Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/69DDABB4C32111EFA61E745C762E951A.roa
File: 69DDABB4C32111EFA61E745C762E951A.roa (raw, json)
Hash identifier: VgIFjm/ohFPQW+wLghwm0VgYeLZvkDD7Yc0fgW+hmxQ=
Subject key identifier: D2:0B:AA:C0:A2:E3:B2:84:9B:BC:FE:F6:3A:CB:F8:34:0B:0B:3D:47
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EA25
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/69DDABB4C32111EFA61E745C762E951A.roa
Signing time: Thu 26 Dec 2024 00:36:15 +0000
ROA not before: Thu 26 Dec 2024 00:00:11 +0000
ROA not after: Wed 10 Dec 2025 00:00:11 +0000
asID: 984
IP address blocks: 156.228.227.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59941 (0xea25)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 00:00:11 2024 GMT
Not After : Dec 10 00:00:11 2025 GMT
Subject: CN=676ca4ff-54f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:52:9a:a8:87:ae:83:ab:4f:c4:b2:e0:b8:0f:
d1:bf:0f:52:e1:6a:1f:14:4c:a5:3c:3a:e3:0a:8b:
46:4f:cc:52:15:f1:cd:ac:00:e2:b3:17:e2:e3:2a:
61:3c:cd:16:c5:2e:53:a6:bf:9d:a7:b6:f6:d8:f7:
95:f9:29:62:3d:44:59:e6:2d:f5:a5:04:d9:6c:2c:
99:85:2c:8e:59:07:72:a8:92:85:05:e7:e9:19:6a:
52:3c:47:b6:75:64:7c:47:77:5a:70:3f:7e:69:e4:
bd:41:66:dc:ca:88:af:1c:da:92:5b:2b:50:a1:8c:
28:c1:3e:cb:c6:07:bb:8d:8f:90:81:ee:8a:a8:30:
22:77:23:77:70:42:6f:92:25:fc:b7:98:d1:19:ac:
dc:e1:bf:bd:32:02:b4:da:ae:a5:f5:fc:ad:29:fd:
97:45:d4:f9:84:b9:9b:50:c1:85:1b:79:4a:f3:87:
79:3a:13:28:22:cc:1c:a6:44:19:e3:0a:3c:86:e7:
df:b1:8b:00:4d:5e:a5:8d:f3:38:2b:41:f8:a1:fe:
75:4c:f6:68:87:0e:c3:3b:64:ba:01:49:73:5e:e5:
a7:0b:09:3d:9a:d0:76:5c:3f:5d:34:68:f2:08:49:
7a:b8:f1:b9:f1:65:ab:fc:a7:c9:f7:9b:e0:3b:86:
10:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:0B:AA:C0:A2:E3:B2:84:9B:BC:FE:F6:3A:CB:F8:34:0B:0B:3D:47
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/69DDABB4C32111EFA61E745C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.227.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:ae:0c:7b:dd:3a:66:1f:f0:d1:7f:2c:1c:18:5b:19:02:0f:
17:b7:00:be:55:e0:bb:38:a3:d0:e9:b4:7b:40:ba:e7:ac:eb:
cf:ab:09:a0:8d:8a:62:89:0e:3b:00:e2:20:e0:5d:e1:5b:55:
6f:d3:5e:33:58:d1:cb:ce:33:95:50:b6:5b:e7:78:10:da:3e:
05:5a:a0:97:2a:f7:4f:67:59:af:56:48:09:05:7e:d5:54:de:
d8:da:de:dd:7b:a1:17:11:44:74:a1:0f:6c:b2:db:86:b1:87:
00:e6:36:59:97:67:6d:a5:6c:bf:54:9b:c1:41:68:96:52:63:
7d:cc:8c:4e:06:15:eb:cd:d4:82:ac:44:51:3a:3d:54:7e:78:
8c:75:c6:92:11:75:5e:19:c6:aa:4c:22:dc:1c:f2:2d:3e:5c:
a9:f1:d4:ec:ab:64:de:08:02:34:6b:44:e1:70:cc:d6:3b:a6:
f0:14:a6:61:bd:47:55:c4:7b:be:08:4b:b5:08:c2:1c:1e:40:
d0:cf:40:a7:aa:c1:94:22:a4:4e:21:e4:2c:69:e1:b7:01:8a:
41:9a:e1:4c:9a:44:4f:73:70:13:ba:61:70:e9:4d:88:d0:58:
d7:77:df:fa:a6:65:a3:54:13:44:35:af:41:d7:63:c5:49:62:
b2:55:93:34
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOolMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDAwMDExWhcNMjUxMjEwMDAwMDExWjAYMRYw
FAYDVQQDEw02NzZjYTRmZi01NGY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAw1KaqIeug6tPxLLguA/Rvw9S4WofFEylPDrjCotGT8xSFfHNrADisxfi
4yphPM0WxS5Tpr+dp7b22PeV+SliPURZ5i31pQTZbCyZhSyOWQdyqJKFBefpGWpS
PEe2dWR8R3dacD9+aeS9QWbcyoivHNqSWytQoYwowT7Lxge7jY+Qge6KqDAidyN3
cEJvkiX8t5jRGazc4b+9MgK02q6l9fytKf2XRdT5hLmbUMGFG3lK84d5OhMoIswc
pkQZ4wo8huffsYsATV6ljfM4K0H4of51TPZohw7DO2S6AUlzXuWnCwk9mtB2XD9d
NGjyCEl6uPG58WWr/KfJ95vgO4YQZQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNIL
qsCi47KEm7z+9jrL+DQLCz1HMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82OUREQUJCNEMzMjExMUVGQTYxRTc0NUM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOTjMA0GCSqGSIb3DQEBCwUA
A4IBAQAurgx73TpmH/DRfywcGFsZAg8XtwC+VeC7OKPQ6bR7QLrnrOvPqwmgjYpi
iQ47AOIg4F3hW1Vv014zWNHLzjOVULZb53gQ2j4FWqCXKvdPZ1mvVkgJBX7VVN7Y
2t7de6EXEUR0oQ9sstuGsYcA5jZZl2dtpWy/VJvBQWiWUmN9zIxOBhXrzdSCrERR
Oj1UfniMdcaSEXVeGcaqTCLcHPItPlyp8dTsq2TeCAI0a0ThcMzWO6bwFKZhvUdV
xHu+CEu1CMIcHkDQz0CnqsGUIqROIeQsaeG3AYpBmuFMmkRPc3ATumFw6U2I0FjX
d9/6pmWjVBNENa9B12PFSWKyVZM0
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:53:07 2025 by rpki-client