Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7244C8C4C28511EF9B497996762E951A.roa
File: 7244C8C4C28511EF9B497996762E951A.roa (raw, json)
Hash identifier: mgQ7ar9C2/TwYyxyd1uBfM8n0eGV8jcYWlxVJNLOYoE=
Subject key identifier: 20:A6:97:27:CB:70:7D:8C:6A:EB:BB:E0:F4:6E:02:A4:89:B3:9D:EC
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E91F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7244C8C4C28511EF9B497996762E951A.roa
Signing time: Wed 25 Dec 2024 05:59:48 +0000
ROA not before: Wed 25 Dec 2024 05:59:44 +0000
ROA not after: Wed 10 Dec 2025 05:59:44 +0000
asID: 984
IP address blocks: 156.228.47.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59679 (0xe91f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 25 05:59:44 2024 GMT
Not After : Dec 10 05:59:44 2025 GMT
Subject: CN=676b9f53-7299
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:2d:0f:34:b0:d8:a1:38:28:e2:a8:ac:a3:7f:
0c:b2:10:62:e2:43:6a:a4:4e:3c:d3:39:ee:7b:85:
f7:af:56:1b:c3:e3:64:a0:a1:eb:04:c8:f4:7a:77:
1a:93:1a:7d:b4:68:af:77:f8:0f:1a:b1:3c:1d:3c:
d9:91:18:00:6f:ac:fc:a8:94:98:89:b8:3a:54:60:
62:4c:6b:90:7d:e3:2e:35:23:24:fd:16:56:ee:26:
b5:73:c9:6c:d3:3d:f8:42:6d:e0:94:05:b6:ec:75:
a9:1f:e7:62:48:55:b2:66:fe:80:e5:37:f1:d1:da:
af:ea:7b:c5:fe:2a:21:7c:bc:a2:a4:0a:de:11:de:
fc:81:29:30:1b:a1:16:7f:dc:79:cb:35:c4:0b:80:
fe:81:74:11:9f:11:75:a1:b9:c5:79:ba:02:dd:79:
51:f7:71:c8:0c:0b:1d:b5:2b:34:95:2b:03:dd:78:
e1:a0:5f:c4:39:03:3a:92:47:a3:6a:94:88:3c:f8:
5a:eb:d0:83:9a:e2:be:54:7f:6a:39:4c:bd:21:83:
cd:ac:8b:3a:47:03:6c:34:e7:db:7f:d2:0d:9e:c8:
c0:1a:a2:74:d7:e2:24:6c:f0:7b:35:d8:f7:63:58:
42:7a:f7:bf:a7:24:d8:06:08:5a:f6:c5:d6:08:f2:
8b:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:A6:97:27:CB:70:7D:8C:6A:EB:BB:E0:F4:6E:02:A4:89:B3:9D:EC
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7244C8C4C28511EF9B497996762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.47.0/24
Signature Algorithm: sha256WithRSAEncryption
74:7e:1e:80:c0:5d:45:b8:6c:0d:c2:84:86:54:5e:08:ee:11:
19:fa:5c:da:f7:d3:05:ea:07:4d:09:0f:c5:68:18:1d:0d:f0:
20:37:12:3c:da:88:93:16:6f:cc:c2:01:25:b8:76:76:93:1e:
9b:1b:7b:7c:78:10:c0:01:67:ac:6a:c2:c7:55:73:36:4c:51:
6b:a1:27:e3:ed:c9:cd:05:68:13:5f:1b:80:6f:df:4e:0c:5d:
56:a9:ad:48:b3:32:b7:1d:75:eb:4c:90:eb:80:99:a6:ab:8d:
d4:34:ae:01:cd:af:c6:1c:c9:ba:2a:2a:39:92:4d:05:e6:32:
48:ec:2c:a7:10:1e:34:09:7d:68:91:76:bd:c6:d7:c2:88:de:
4d:1e:d2:93:1e:31:20:93:75:70:d8:23:a6:23:ad:e1:22:38:
b6:5c:a1:c7:85:cb:96:2a:b1:d7:c4:e1:1e:d3:67:ce:4d:d6:
45:f2:c3:50:fc:1d:c6:7a:88:71:0b:29:3f:3d:68:50:b9:ee:
50:a8:e7:c4:50:ba:b8:24:63:49:8f:2b:43:20:cc:1e:59:e2:
b3:3b:61:43:d4:13:7b:98:46:64:68:51:20:f6:a7:79:b2:24:
50:8b:94:72:83:f9:94:ba:c3:1f:d6:03:61:a5:9a:46:83:89:
82:1a:a9:de
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOkfMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI1MDU1OTQ0WhcNMjUxMjEwMDU1OTQ0WjAYMRYw
FAYDVQQDEw02NzZiOWY1My03Mjk5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtS0PNLDYoTgo4qiso38MshBi4kNqpE480znue4X3r1Ybw+NkoKHrBMj0
encakxp9tGivd/gPGrE8HTzZkRgAb6z8qJSYibg6VGBiTGuQfeMuNSMk/RZW7ia1
c8ls0z34Qm3glAW27HWpH+diSFWyZv6A5Tfx0dqv6nvF/iohfLyipAreEd78gSkw
G6EWf9x5yzXEC4D+gXQRnxF1obnFeboC3XlR93HIDAsdtSs0lSsD3XjhoF/EOQM6
kkejapSIPPha69CDmuK+VH9qOUy9IYPNrIs6RwNsNOfbf9INnsjAGqJ01+IkbPB7
Ndj3Y1hCeve/pyTYBgha9sXWCPKL7wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCCm
lyfLcH2Mauu74PRuAqSJs53sMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83MjQ0QzhDNEMyODUxMUVGOUI0OTc5OTY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOQvMA0GCSqGSIb3DQEBCwUA
A4IBAQB0fh6AwF1FuGwNwoSGVF4I7hEZ+lza99MF6gdNCQ/FaBgdDfAgNxI82oiT
Fm/MwgEluHZ2kx6bG3t8eBDAAWesasLHVXM2TFFroSfj7cnNBWgTXxuAb99ODF1W
qa1IszK3HXXrTJDrgJmmq43UNK4Bza/GHMm6Kio5kk0F5jJI7CynEB40CX1okXa9
xtfCiN5NHtKTHjEgk3Vw2COmI63hIji2XKHHhcuWKrHXxOEe02fOTdZF8sNQ/B3G
eohxCyk/PWhQue5QqOfEULq4JGNJjytDIMweWeKzO2FD1BN7mEZkaFEg9qd5siRQ
i5Ryg/mUusMf1gNhpZpGg4mCGqne
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:50:04 2025 by rpki-client