Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/706D56DAC97211EFAACDA091762E951A.roa
File: 706D56DAC97211EFAACDA091762E951A.roa (raw, json)
Hash identifier: 2pX8J/M+f11arx+cL6/PgyQSZZyvEVuC3SuT0NZ/O+8=
Subject key identifier: 8B:7B:A7:DB:6C:AF:85:3C:B3:07:AF:76:F3:53:AF:74:04:B5:1C:64
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F4C3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/706D56DAC97211EFAACDA091762E951A.roa
Signing time: Fri 03 Jan 2025 01:31:22 +0000
ROA not before: Fri 03 Jan 2025 01:31:18 +0000
ROA not after: Mon 13 Dec 2027 01:31:18 +0000
asID: 17561
IP address blocks: 156.227.83.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62659 (0xf4c3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 01:31:18 2025 GMT
Not After : Dec 13 01:31:18 2027 GMT
Subject: CN=67773dea-720f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:68:d2:f4:7e:e0:7d:68:94:11:7e:92:d9:e8:
60:54:b0:28:5a:f6:20:de:23:92:4a:3d:55:b4:3c:
68:db:5d:67:ad:4d:38:14:45:0b:66:18:16:48:c3:
2f:54:57:cc:7e:78:f7:5b:90:e2:d6:ab:01:ad:cd:
9f:a6:dd:ea:62:4c:0c:20:9a:eb:e2:9c:eb:a1:c0:
9f:c2:3a:55:83:12:68:9e:3f:da:aa:1e:f1:9f:a9:
95:39:63:4b:eb:fd:7c:3d:54:6f:06:95:39:cd:e7:
5c:9f:37:1a:c5:0a:60:70:41:22:f1:e2:12:ef:31:
b5:92:3b:23:fe:5b:b7:28:be:11:e1:68:1a:2f:42:
da:cb:4b:2f:af:24:c5:d9:74:0c:1e:1d:e4:ba:d3:
26:94:8c:7e:0b:14:13:af:54:38:83:52:a6:5a:67:
7a:fc:6b:ed:6a:c3:e1:6a:36:e1:e7:aa:14:bb:33:
a0:dd:5b:6f:23:3c:89:c5:66:7c:f5:dc:e3:85:7c:
98:5f:e8:4e:fc:00:fa:dd:b4:fb:73:29:a8:03:e9:
4a:70:0f:cc:26:90:86:d1:ea:ae:c6:8d:e3:72:bc:
3d:4d:e4:64:06:3c:ea:31:fb:51:73:c5:d5:dd:a5:
07:8e:c5:73:f7:14:95:75:a0:46:c0:f9:1a:72:41:
84:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:7B:A7:DB:6C:AF:85:3C:B3:07:AF:76:F3:53:AF:74:04:B5:1C:64
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/706D56DAC97211EFAACDA091762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.83.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:e3:58:f0:f6:d4:f8:fb:68:fe:aa:63:d9:4c:8b:be:b1:04:
dd:2b:53:b1:65:b2:13:c5:6d:82:52:dd:98:ad:76:02:60:4f:
42:fe:cc:bd:01:9a:28:21:06:c5:b2:96:91:b1:44:d6:ea:92:
87:bf:34:be:8c:f3:5c:c4:bf:5a:c4:6f:9b:e9:d3:49:b1:c8:
5d:95:9b:bb:a1:c2:c0:d7:ec:bd:f3:5a:5a:e1:11:29:54:43:
5b:cd:92:01:3e:ca:95:7e:50:17:a6:64:ff:9c:a9:6e:62:e7:
d9:16:ee:9f:5f:c6:6e:08:0f:2e:04:30:9d:7d:01:5e:5e:95:
30:59:e5:03:e0:26:0e:9f:74:56:21:cf:f5:43:2e:39:42:8b:
a0:c0:92:79:bb:9c:1f:71:ee:d8:af:eb:4f:b3:4f:65:42:ac:
08:ea:d9:0b:fa:1b:48:70:79:3f:25:8c:56:6d:d2:1e:51:94:
e9:b6:d3:31:a8:b4:16:7b:1e:30:23:89:19:76:c6:2c:87:1c:
17:2f:20:ab:46:87:ad:31:ee:7e:f6:28:de:0d:34:7a:9d:7a:
63:77:a4:bd:e2:ee:1e:b5:8e:d3:2e:34:f6:90:8e:ea:5c:a2:
6a:2f:a4:04:22:df:d8:8f:1c:ee:a9:ef:b9:3b:5c:a4:25:5e:
a7:80:c6:35
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPTDMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDEzMTE4WhcNMjcxMjEzMDEzMTE4WjAYMRYw
FAYDVQQDEw02Nzc3M2RlYS03MjBmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwWjS9H7gfWiUEX6S2ehgVLAoWvYg3iOSSj1VtDxo211nrU04FEULZhgW
SMMvVFfMfnj3W5Di1qsBrc2fpt3qYkwMIJrr4pzrocCfwjpVgxJonj/aqh7xn6mV
OWNL6/18PVRvBpU5zedcnzcaxQpgcEEi8eIS7zG1kjsj/lu3KL4R4WgaL0Lay0sv
ryTF2XQMHh3kutMmlIx+CxQTr1Q4g1KmWmd6/GvtasPhajbh56oUuzOg3VtvIzyJ
xWZ89dzjhXyYX+hO/AD63bT7cymoA+lKcA/MJpCG0equxo3jcrw9TeRkBjzqMftR
c8XV3aUHjsVz9xSVdaBGwPkackGE1wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIt7
p9tsr4U8swevdvNTr3QEtRxkMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83MDZENTZEQUM5NzIxMUVGQUFDREEwOTE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnONTMA0GCSqGSIb3DQEBCwUA
A4IBAQCl41jw9tT4+2j+qmPZTIu+sQTdK1OxZbITxW2CUt2YrXYCYE9C/sy9AZoo
IQbFspaRsUTW6pKHvzS+jPNcxL9axG+b6dNJschdlZu7ocLA1+y981pa4REpVENb
zZIBPsqVflAXpmT/nKluYufZFu6fX8ZuCA8uBDCdfQFeXpUwWeUD4CYOn3RWIc/1
Qy45QougwJJ5u5wfce7Yr+tPs09lQqwI6tkL+htIcHk/JYxWbdIeUZTpttMxqLQW
ex4wI4kZdsYshxwXLyCrRoetMe5+9ijeDTR6nXpjd6S94u4etY7TLjT2kI7qXKJq
L6QEIt/Yjxzuqe+5O1ykJV6ngMY1
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:57:35 2025 by rpki-client