Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/70382532C94A11EF86B2F290762E951A.roa
File: 70382532C94A11EF86B2F290762E951A.roa (raw, json)
Hash identifier: NxatV3bEkXgjksroBEemvPNnl+MNpnrP2PvVpBBzVp0=
Subject key identifier: 87:34:C7:A3:0F:33:71:1A:E3:B7:9E:AB:56:44:F2:6C:C0:DC:50:FC
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F388
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/70382532C94A11EF86B2F290762E951A.roa
Signing time: Thu 02 Jan 2025 20:45:02 +0000
ROA not before: Thu 02 Jan 2025 20:44:58 +0000
ROA not after: Mon 13 Dec 2027 20:44:58 +0000
asID: 17561
IP address blocks: 156.225.74.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62344 (0xf388)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 2 20:44:58 2025 GMT
Not After : Dec 13 20:44:58 2027 GMT
Subject: CN=6776face-0d7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:05:08:14:ee:44:e5:53:c4:4f:de:79:a3:6f:
24:95:4d:f1:4f:76:56:ad:56:77:d0:38:ba:c4:49:
78:a1:69:5a:d3:42:bf:b4:8d:77:51:d1:02:63:70:
61:2c:ce:96:6b:c9:29:af:0f:37:58:23:5b:b0:64:
b6:99:67:4e:5f:be:1d:3c:7b:d5:33:8c:f9:b3:76:
2f:36:c5:98:09:31:ba:57:2d:b0:9c:30:97:33:00:
5b:84:e3:e4:e3:ad:a6:0c:e7:d9:d8:d2:c4:e3:d0:
bd:5b:05:51:4f:95:a3:bd:99:e3:e0:b3:7f:e1:76:
b6:0b:94:c7:bb:0b:fa:cc:a2:ed:b8:c7:50:9b:3e:
01:76:f3:af:1c:02:e3:00:0c:cd:91:40:74:ee:ed:
f5:6e:0e:6e:64:b2:56:8e:8b:39:ea:6a:63:fc:f3:
12:e9:59:e0:23:14:43:2d:68:5d:73:25:41:9f:0e:
61:e4:1a:f9:d1:cb:7f:01:70:33:00:f5:ae:63:7c:
8e:df:5f:b1:69:20:7d:de:1e:b4:8e:fa:ce:36:27:
06:30:0c:6e:ed:9a:f7:ea:af:49:4c:01:7d:13:48:
6f:82:ef:62:db:04:3c:ba:0f:c9:76:e6:21:08:12:
f6:9c:30:1d:44:10:c0:96:cd:30:0d:ae:b6:aa:66:
6b:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:34:C7:A3:0F:33:71:1A:E3:B7:9E:AB:56:44:F2:6C:C0:DC:50:FC
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/70382532C94A11EF86B2F290762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.74.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:cf:bd:5e:4e:b4:84:3a:05:77:72:26:83:cc:5e:d0:24:4d:
23:61:0a:08:76:56:f1:b6:fc:49:e5:b9:1c:0b:32:40:eb:96:
cb:5e:03:a1:6d:c8:23:ad:aa:45:60:2f:d9:f4:36:59:c9:26:
c3:9c:d4:69:1a:dc:a2:f5:95:f5:85:db:4e:17:07:7c:b5:3a:
16:a3:f1:b0:6a:1a:ab:94:6d:8d:4f:97:0b:1f:ea:30:2f:66:
36:7e:6b:fd:1a:fc:98:b2:12:f2:a6:01:1c:84:02:72:9c:fe:
9e:5f:31:ba:74:72:86:bb:ce:2c:a7:47:ee:1e:0b:98:e4:f8:
11:8e:16:9b:07:c1:f3:6a:18:f0:8a:21:08:09:62:b3:d3:3d:
76:4c:e9:17:96:48:4b:50:c0:da:b4:1b:ce:0b:28:c4:66:0b:
f5:2d:f5:dc:78:37:42:7c:3d:cf:c1:a3:30:24:45:5d:d4:3e:
86:4a:ca:c4:7d:b1:1a:23:bf:8e:91:39:f0:9f:23:2f:08:66:
26:9f:71:bd:04:e9:d6:80:31:77:69:b1:88:bf:8f:8f:e8:d3:
4d:4d:68:a2:cc:87:ae:9a:32:21:fb:9a:19:6b:78:39:af:dc:
4d:cb:a6:7a:37:de:99:4b:7b:ff:47:06:00:cc:f9:cc:7f:82:
5f:0d:4d:f6
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPOIMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAyMjA0NDU4WhcNMjcxMjEzMjA0NDU4WjAYMRYw
FAYDVQQDEw02Nzc2ZmFjZS0wZDdhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0QUIFO5E5VPET955o28klU3xT3ZWrVZ30Di6xEl4oWla00K/tI13UdEC
Y3BhLM6Wa8kprw83WCNbsGS2mWdOX74dPHvVM4z5s3YvNsWYCTG6Vy2wnDCXMwBb
hOPk462mDOfZ2NLE49C9WwVRT5WjvZnj4LN/4Xa2C5THuwv6zKLtuMdQmz4BdvOv
HALjAAzNkUB07u31bg5uZLJWjos56mpj/PMS6VngIxRDLWhdcyVBnw5h5Br50ct/
AXAzAPWuY3yO31+xaSB93h60jvrONicGMAxu7Zr36q9JTAF9E0hvgu9i2wQ8ug/J
duYhCBL2nDAdRBDAls0wDa62qmZr9QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIc0
x6MPM3Ea47eeq1ZE8mzA3FD8MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83MDM4MjUzMkM5NEExMUVGODZCMkYyOTA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOFKMA0GCSqGSIb3DQEBCwUA
A4IBAQBOz71eTrSEOgV3ciaDzF7QJE0jYQoIdlbxtvxJ5bkcCzJA65bLXgOhbcgj
rapFYC/Z9DZZySbDnNRpGtyi9ZX1hdtOFwd8tToWo/GwahqrlG2NT5cLH+owL2Y2
fmv9GvyYshLypgEchAJynP6eXzG6dHKGu84sp0fuHguY5PgRjhabB8HzahjwiiEI
CWKz0z12TOkXlkhLUMDatBvOCyjEZgv1LfXceDdCfD3PwaMwJEVd1D6GSsrEfbEa
I7+OkTnwnyMvCGYmn3G9BOnWgDF3abGIv4+P6NNNTWiizIeumjIh+5oZa3g5r9xN
y6Z6N96ZS3v/RwYAzPnMf4JfDU32
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:54:09 2025 by rpki-client