Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/67B46D5CBC4411EFB3A20599762E951A.roa
File: 67B46D5CBC4411EFB3A20599762E951A.roa (raw, json)
Hash identifier: UBAb3OZVkmxRbeqNifHOMjxBx4VqMUm9BrlXO7QrDgQ=
Subject key identifier: 4F:15:F2:42:59:1B:7D:DA:F1:3C:AC:72:44:71:6B:01:63:CE:B2:36
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E459
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/67B46D5CBC4411EFB3A20599762E951A.roa
Signing time: Tue 17 Dec 2024 06:59:05 +0000
ROA not before: Tue 17 Dec 2024 06:59:02 +0000
ROA not after: Sat 22 Mar 2025 06:59:02 +0000
asID: 4766
IP address blocks: 156.227.13.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58457 (0xe459)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 17 06:59:02 2024 GMT
Not After : Mar 22 06:59:02 2025 GMT
Subject: CN=67612139-ce74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:61:85:e1:d2:d5:5d:c2:34:73:3d:0e:83:f7:
b5:b0:69:74:12:4e:33:d3:f3:cc:0c:11:fd:99:3a:
bb:61:84:66:63:7a:4a:96:9e:5a:33:de:8a:dc:5b:
db:c9:ed:63:d7:22:1a:d3:ed:c5:e4:e7:ea:a6:e0:
43:ed:1c:d7:a0:94:2d:98:10:91:c2:80:14:9d:88:
30:3a:85:32:d2:df:c6:b7:8d:7d:70:25:49:2c:82:
82:21:c0:33:6b:9e:b6:3c:30:28:77:8f:4f:08:e9:
d0:84:19:29:1e:2f:cd:13:4d:9e:a4:76:2b:bd:02:
6e:a9:66:dd:e3:d3:bc:f8:06:56:f9:dd:a7:7b:43:
6a:68:f6:4d:22:9d:27:5d:54:d1:b3:19:f4:af:ef:
98:d7:66:a8:1c:8b:ba:cd:da:9d:f6:90:35:7b:31:
0b:26:a9:82:c7:30:15:3e:58:03:04:1c:4c:84:bf:
78:87:81:2e:15:b2:1d:47:e4:bd:7c:72:1e:2c:c1:
5e:04:2b:0c:d1:f2:ce:08:db:79:bb:14:e5:7c:b3:
10:82:39:cd:09:c9:66:f2:d2:00:f7:36:4e:42:57:
da:bb:20:5c:da:70:e8:e5:ae:8c:cb:02:ef:fe:b7:
ac:61:ce:b7:5a:db:ba:78:d5:9d:b3:61:9f:f1:2a:
7f:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:15:F2:42:59:1B:7D:DA:F1:3C:AC:72:44:71:6B:01:63:CE:B2:36
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/67B46D5CBC4411EFB3A20599762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.13.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:31:c4:70:1a:dd:9f:7f:28:9b:6b:51:4a:81:33:83:d1:4e:
f2:0a:86:5a:b6:b1:03:e1:83:62:f1:a7:ff:db:d0:a0:3a:e5:
4d:59:d7:b1:d0:e8:1c:e0:7b:9f:ca:64:fe:21:39:35:9f:c1:
f4:21:5b:06:57:8e:bb:78:17:38:ef:74:ad:df:2c:bb:c9:a3:
53:d3:85:ab:8c:a7:04:29:70:7a:b5:6c:ae:51:0f:bc:65:71:
cf:93:6b:06:15:45:8e:c8:0e:e3:eb:62:ea:31:9d:a7:d5:49:
9f:b8:99:17:49:40:50:04:6b:62:bb:43:aa:b2:89:a8:78:5b:
29:26:61:83:9a:75:70:4d:83:87:76:c0:74:ad:78:de:2d:49:
66:b0:47:b1:ca:17:60:0a:c1:99:16:96:f4:de:38:7a:2c:da:
48:a2:a4:9a:8a:e3:c3:38:c6:20:80:cc:8e:7e:77:bb:1a:b8:
c3:a8:23:a5:f5:34:36:77:b6:30:24:02:70:ab:43:ec:70:2e:
cc:d3:df:69:94:ef:d4:a1:39:84:dc:6f:2c:34:a3:cd:bf:59:
73:1d:da:a3:a3:87:fb:0f:38:5d:3b:bc:eb:ac:be:22:92:f7:
7b:59:00:cb:2e:a7:75:7a:89:de:26:fa:44:29:25:34:0e:2c:
76:3d:d9:92
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAORZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjE3MDY1OTAyWhcNMjUwMzIyMDY1OTAyWjAYMRYw
FAYDVQQDEw02NzYxMjEzOS1jZTc0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAymGF4dLVXcI0cz0Og/e1sGl0Ek4z0/PMDBH9mTq7YYRmY3pKlp5aM96K
3Fvbye1j1yIa0+3F5OfqpuBD7RzXoJQtmBCRwoAUnYgwOoUy0t/Gt419cCVJLIKC
IcAza562PDAod49PCOnQhBkpHi/NE02epHYrvQJuqWbd49O8+AZW+d2ne0NqaPZN
Ip0nXVTRsxn0r++Y12aoHIu6zdqd9pA1ezELJqmCxzAVPlgDBBxMhL94h4EuFbId
R+S9fHIeLMFeBCsM0fLOCNt5uxTlfLMQgjnNCclm8tIA9zZOQlfauyBc2nDo5a6M
ywLv/resYc63Wtu6eNWds2Gf8Sp/lwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFE8V
8kJZG33a8TysckRxawFjzrI2MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82N0I0NkQ1Q0JDNDQxMUVGQjNBMjA1OTk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOMNMA0GCSqGSIb3DQEBCwUA
A4IBAQA6McRwGt2ffyiba1FKgTOD0U7yCoZatrED4YNi8af/29CgOuVNWdex0Ogc
4HufymT+ITk1n8H0IVsGV467eBc473St3yy7yaNT04WrjKcEKXB6tWyuUQ+8ZXHP
k2sGFUWOyA7j62LqMZ2n1UmfuJkXSUBQBGtiu0OqsomoeFspJmGDmnVwTYOHdsB0
rXjeLUlmsEexyhdgCsGZFpb03jh6LNpIoqSaiuPDOMYggMyOfne7GrjDqCOl9TQ2
d7YwJAJwq0PscC7M099plO/UoTmE3G8sNKPNv1lzHdqjo4f7DzhdO7zrrL4ikvd7
WQDLLqd1eoneJvpEKSU0Dix2PdmS
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:59:28 2025 by rpki-client