Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/66A50B98C34111EFB6BBADBE762E951A.roa
File: 66A50B98C34111EFB6BBADBE762E951A.roa (raw, json)
Hash identifier: oKw6AohifqyI5WkgDfP+N9NL/3cVMMPelIISVZd80XA=
Subject key identifier: 12:BC:79:24:7D:93:6D:EB:B9:11:9C:CF:14:EA:25:60:25:8C:28:E4
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EBCF
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/66A50B98C34111EFB6BBADBE762E951A.roa
Signing time: Thu 26 Dec 2024 04:25:14 +0000
ROA not before: Thu 26 Dec 2024 04:25:10 +0000
ROA not after: Fri 10 Dec 2027 04:25:10 +0000
asID: 17561
IP address blocks: 156.244.227.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60367 (0xebcf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 04:25:10 2024 GMT
Not After : Dec 10 04:25:10 2027 GMT
Subject: CN=676cdaa9-7d4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:0d:9d:bb:c1:17:93:a5:97:4a:0e:2b:66:84:
15:8b:6a:b8:60:f1:c6:47:09:c5:61:6f:cf:3e:ef:
f5:ca:e8:b8:db:0a:db:47:5a:4a:b1:ab:56:33:f0:
60:64:37:1d:7a:03:60:80:99:67:8e:08:dc:00:f1:
ef:ba:94:86:88:ff:22:a6:4b:a4:2b:72:f2:b3:25:
1c:65:c9:49:65:45:27:4b:5b:e0:ad:1e:aa:80:0e:
ac:c3:43:df:55:ad:2e:db:56:c3:47:34:b3:f4:e5:
43:10:0c:da:9f:70:e1:98:4d:51:2c:8f:e5:63:6e:
df:03:01:79:ef:6a:ff:fb:9d:99:0d:d5:e2:56:48:
6f:1d:3b:52:19:34:84:c0:c2:0d:2f:4b:c3:c7:04:
39:ec:23:48:02:04:55:dd:a0:3f:11:68:c4:b0:74:
6b:30:9b:2b:3d:35:af:43:91:c9:73:f5:17:09:68:
17:de:2a:4c:23:bb:65:75:fe:b1:7e:ee:6f:b8:2c:
86:8b:ea:d3:98:9d:40:c1:0e:37:89:df:b3:76:3f:
28:cf:26:48:75:9e:33:06:ea:9d:de:8f:47:d3:6c:
ea:10:7f:24:06:e0:d7:fe:a3:55:f0:fd:41:ce:30:
bb:18:07:f4:cf:11:c3:2b:7d:aa:01:70:30:26:bc:
fb:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:BC:79:24:7D:93:6D:EB:B9:11:9C:CF:14:EA:25:60:25:8C:28:E4
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/66A50B98C34111EFB6BBADBE762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.244.227.0/24
Signature Algorithm: sha256WithRSAEncryption
94:c2:78:84:0f:98:0d:54:38:91:d4:e7:b1:c9:ca:5c:f4:26:
dd:29:cf:21:40:74:ea:d9:97:ee:fb:80:40:14:ef:ac:de:32:
f9:5d:cb:b2:71:90:94:ad:2c:dd:3b:8f:70:e2:f4:6e:37:aa:
1b:6b:fa:b8:dd:e2:97:be:f1:fb:8e:ad:f9:e6:c0:42:6d:21:
f4:a7:20:00:8d:19:25:33:cc:db:a2:08:95:2c:b1:e3:d2:bb:
5e:da:c0:28:46:c8:dd:9b:8e:87:f0:f5:7f:4f:25:62:0d:bb:
87:10:60:19:75:29:70:8c:9c:78:ff:cc:46:70:33:f4:74:08:
1f:3a:5f:91:ba:95:3e:f9:49:06:62:3e:17:28:5d:67:b6:7e:
c9:f5:d1:53:10:aa:e3:57:45:79:65:71:bf:1d:4a:47:6f:93:
83:0d:26:d7:f9:8d:19:32:0b:3c:2b:b0:2a:3a:be:66:c2:5f:
55:ee:b2:fa:a7:4d:14:06:1d:79:3c:6d:59:91:40:31:9e:b1:
a1:48:19:85:54:06:8e:c1:da:0a:b3:93:5b:4e:a2:65:21:27:
3a:8a:99:e1:e9:af:ed:8d:40:15:81:21:04:55:f6:43:5e:b1:
6c:b1:7b:19:b9:f7:6e:62:23:7e:5d:51:ed:4d:32:16:c0:40:
7a:38:e5:62
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOvPMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDQyNTEwWhcNMjcxMjEwMDQyNTEwWjAYMRYw
FAYDVQQDEw02NzZjZGFhOS03ZDRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxw2du8EXk6WXSg4rZoQVi2q4YPHGRwnFYW/PPu/1yui42wrbR1pKsatW
M/BgZDcdegNggJlnjgjcAPHvupSGiP8ipkukK3LysyUcZclJZUUnS1vgrR6qgA6s
w0PfVa0u21bDRzSz9OVDEAzan3DhmE1RLI/lY27fAwF572r/+52ZDdXiVkhvHTtS
GTSEwMINL0vDxwQ57CNIAgRV3aA/EWjEsHRrMJsrPTWvQ5HJc/UXCWgX3ipMI7tl
df6xfu5vuCyGi+rTmJ1AwQ43id+zdj8ozyZIdZ4zBuqd3o9H02zqEH8kBuDX/qNV
8P1BzjC7GAf0zxHDK32qAXAwJrz7hQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBK8
eSR9k23ruRGczxTqJWAljCjkMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82NkE1MEI5OEMzNDExMUVGQjZCQkFEQkU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPTjMA0GCSqGSIb3DQEBCwUA
A4IBAQCUwniED5gNVDiR1Oexycpc9CbdKc8hQHTq2Zfu+4BAFO+s3jL5XcuycZCU
rSzdO49w4vRuN6oba/q43eKXvvH7jq355sBCbSH0pyAAjRklM8zbogiVLLHj0rte
2sAoRsjdm46H8PV/TyViDbuHEGAZdSlwjJx4/8xGcDP0dAgfOl+RupU++UkGYj4X
KF1ntn7J9dFTEKrjV0V5ZXG/HUpHb5ODDSbX+Y0ZMgs8K7AqOr5mwl9V7rL6p00U
Bh15PG1ZkUAxnrGhSBmFVAaOwdoKs5NbTqJlISc6ipnh6a/tjUAVgSEEVfZDXrFs
sXsZufduYiN+XVHtTTIWwEB6OOVi
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:55:00 2025 by rpki-client