Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7A11D846C34B11EF9A73F37C762E951A.roa
File: 7A11D846C34B11EF9A73F37C762E951A.roa (raw, json)
Hash identifier: FWdsexUsaKw/00qSX9RIEDlBv6Vz+2L8dKK25D4sglk=
Subject key identifier: DA:7C:C1:1E:87:33:9D:14:C2:1A:70:F6:10:76:EF:8F:16:72:68:EF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EC43
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7A11D846C34B11EF9A73F37C762E951A.roa
Signing time: Thu 26 Dec 2024 05:37:21 +0000
ROA not before: Thu 26 Dec 2024 05:37:17 +0000
ROA not after: Wed 10 Dec 2025 05:37:17 +0000
asID: 984
IP address blocks: 156.245.228.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60483 (0xec43)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 05:37:17 2024 GMT
Not After : Dec 10 05:37:17 2025 GMT
Subject: CN=676ceb91-e231
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:34:75:4d:90:1c:1d:a1:79:2b:e9:14:1a:59:
12:38:93:1e:9e:da:8a:b4:8d:65:fb:e9:4d:e8:b1:
17:22:99:8d:04:8a:0f:81:f8:02:83:bd:6e:a5:2b:
c2:d0:7e:c4:5e:3b:b1:8a:fa:24:a8:15:31:b3:e7:
5a:d5:3f:87:0c:32:51:b7:a3:ab:f7:fe:c3:ed:62:
51:de:9c:77:80:25:7c:2f:fd:85:f0:1c:80:5d:4a:
78:d0:d3:9e:22:67:79:82:3a:be:d5:c1:8e:30:ee:
7e:d9:09:50:94:02:11:f0:4c:68:3e:e9:c9:bd:24:
f4:fa:37:95:e3:dd:d9:d3:e8:8f:72:39:cb:f6:79:
b1:2e:88:87:d0:2d:f1:42:1a:ce:32:cb:20:55:3f:
78:09:2a:c0:2b:9e:00:25:9d:31:3a:ce:40:9d:ea:
80:97:de:d7:59:a5:e1:b8:af:49:29:07:f8:72:d2:
f7:a5:da:c5:bc:fb:44:b7:7d:bf:4b:07:8d:92:ad:
ca:9f:46:5a:22:fe:34:fa:55:32:95:70:bc:1c:8d:
2b:aa:0c:70:d9:39:43:37:79:4e:ba:15:4d:f5:b1:
58:21:5d:c2:72:e9:d9:92:d4:2e:10:80:61:3a:b5:
91:7b:7a:2d:47:97:40:27:9f:8c:3e:81:52:53:bc:
64:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:7C:C1:1E:87:33:9D:14:C2:1A:70:F6:10:76:EF:8F:16:72:68:EF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7A11D846C34B11EF9A73F37C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.245.228.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:61:b4:11:27:06:88:1f:0d:44:b2:60:d8:c2:2f:7d:22:67:
3f:03:69:63:13:01:8b:b2:ef:89:85:01:96:4c:98:d7:0c:c3:
29:eb:b2:5f:80:48:dc:51:5e:93:25:ae:4b:1f:79:36:5c:64:
e2:e3:c0:19:5c:fb:6a:2d:f5:c4:47:40:b8:30:e3:9e:c4:13:
27:59:38:eb:b2:2a:4d:4f:5e:fc:82:8d:d0:b0:fe:c9:70:0e:
3f:63:b8:d1:20:55:d8:f7:d4:14:10:af:bc:20:21:af:b8:a9:
53:a1:2c:1f:f2:0d:c2:f0:c0:29:24:44:2b:38:7e:e9:0b:36:
a5:19:43:d7:cb:0e:08:87:e3:af:46:31:91:68:9e:f5:96:28:
17:df:93:a5:00:15:7d:69:ce:64:23:57:e2:1e:a3:65:ba:88:
14:38:27:37:05:5e:d6:56:ed:3c:9b:0e:c9:c5:15:76:56:c5:
d1:33:bc:bc:f1:8e:25:b9:8f:f8:93:65:32:2f:e2:3e:a2:8f:
7f:6a:6b:a8:df:69:b9:c0:12:e1:79:fa:3c:d8:28:e8:8d:84:
61:71:20:b0:a9:40:82:ac:3b:21:14:8d:ed:b3:37:df:45:01:
0e:68:39:f0:76:18:e3:26:54:cb:e5:9b:f3:c4:da:76:8f:c7:
21:6d:d2:b8
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOxDMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDUzNzE3WhcNMjUxMjEwMDUzNzE3WjAYMRYw
FAYDVQQDEw02NzZjZWI5MS1lMjMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2DR1TZAcHaF5K+kUGlkSOJMentqKtI1l++lN6LEXIpmNBIoPgfgCg71u
pSvC0H7EXjuxivokqBUxs+da1T+HDDJRt6Or9/7D7WJR3px3gCV8L/2F8ByAXUp4
0NOeImd5gjq+1cGOMO5+2QlQlAIR8ExoPunJvST0+jeV493Z0+iPcjnL9nmxLoiH
0C3xQhrOMssgVT94CSrAK54AJZ0xOs5AneqAl97XWaXhuK9JKQf4ctL3pdrFvPtE
t32/SweNkq3Kn0ZaIv40+lUylXC8HI0rqgxw2TlDN3lOuhVN9bFYIV3CcunZktQu
EIBhOrWRe3otR5dAJ5+MPoFSU7xkxQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNp8
wR6HM50Uwhpw9hB2748WcmjvMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83QTExRDg0NkMzNEIxMUVGOUE3M0YzN0M3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPXkMA0GCSqGSIb3DQEBCwUA
A4IBAQCmYbQRJwaIHw1EsmDYwi99Imc/A2ljEwGLsu+JhQGWTJjXDMMp67JfgEjc
UV6TJa5LH3k2XGTi48AZXPtqLfXER0C4MOOexBMnWTjrsipNT178go3QsP7JcA4/
Y7jRIFXY99QUEK+8ICGvuKlToSwf8g3C8MApJEQrOH7pCzalGUPXyw4Ih+OvRjGR
aJ71ligX35OlABV9ac5kI1fiHqNluogUOCc3BV7WVu08mw7JxRV2VsXRM7y88Y4l
uY/4k2UyL+I+oo9/amuo32m5wBLhefo82CjojYRhcSCwqUCCrDshFI3tszffRQEO
aDnwdhjjJlTL5ZvzxNp2j8chbdK4
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:37:24 2025 by rpki-client