Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6334FE70C27C11EF989DC65E762E951A.roa
File: 6334FE70C27C11EF989DC65E762E951A.roa (raw, json)
Hash identifier: DIzLet3On2fLFKN0imGniJoBAq7LNMIC82XrqWKnrfQ=
Subject key identifier: 77:7E:18:82:AF:1C:DD:09:8C:AE:06:C8:57:68:0D:68:DB:20:E0:92
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E8AF
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6334FE70C27C11EF989DC65E762E951A.roa
Signing time: Wed 25 Dec 2024 04:54:57 +0000
ROA not before: Wed 25 Dec 2024 04:54:53 +0000
ROA not after: Wed 10 Dec 2025 04:54:53 +0000
asID: 984
IP address blocks: 156.227.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59567 (0xe8af)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 25 04:54:53 2024 GMT
Not After : Dec 10 04:54:53 2025 GMT
Subject: CN=676b9021-8915
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:b7:1f:a3:9a:3f:76:7b:e7:82:fc:6c:85:62:
29:a1:8e:5a:62:82:57:48:da:15:4f:de:24:bc:0a:
d6:d3:03:2d:79:41:db:89:9f:10:d0:47:4a:15:6b:
f0:fa:bf:7c:12:29:a4:8e:a6:4d:d8:91:33:a1:d4:
36:6a:3a:7f:36:90:71:f1:3e:5e:7b:3b:e4:17:c2:
90:80:2e:f6:6c:29:24:b3:eb:fd:2e:9b:f7:2d:2c:
b7:2f:80:84:b8:c3:f2:0e:60:2a:4c:7b:4a:41:17:
e2:40:50:7e:cf:fd:5d:6e:a3:0b:24:fa:ec:d2:73:
3c:fb:5c:6c:f0:9e:52:eb:5d:71:8c:7e:16:87:bf:
c3:c9:6a:47:20:5c:0c:7a:c8:16:a0:57:a9:cf:38:
e4:53:d9:d1:1f:b0:77:8c:40:cc:01:47:77:a4:00:
93:8c:45:78:f4:dc:a3:f1:99:5e:0a:7e:5d:9b:00:
6e:14:df:cc:bc:8d:6c:63:d7:20:c6:fb:11:a5:41:
09:88:a3:3a:dd:16:98:18:fe:bd:96:f7:f8:29:7a:
49:10:18:59:03:b6:ba:48:74:ab:2c:78:0f:d5:12:
bd:57:4b:6b:45:bd:e2:2f:92:93:08:10:c6:cf:3b:
69:8a:48:79:28:53:12:03:c3:ff:d7:ef:69:89:67:
46:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:7E:18:82:AF:1C:DD:09:8C:AE:06:C8:57:68:0D:68:DB:20:E0:92
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6334FE70C27C11EF989DC65E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.169.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:44:de:52:3f:6d:51:79:e9:14:d2:79:44:7b:10:da:0f:bf:
72:da:cc:bb:53:6f:e7:f2:21:b8:2d:17:8d:29:55:3b:89:c8:
87:7c:57:d4:26:54:3f:2d:b8:35:66:7d:51:c9:41:f1:79:d5:
e9:53:7b:3b:66:d2:17:b3:0b:e7:bd:d2:42:77:04:d2:cd:c9:
79:a1:a6:ee:7b:36:22:18:c2:36:2b:6b:03:3c:5b:8c:43:f4:
18:c0:d0:36:67:65:dd:7d:ff:7b:70:e9:45:70:f4:fa:96:f7:
33:7a:18:0b:e8:10:c7:46:bf:08:b1:6f:77:48:64:9d:42:dc:
c4:fb:fb:69:55:68:ac:5b:d4:2f:67:22:27:f5:85:e2:a1:ba:
8d:e0:bf:56:24:a4:ea:8b:45:be:dc:c8:23:b8:22:6e:43:f2:
54:f3:42:fe:fe:bf:1d:1f:f1:8a:5f:e0:61:2d:54:a3:56:a9:
ba:d5:f7:08:e6:f3:3c:43:bc:93:30:2c:b9:f6:ee:4d:6d:52:
fa:d8:e0:38:f3:65:75:ce:88:96:bb:55:97:4d:28:e2:07:e5:
a9:15:23:45:e1:c6:15:ad:7a:12:4e:b6:01:a6:0d:b8:91:28:
3b:de:2a:69:9f:f6:af:93:91:15:c6:ab:45:0c:2a:a0:a7:36:
b2:8d:67:30
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOivMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI1MDQ1NDUzWhcNMjUxMjEwMDQ1NDUzWjAYMRYw
FAYDVQQDEw02NzZiOTAyMS04OTE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAt7cfo5o/dnvngvxshWIpoY5aYoJXSNoVT94kvArW0wMteUHbiZ8Q0EdK
FWvw+r98EimkjqZN2JEzodQ2ajp/NpBx8T5eezvkF8KQgC72bCkks+v9Lpv3LSy3
L4CEuMPyDmAqTHtKQRfiQFB+z/1dbqMLJPrs0nM8+1xs8J5S611xjH4Wh7/DyWpH
IFwMesgWoFepzzjkU9nRH7B3jEDMAUd3pACTjEV49Nyj8ZleCn5dmwBuFN/MvI1s
Y9cgxvsRpUEJiKM63RaYGP69lvf4KXpJEBhZA7a6SHSrLHgP1RK9V0trRb3iL5KT
CBDGzztpikh5KFMSA8P/1+9piWdG6wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHd+
GIKvHN0JjK4GyFdoDWjbIOCSMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82MzM0RkU3MEMyN0MxMUVGOTg5REM2NUU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOOpMA0GCSqGSIb3DQEBCwUA
A4IBAQANRN5SP21ReekU0nlEexDaD79y2sy7U2/n8iG4LReNKVU7iciHfFfUJlQ/
Lbg1Zn1RyUHxedXpU3s7ZtIXswvnvdJCdwTSzcl5oabuezYiGMI2K2sDPFuMQ/QY
wNA2Z2Xdff97cOlFcPT6lvczehgL6BDHRr8IsW93SGSdQtzE+/tpVWisW9QvZyIn
9YXiobqN4L9WJKTqi0W+3MgjuCJuQ/JU80L+/r8dH/GKX+BhLVSjVqm61fcI5vM8
Q7yTMCy59u5NbVL62OA482V1zoiWu1WXTSjiB+WpFSNF4cYVrXoSTrYBpg24kSg7
3ippn/avk5EVxqtFDCqgpzayjWcw
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:00:06 2025 by rpki-client