Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7B17E0B8C28411EF9092908E762E951A.roa
File: 7B17E0B8C28411EF9092908E762E951A.roa (raw, json)
Hash identifier: 8Lv+NUzee5l64RaVdw4O9xP/HlEwmtEqWG3Y5wXOqG8=
Subject key identifier: B6:F4:CB:2C:E3:5E:6E:5F:91:AD:C1:F6:A0:64:D4:18:C3:41:BF:1E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E913
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7B17E0B8C28411EF9092908E762E951A.roa
Signing time: Wed 25 Dec 2024 05:52:53 +0000
ROA not before: Wed 25 Dec 2024 05:52:49 +0000
ROA not after: Wed 10 Dec 2025 05:52:49 +0000
asID: 984
IP address blocks: 156.228.41.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59667 (0xe913)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 25 05:52:49 2024 GMT
Not After : Dec 10 05:52:49 2025 GMT
Subject: CN=676b9db5-0c41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:c4:56:71:1f:3b:13:84:8f:78:84:38:57:99:
f5:d6:53:c2:c1:fd:68:86:4b:7e:31:09:84:72:bc:
63:ab:3a:b7:f2:6b:c1:4e:7a:4b:d6:d4:15:ba:b3:
f3:21:42:8c:b7:da:7c:d1:e5:a6:d2:2c:c1:d1:58:
5d:ba:ae:37:f3:e6:56:3f:b8:84:22:65:71:e8:cd:
97:26:50:e8:cd:0b:11:84:a8:fa:46:1d:a3:de:70:
fc:80:f1:9f:d6:b4:9e:93:57:8c:30:8c:19:9c:1b:
b4:f2:07:45:23:96:ac:db:9e:7f:bf:7f:4b:d6:52:
fc:64:b3:f5:54:8c:20:3b:9d:23:d4:10:74:62:c4:
7e:aa:80:36:cd:3d:a6:62:d6:73:17:38:5c:e4:c3:
d9:3d:1e:db:b6:d3:9a:d9:eb:51:2c:39:5b:1e:86:
e2:d1:0d:04:89:17:9c:c0:d7:8d:f0:b5:de:fe:3a:
0a:df:57:b4:e9:ab:7b:31:85:22:f9:4c:a3:f7:f5:
c4:2f:f3:43:9e:62:d1:26:20:1d:81:ad:70:40:46:
c0:a1:44:4c:e6:f9:ff:ed:e1:15:79:b1:6d:e8:d5:
92:58:89:f8:c3:45:c7:b1:2a:75:73:98:e4:ef:9f:
ca:51:69:69:e9:d0:c2:d3:18:55:f7:fa:1f:b1:84:
05:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:F4:CB:2C:E3:5E:6E:5F:91:AD:C1:F6:A0:64:D4:18:C3:41:BF:1E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7B17E0B8C28411EF9092908E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.41.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:da:6c:00:c6:a3:38:df:62:e0:7f:9a:48:52:d1:4f:81:6c:
0b:43:67:16:dc:aa:f3:5d:9c:4c:0f:66:db:0d:44:3a:a6:0f:
0b:cc:c9:e2:ba:a8:90:de:d7:9d:af:40:48:1e:69:05:31:3d:
4a:93:80:62:a3:81:c2:ed:58:36:11:25:fd:3b:eb:c7:e7:5f:
d0:fe:de:e8:6b:21:f6:fa:20:e1:e1:03:50:24:c1:f9:22:14:
67:7a:4d:74:c2:e8:20:89:db:62:8d:f0:3c:72:69:c0:da:ad:
a1:77:07:15:07:68:d9:22:81:83:d3:aa:88:7b:fb:64:27:8e:
f9:0b:e1:b6:35:55:08:9c:6c:47:73:99:02:41:74:aa:ce:06:
fc:ab:e1:02:27:75:b7:19:c7:f0:b9:68:bd:d9:c2:98:e2:53:
3f:4a:ed:c6:7c:2c:f2:6a:fd:d1:57:89:7e:ac:41:32:3d:9e:
bc:c1:6e:3e:96:0f:24:0c:cb:f9:b8:27:ad:5c:05:d5:be:db:
57:1e:ea:ba:89:20:cf:e5:c9:3a:be:9c:15:e6:3d:30:33:6c:
74:6e:7e:ce:df:cf:58:92:86:ec:73:ca:b9:13:20:71:0a:71:
21:49:7e:f8:9a:47:3f:98:f0:cc:a4:4c:7a:de:80:be:30:6b:
d0:da:40:ef
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOkTMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI1MDU1MjQ5WhcNMjUxMjEwMDU1MjQ5WjAYMRYw
FAYDVQQDEw02NzZiOWRiNS0wYzQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtsRWcR87E4SPeIQ4V5n11lPCwf1ohkt+MQmEcrxjqzq38mvBTnpL1tQV
urPzIUKMt9p80eWm0izB0Vhduq438+ZWP7iEImVx6M2XJlDozQsRhKj6Rh2j3nD8
gPGf1rSek1eMMIwZnBu08gdFI5as255/v39L1lL8ZLP1VIwgO50j1BB0YsR+qoA2
zT2mYtZzFzhc5MPZPR7bttOa2etRLDlbHobi0Q0EiRecwNeN8LXe/joK31e06at7
MYUi+Uyj9/XEL/NDnmLRJiAdga1wQEbAoURM5vn/7eEVebFt6NWSWIn4w0XHsSp1
c5jk75/KUWlp6dDC0xhV9/ofsYQFSwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLb0
yyzjXm5fka3B9qBk1BjDQb8eMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83QjE3RTBCOEMyODQxMUVGOTA5MjkwOEU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOQpMA0GCSqGSIb3DQEBCwUA
A4IBAQBP2mwAxqM432Lgf5pIUtFPgWwLQ2cW3KrzXZxMD2bbDUQ6pg8LzMniuqiQ
3tedr0BIHmkFMT1Kk4Bio4HC7Vg2ESX9O+vH51/Q/t7oayH2+iDh4QNQJMH5IhRn
ek10wuggidtijfA8cmnA2q2hdwcVB2jZIoGD06qIe/tkJ475C+G2NVUInGxHc5kC
QXSqzgb8q+ECJ3W3GcfwuWi92cKY4lM/Su3GfCzyav3RV4l+rEEyPZ68wW4+lg8k
DMv5uCetXAXVvttXHuq6iSDP5ck6vpwV5j0wM2x0bn7O389Ykobsc8q5EyBxCnEh
SX74mkc/mPDMpEx63oC+MGvQ2kDv
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:47:17 2025 by rpki-client