Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/758ACF56C32F11EFAABF1A44762E951A.roa
File: 758ACF56C32F11EFAABF1A44762E951A.roa (raw, json)
Hash identifier: fq6PYjyprrhFGCil9yxpSN034UhB8sMgerR4qF3wCZA=
Subject key identifier: E0:2E:75:58:AC:F0:9F:AC:5B:52:EC:FC:7F:CA:75:D4:5C:C2:11:B5
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EAFB
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/758ACF56C32F11EFAABF1A44762E951A.roa
Signing time: Thu 26 Dec 2024 02:16:47 +0000
ROA not before: Thu 26 Dec 2024 02:16:44 +0000
ROA not after: Fri 10 Dec 2027 02:16:44 +0000
asID: 17561
IP address blocks: 156.243.228.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60155 (0xeafb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 02:16:44 2024 GMT
Not After : Dec 10 02:16:44 2027 GMT
Subject: CN=676cbc8f-5325
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:43:c2:a5:65:3f:71:a4:4a:1e:91:02:8b:73:
07:2d:e6:56:12:7a:e9:13:a3:dd:56:31:f8:7e:b0:
03:bd:ab:d4:61:bf:4c:e0:e0:17:5c:02:9e:a2:ab:
e0:2c:39:10:3d:ad:71:9e:79:54:37:cb:43:00:62:
c3:48:28:09:88:a3:80:e8:82:3e:dc:4a:26:d0:05:
31:5b:aa:8f:82:0b:10:fd:17:79:23:92:c7:69:ea:
b3:ae:b7:48:21:0f:d5:59:f9:0d:a5:5b:45:7e:7b:
48:d4:84:42:48:b4:f7:85:16:cb:d5:a6:d1:29:33:
e3:66:5e:2d:22:97:2b:c8:c1:c4:ed:45:ba:93:3e:
81:a4:c2:7f:2b:cf:d9:93:b8:db:f3:59:2d:59:a0:
15:13:da:3b:93:39:58:76:5a:e9:28:51:40:9b:48:
fb:d0:41:2d:79:6f:fe:3f:56:15:c6:72:dd:1d:d1:
6f:ad:0e:86:00:4b:45:cd:68:29:41:a2:ed:ed:a7:
e4:32:a6:8a:a8:13:ca:df:01:2d:24:6e:82:b7:5b:
da:61:c2:87:dd:e3:b9:0c:0c:ee:c1:13:41:4a:d3:
e8:c1:6c:14:de:5f:c0:ce:a1:25:a6:69:b7:09:2d:
a6:a6:bc:01:1d:ba:e3:43:d4:da:81:19:db:a6:95:
dd:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:2E:75:58:AC:F0:9F:AC:5B:52:EC:FC:7F:CA:75:D4:5C:C2:11:B5
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/758ACF56C32F11EFAABF1A44762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.228.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:b6:52:d6:a4:20:2a:f9:a5:05:1d:df:5b:33:cb:b4:ff:ec:
de:89:f5:9e:9f:a0:54:4c:02:e9:2f:ca:20:dd:1c:68:01:62:
9a:14:2c:e3:76:e2:fe:63:dc:e0:55:4d:e1:d9:16:1f:57:cb:
de:60:c2:85:0c:48:d7:56:00:94:de:c3:db:bc:23:7e:4f:2f:
21:44:a9:73:4d:80:0b:71:77:d9:73:9b:26:c1:a9:22:2c:d1:
4b:8a:d7:f6:09:ac:df:68:50:f5:a4:29:a2:c4:fc:8f:97:1f:
24:e8:a3:79:1d:08:df:41:9e:8c:1b:30:87:3d:d8:6f:f2:6d:
58:23:a2:b4:41:9a:0a:f0:45:56:51:c2:c9:42:ed:1c:c7:48:
ee:16:6b:85:40:4c:1a:b1:39:00:7d:c9:a5:3a:00:c9:b8:ef:
7f:59:c3:a6:cd:f4:0b:34:7f:f5:77:13:2f:7f:e7:00:d0:4d:
1c:6e:21:3f:69:bf:bb:87:7b:ac:3e:34:7d:8b:a1:33:cc:21:
6e:fd:c2:24:d8:ac:85:23:6f:d3:40:2c:c4:96:6a:7f:ae:fb:
0c:52:7e:71:98:74:d9:14:79:6f:a1:b7:80:f5:4e:5a:2e:04:
e3:46:a8:16:98:52:58:47:28:0d:1c:e8:26:55:5c:c2:94:63:
7f:2d:15:73
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOr7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDIxNjQ0WhcNMjcxMjEwMDIxNjQ0WjAYMRYw
FAYDVQQDEw02NzZjYmM4Zi01MzI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA30PCpWU/caRKHpECi3MHLeZWEnrpE6PdVjH4frADvavUYb9M4OAXXAKe
oqvgLDkQPa1xnnlUN8tDAGLDSCgJiKOA6II+3Eom0AUxW6qPggsQ/Rd5I5LHaeqz
rrdIIQ/VWfkNpVtFfntI1IRCSLT3hRbL1abRKTPjZl4tIpcryMHE7UW6kz6BpMJ/
K8/Zk7jb81ktWaAVE9o7kzlYdlrpKFFAm0j70EEteW/+P1YVxnLdHdFvrQ6GAEtF
zWgpQaLt7afkMqaKqBPK3wEtJG6Ct1vaYcKH3eO5DAzuwRNBStPowWwU3l/AzqEl
pmm3CS2mprwBHbrjQ9TagRnbppXd+QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOAu
dVis8J+sW1Ls/H/KddRcwhG1MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83NThBQ0Y1NkMzMkYxMUVGQUFCRjFBNDQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPPkMA0GCSqGSIb3DQEBCwUA
A4IBAQC1tlLWpCAq+aUFHd9bM8u0/+zeifWen6BUTALpL8og3RxoAWKaFCzjduL+
Y9zgVU3h2RYfV8veYMKFDEjXVgCU3sPbvCN+Ty8hRKlzTYALcXfZc5smwakiLNFL
itf2CazfaFD1pCmixPyPlx8k6KN5HQjfQZ6MGzCHPdhv8m1YI6K0QZoK8EVWUcLJ
Qu0cx0juFmuFQEwasTkAfcmlOgDJuO9/WcOmzfQLNH/1dxMvf+cA0E0cbiE/ab+7
h3usPjR9i6EzzCFu/cIk2KyFI2/TQCzElmp/rvsMUn5xmHTZFHlvobeA9U5aLgTj
RqgWmFJYRygNHOgmVVzClGN/LRVz
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:00:17 2025 by rpki-client