Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/77B4373CC94611EFAD369477762E951A.roa
File: 77B4373CC94611EFAD369477762E951A.roa (raw, json)
Hash identifier: q5Hxz42Lkg/KvJxLtTgeh842/ra6hCrJphAljAAeUNM=
Subject key identifier: 42:95:46:3D:C3:EA:03:CD:B7:57:6B:56:6B:C5:78:38:B8:64:21:A7
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F362
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/77B4373CC94611EFAD369477762E951A.roa
Signing time: Thu 02 Jan 2025 20:16:36 +0000
ROA not before: Thu 02 Jan 2025 20:16:33 +0000
ROA not after: Mon 13 Dec 2027 20:16:33 +0000
asID: 17561
IP address blocks: 156.225.44.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62306 (0xf362)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 2 20:16:33 2025 GMT
Not After : Dec 13 20:16:33 2027 GMT
Subject: CN=6776f424-9126
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:76:db:38:d6:5f:de:10:a8:bf:26:80:27:15:
55:07:5f:95:bf:c6:72:2f:b0:17:42:5e:2c:d8:0d:
8a:5d:36:92:51:1f:be:7c:cb:bf:49:22:4f:38:a4:
e0:ec:fb:20:7f:33:07:bf:7d:57:6d:90:da:04:09:
d9:34:c0:cf:2c:8c:ab:97:ab:44:c2:b5:da:00:89:
05:e4:af:6d:65:8b:b6:db:f7:7d:9c:da:99:bc:a3:
63:39:e2:38:ad:4c:7b:83:28:35:9d:31:e2:da:67:
84:9c:db:e3:f8:e8:0a:19:38:f1:ba:33:53:f9:39:
f3:81:67:38:60:f1:fe:a5:2c:fa:98:4f:5e:9c:49:
84:24:1f:de:5c:4c:ff:9e:43:bf:0e:14:d4:09:60:
ff:5a:a6:f2:81:99:0d:d0:9a:32:0e:8a:1f:2b:a7:
50:43:37:54:90:85:8c:ab:42:e2:23:07:64:64:be:
bf:db:bc:4b:19:7b:f3:2a:7e:ee:fc:3b:44:71:0f:
cd:04:90:a4:70:24:04:bc:68:39:c3:f6:ca:7c:3a:
7b:20:a9:85:aa:89:4f:f9:6e:58:71:8e:b7:44:05:
0d:ff:32:45:cd:11:18:8a:1a:d5:06:d2:aa:dc:09:
eb:4d:ab:03:e8:68:e7:75:7b:56:1f:e5:cd:e4:af:
2a:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:95:46:3D:C3:EA:03:CD:B7:57:6B:56:6B:C5:78:38:B8:64:21:A7
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/77B4373CC94611EFAD369477762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.44.0/24
Signature Algorithm: sha256WithRSAEncryption
87:29:0d:08:3a:48:ff:c3:c2:9d:59:89:a0:d9:79:6f:0a:4d:
ae:b5:3d:a8:3d:7e:ef:b2:99:3e:67:a4:0b:12:3f:0f:55:d8:
32:0b:d2:6e:c8:04:dc:9e:1b:d6:b4:71:aa:7f:2f:62:c2:9e:
67:85:f6:1f:6b:b9:a2:49:e3:80:5a:74:c1:98:0a:70:c2:6c:
9f:06:61:0c:ec:38:76:1f:6e:0f:e4:37:25:72:b3:03:fa:04:
39:24:a2:e4:cf:55:8a:0b:d3:0e:89:aa:1b:b0:8b:cc:a9:9a:
40:3a:e8:6e:dc:50:c6:6e:7b:d5:ef:b0:54:0e:82:df:a1:e9:
4b:1c:e2:77:d9:f9:aa:bf:4a:1f:b5:1f:4b:e7:48:38:e6:c5:
f2:12:4d:91:09:6e:91:f8:cf:cc:d9:af:67:f3:db:c4:10:2a:
25:55:94:00:0c:b4:d1:b4:91:55:ba:b1:ec:36:38:12:d0:7e:
49:cf:bd:33:12:8e:9e:ee:4e:c3:7b:9c:94:f2:a1:83:88:2a:
96:19:66:7c:aa:ef:21:86:17:78:49:9f:8d:62:c1:aa:e1:c4:
12:f9:e0:1b:5b:75:d5:06:76:0c:82:5b:94:18:60:ca:fa:22:
c2:6e:72:b2:9a:ba:9e:ba:0f:d6:8f:a2:99:cd:9c:e8:ea:a7:
5b:fd:b4:b1
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPNiMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAyMjAxNjMzWhcNMjcxMjEzMjAxNjMzWjAYMRYw
FAYDVQQDEw02Nzc2ZjQyNC05MTI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAs3bbONZf3hCovyaAJxVVB1+Vv8ZyL7AXQl4s2A2KXTaSUR++fMu/SSJP
OKTg7PsgfzMHv31XbZDaBAnZNMDPLIyrl6tEwrXaAIkF5K9tZYu22/d9nNqZvKNj
OeI4rUx7gyg1nTHi2meEnNvj+OgKGTjxujNT+TnzgWc4YPH+pSz6mE9enEmEJB/e
XEz/nkO/DhTUCWD/WqbygZkN0JoyDoofK6dQQzdUkIWMq0LiIwdkZL6/27xLGXvz
Kn7u/DtEcQ/NBJCkcCQEvGg5w/bKfDp7IKmFqolP+W5YcY63RAUN/zJFzREYihrV
BtKq3AnrTasD6GjndXtWH+XN5K8qIQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEKV
Rj3D6gPNt1drVmvFeDi4ZCGnMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83N0I0MzczQ0M5NDYxMUVGQUQzNjk0Nzc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOEsMA0GCSqGSIb3DQEBCwUA
A4IBAQCHKQ0IOkj/w8KdWYmg2XlvCk2utT2oPX7vspk+Z6QLEj8PVdgyC9JuyATc
nhvWtHGqfy9iwp5nhfYfa7miSeOAWnTBmApwwmyfBmEM7Dh2H24P5DclcrMD+gQ5
JKLkz1WKC9MOiaobsIvMqZpAOuhu3FDGbnvV77BUDoLfoelLHOJ32fmqv0oftR9L
50g45sXyEk2RCW6R+M/M2a9n89vEEColVZQADLTRtJFVurHsNjgS0H5Jz70zEo6e
7k7De5yU8qGDiCqWGWZ8qu8hhhd4SZ+NYsGq4cQS+eAbW3XVBnYMgluUGGDK+iLC
bnKymrqeug/Wj6KZzZzo6qdb/bSx
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:53:31 2025 by rpki-client