Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/77FFB104C33C11EFB12D549F762E951A.roa
File: 77FFB104C33C11EFB12D549F762E951A.roa (raw, json)
Hash identifier: zqc8oGlqrjLj+GOhM3ouNrOzhNfwL6yxEDUOYwyaVcg=
Subject key identifier: C4:B7:35:72:80:D6:97:5D:68:E5:5F:DB:CD:DE:71:39:FB:C6:98:D7
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EB95
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/77FFB104C33C11EFB12D549F762E951A.roa
Signing time: Thu 26 Dec 2024 03:49:55 +0000
ROA not before: Thu 26 Dec 2024 03:49:52 +0000
ROA not after: Fri 10 Dec 2027 03:49:52 +0000
asID: 17561
IP address blocks: 156.244.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60309 (0xeb95)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 03:49:52 2024 GMT
Not After : Dec 10 03:49:52 2027 GMT
Subject: CN=676cd263-2e77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:27:89:cd:2b:7e:50:4d:ac:ff:82:c1:01:9b:
1b:c5:25:bc:57:92:08:ce:79:b5:37:75:d5:6d:87:
f1:92:2c:09:1b:03:7d:4d:b2:f4:dd:d9:65:b3:32:
aa:a6:1f:bf:44:97:22:99:9d:a4:30:17:6a:88:12:
8a:b6:82:95:78:31:ba:4a:5b:f8:e4:db:8f:1e:cf:
4b:79:e3:57:63:63:3d:df:0f:ef:ee:6d:1e:e5:6a:
5e:72:d4:f1:f1:15:86:06:8a:eb:fd:45:43:57:cd:
14:11:50:22:5f:35:59:a3:33:5c:63:5c:17:23:1a:
b1:2c:58:da:cf:7d:60:ef:c8:cc:ad:00:8d:1c:26:
da:6b:19:09:d1:2a:f2:7c:ac:f1:73:45:14:39:04:
cc:6b:b7:95:0e:75:37:00:2e:95:be:ed:0a:d9:82:
70:11:ac:11:7d:5b:06:aa:42:e1:87:06:ae:aa:4c:
e0:f3:ae:65:68:9f:86:e4:66:4f:99:ac:17:79:82:
d3:30:47:3e:3e:c3:de:65:7e:53:62:8a:d9:06:51:
e7:c5:4f:81:f1:2d:13:ab:4b:1d:07:6f:42:a0:e6:
23:a0:75:92:0d:c3:a2:ed:1d:4b:50:54:31:5a:e6:
7e:4a:ba:7b:4e:42:1f:21:dc:0b:bc:90:e8:30:ef:
42:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:B7:35:72:80:D6:97:5D:68:E5:5F:DB:CD:DE:71:39:FB:C6:98:D7
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/77FFB104C33C11EFB12D549F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.244.198.0/24
Signature Algorithm: sha256WithRSAEncryption
32:1b:05:b1:72:38:0a:c3:07:7c:3b:06:7d:ae:e2:47:a8:1e:
56:ab:5e:40:21:3b:1a:54:1a:4e:85:3b:63:ee:69:a6:88:f2:
34:cc:9f:75:4e:96:dd:55:14:4b:80:73:d9:39:cf:7d:f5:e4:
6f:7a:73:35:45:03:4f:de:5e:f9:8d:8d:4b:25:7a:9f:11:0c:
82:be:bc:4c:7b:94:6b:f0:79:73:3a:19:f9:12:9c:75:49:ec:
52:8a:bc:1c:35:39:c2:34:74:6b:3c:11:a6:a8:4d:23:7b:99:
ea:7f:86:8e:e6:8b:8c:5c:52:d1:c0:61:83:b9:58:67:a6:4a:
cc:6b:0a:e0:92:3f:f8:a7:ee:79:9b:a1:5c:cf:f2:eb:d4:b2:
03:0b:6e:4a:1f:c1:a8:6f:74:ca:11:74:00:d3:b7:65:35:ea:
e3:45:9f:7b:93:c4:47:6a:4a:f4:e5:13:57:72:ff:2b:f0:1d:
a9:d0:cf:03:17:78:e0:33:16:ee:41:70:46:f7:71:9a:66:03:
bc:2a:64:8b:5e:72:1f:23:d0:4a:07:99:db:ea:d5:79:55:c4:
0e:0c:49:ba:9d:8f:d1:d2:7e:8b:84:1c:0a:ec:13:f8:5d:9b:
ff:49:3e:cc:84:b3:c8:cc:9d:c1:ff:56:a0:ad:e5:bd:1d:21:
78:77:db:1d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOuVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDM0OTUyWhcNMjcxMjEwMDM0OTUyWjAYMRYw
FAYDVQQDEw02NzZjZDI2My0yZTc3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAryeJzSt+UE2s/4LBAZsbxSW8V5IIznm1N3XVbYfxkiwJGwN9TbL03dll
szKqph+/RJcimZ2kMBdqiBKKtoKVeDG6Slv45NuPHs9LeeNXY2M93w/v7m0e5Wpe
ctTx8RWGBorr/UVDV80UEVAiXzVZozNcY1wXIxqxLFjaz31g78jMrQCNHCbaaxkJ
0SryfKzxc0UUOQTMa7eVDnU3AC6Vvu0K2YJwEawRfVsGqkLhhwauqkzg865laJ+G
5GZPmawXeYLTMEc+PsPeZX5TYorZBlHnxU+B8S0Tq0sdB29CoOYjoHWSDcOi7R1L
UFQxWuZ+Srp7TkIfIdwLvJDoMO9CbQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMS3
NXKA1pddaOVf283ecTn7xpjXMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83N0ZGQjEwNEMzM0MxMUVGQjEyRDU0OUY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPTGMA0GCSqGSIb3DQEBCwUA
A4IBAQAyGwWxcjgKwwd8OwZ9ruJHqB5Wq15AITsaVBpOhTtj7mmmiPI0zJ91Tpbd
VRRLgHPZOc999eRvenM1RQNP3l75jY1LJXqfEQyCvrxMe5Rr8HlzOhn5Epx1SexS
irwcNTnCNHRrPBGmqE0je5nqf4aO5ouMXFLRwGGDuVhnpkrMawrgkj/4p+55m6Fc
z/Lr1LIDC25KH8Gob3TKEXQA07dlNerjRZ97k8RHakr05RNXcv8r8B2p0M8DF3jg
MxbuQXBG93GaZgO8KmSLXnIfI9BKB5nb6tV5VcQODEm6nY/R0n6LhBwK7BP4XZv/
ST7MhLPIzJ3B/1agreW9HSF4d9sd
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:52:21 2025 by rpki-client