ed:2c:97:b9
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOvDMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDQxNzU0WhcNMjcxMjEwMDQxNzU0WjAYMRYw
FAYDVQQDEw02NzZjZDhmNS05MzVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuW/s6He2v5t3nuZlh/eXNgjIRzgLMjnH2s07Bayn/QlwLxK1u2umaBAa
/6520SQ7qJtvnsvXPY1c5iXpuKZvd3pMV9Lu5US4cOaZ3k/eW1QaPdcNwsmDn/bW
Uh81qIcr+J5Pn0hEPSIy2UyagtwLaZsEwQJraQtAU3EhtmjyihdTmIKjkSJOY3uT
yl280dbmSuW1U7AuRwDW/m8ZBYjk8U708SjuWRlZDl4tGKZaZSvFeypdSiD6AIMp
Q74Y56fQAqiaatBinCVkA1OzjxUQQdaaTVqzb/MnklyvjmFib2OC0DdYgXYka7j9
DRTQTQh24bD/J2HRNaUzogqCZos0KQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFzy
kQDzkk7Sk8hosc5Emw0RyhA3MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82MkE1NDg0Q0MzNDAxMUVGOUMwQThBQjY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPTdMA0GCSqGSIb3DQEBCwUA
A4IBAQATFm/XjKC5FSmaZJAfQHgI0wJ96toAZ37/6BVzB4Zzqf2rLOdsP7yq6D+H
g0JSpZFVCQAxrNG3qdZxRBO3jIho5biOg5DbWyN7cwhAhV+Q8GeKz9xtYilGE/zZ
gkNk4KvPCFxkvrhFAIdn7BveB1PzWk2V598pmn1I3W4vTUg3m4hoTtRInRqgduZT
/KUiNWeWojae22d3GiIepmatb3ybpUL3rV5UzbRCeA3J6Ft7sBnUoVe+AjwKmpSU
LBfm872oJ269z7vb9OsVGaxq0AtaKWozlg2m6sM5sTerSZjHgMAY7WsZ8PvUVg3W
hfsyuL4yY0XCnE4zCcJv8f/tLJe5
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:45:55 2025 by rpki-client