Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/72568624C35A11EF8F9A9E5B762E951A.roa
File: 72568624C35A11EF8F9A9E5B762E951A.roa (raw, json)
Hash identifier: IScedLivp9OfEui6o0YIIIE3ozt8hVg7sB0hqlgI64w=
Subject key identifier: F6:76:F0:23:E8:8B:F4:A9:E2:9A:CF:CC:F3:FC:1A:1F:D8:2A:34:E5
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EC5B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/72568624C35A11EF8F9A9E5B762E951A.roa
Signing time: Thu 26 Dec 2024 07:24:31 +0000
ROA not before: Thu 26 Dec 2024 07:24:27 +0000
ROA not after: Sun 23 Feb 2025 07:24:27 +0000
asID: 63139
IP address blocks: 156.229.2.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60507 (0xec5b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 07:24:27 2024 GMT
Not After : Feb 23 07:24:27 2025 GMT
Subject: CN=676d04ae-8976
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:c3:66:9e:7f:25:d7:60:63:cd:3a:45:f8:42:
24:2a:12:48:df:54:b8:c6:e1:bc:1e:4d:3d:ea:a3:
3e:93:b2:43:84:72:46:b1:75:8f:44:31:80:f2:2c:
4d:cc:81:a1:96:d1:4b:45:cf:ae:32:8d:2e:04:6c:
f6:41:dc:bd:4b:3e:34:ab:4b:c5:b0:78:3b:5d:b1:
08:00:3a:28:4e:39:cf:89:e9:66:57:ff:c0:22:f2:
d4:a5:e5:c3:03:2a:00:d5:50:9d:59:84:af:87:34:
85:a6:ea:9e:ed:76:f3:e2:28:c2:43:eb:05:04:48:
90:63:6a:82:13:bb:43:df:15:87:22:47:6c:58:0f:
9f:22:d1:c1:b3:23:83:6e:b3:0e:16:2b:bc:7c:29:
6b:98:4a:94:de:d9:0a:37:56:a2:5c:00:e6:5d:e3:
7f:04:d7:1a:26:f9:9a:29:8d:d2:fd:e1:f8:20:13:
74:df:72:c0:b7:ce:ec:ac:bb:f4:23:be:29:71:17:
d1:d7:a7:1f:e7:e8:fd:1f:1b:5b:04:96:76:df:05:
66:7c:bd:ab:a4:a2:78:72:04:1f:03:21:6e:5c:62:
1d:93:75:1d:1c:65:15:eb:5d:51:94:d6:6f:db:fe:
30:a8:4b:b5:42:b6:6d:70:90:ab:29:34:db:77:93:
3d:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:76:F0:23:E8:8B:F4:A9:E2:9A:CF:CC:F3:FC:1A:1F:D8:2A:34:E5
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/72568624C35A11EF8F9A9E5B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.2.0/23
Signature Algorithm: sha256WithRSAEncryption
2e:90:eb:ce:79:e6:10:24:5e:f2:c2:2a:de:e1:bf:79:df:3c:
3d:1b:58:66:32:e5:a0:00:06:ed:24:33:0c:19:e2:a1:f2:8b:
f3:fa:f7:77:ae:ca:0d:82:a1:bd:b4:6f:88:62:3f:8d:d3:fa:
47:e6:6a:87:a5:8f:4e:b4:59:bc:4d:c9:2b:6f:11:2b:ad:cf:
cb:2c:d0:98:d7:72:b4:04:db:17:bd:83:4a:af:92:f6:20:f5:
cc:bb:3e:fc:b3:e0:07:aa:93:6d:a5:73:4c:27:bb:39:91:8a:
1e:59:16:27:71:dd:70:1f:c9:84:5d:dc:c9:a3:73:56:ed:2c:
d3:d8:91:d8:12:38:68:79:5a:d8:7e:b7:d5:c5:2b:ae:3d:f5:
55:ca:eb:93:7b:4a:a2:c9:cc:3a:cc:25:4c:da:07:b3:af:9e:
bd:f6:d1:25:46:03:45:62:7c:ec:47:06:2b:e0:a5:b5:b0:4c:
ef:48:3e:6a:dc:92:c2:af:bb:95:76:5e:cd:f0:d4:66:3f:29:
b1:e8:d0:46:49:b0:e1:90:99:16:d5:d3:50:d3:a4:2d:1e:4f:
ce:01:36:56:97:01:90:d5:fc:d9:75:66:62:d5:10:60:7f:98:
59:38:82:5a:7b:57:04:5c:01:ba:01:ca:8f:e7:b5:14:d3:4a:
23:26:d6:ff
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOxbMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDcyNDI3WhcNMjUwMjIzMDcyNDI3WjAYMRYw
FAYDVQQDEw02NzZkMDRhZS04OTc2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2MNmnn8l12BjzTpF+EIkKhJI31S4xuG8Hk096qM+k7JDhHJGsXWPRDGA
8ixNzIGhltFLRc+uMo0uBGz2Qdy9Sz40q0vFsHg7XbEIADooTjnPielmV//AIvLU
peXDAyoA1VCdWYSvhzSFpuqe7Xbz4ijCQ+sFBEiQY2qCE7tD3xWHIkdsWA+fItHB
syODbrMOFiu8fClrmEqU3tkKN1aiXADmXeN/BNcaJvmaKY3S/eH4IBN033LAt87s
rLv0I74pcRfR16cf5+j9HxtbBJZ23wVmfL2rpKJ4cgQfAyFuXGIdk3UdHGUV611R
lNZv2/4wqEu1QrZtcJCrKTTbd5M9cwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPZ2
8CPoi/Sp4prPzPP8Gh/YKjTlMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83MjU2ODYyNEMzNUExMUVGOEY5QTlFNUI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnOUCMA0GCSqGSIb3DQEBCwUA
A4IBAQAukOvOeeYQJF7ywire4b953zw9G1hmMuWgAAbtJDMMGeKh8ovz+vd3rsoN
gqG9tG+IYj+N0/pH5mqHpY9OtFm8TckrbxErrc/LLNCY13K0BNsXvYNKr5L2IPXM
uz78s+AHqpNtpXNMJ7s5kYoeWRYncd1wH8mEXdzJo3NW7SzT2JHYEjhoeVrYfrfV
xSuuPfVVyuuTe0qiycw6zCVM2gezr5699tElRgNFYnzsRwYr4KW1sEzvSD5q3JLC
r7uVdl7N8NRmPymx6NBGSbDhkJkW1dNQ06QtHk/OATZWlwGQ1fzZdWZi1RBgf5hZ
OIJae1cEXAG6AcqP57UU00ojJtb/
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:52:10 2025 by rpki-client