Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/80C76056EB6511EFBD8ABFAB762E951A.roa
File: 80C76056EB6511EFBD8ABFAB762E951A.roa (raw, json)
Hash identifier: ML3JO5tpBhyDbBspibQvmhvoz5oBEdU+JTA8R3qXZ+Q=
Subject key identifier: 33:2F:65:75:38:EE:65:A7:68:BD:58:82:91:51:9D:1F:7B:9B:4F:AF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0123A8
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/80C76056EB6511EFBD8ABFAB762E951A.roa
Signing time: Sat 15 Feb 2025 06:24:26 +0000
ROA not before: Sat 15 Feb 2025 06:24:22 +0000
ROA not after: Sat 22 Feb 2025 06:24:22 +0000
asID: 152700
IP address blocks: 156.228.126.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 21 Feb 2025 00:26:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74664 (0x123a8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 15 06:24:22 2025 GMT
Not After : Feb 22 06:24:22 2025 GMT
Subject: CN=67b0331a-63a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:e4:15:01:f2:3a:72:7c:1e:4f:d6:09:0f:8c:
7b:4c:02:4b:82:e3:de:9d:3b:01:9d:e8:c3:e0:cd:
e2:29:ca:f9:3b:f2:08:60:33:02:4a:81:b5:cb:fc:
2c:81:6f:b0:b6:cc:2a:ea:bf:fb:66:62:1a:a3:35:
40:9c:cc:ec:6c:00:e2:2b:34:1d:ba:b0:02:cf:d0:
75:b8:fd:91:c5:fc:08:a4:26:87:ee:7c:74:d8:30:
f9:f8:75:47:cc:90:d9:22:aa:72:66:6e:5e:0a:80:
08:61:1a:aa:35:a7:d7:25:46:e2:73:2c:b5:be:35:
94:61:04:02:e3:1f:90:13:76:ba:3e:1a:52:af:8b:
31:c3:44:7a:37:6a:2c:a3:1b:2d:db:ac:0a:bf:41:
6d:3d:4d:87:1e:09:d1:86:6b:42:3f:51:59:57:75:
7a:95:7f:68:f4:dc:68:fd:1f:bb:13:21:98:cd:60:
fe:fb:42:e9:2c:2d:8a:6f:5d:c7:f0:a8:72:e0:8a:
e6:35:f0:e5:95:c9:63:c1:1a:26:f3:b5:a6:7d:01:
57:07:36:28:66:b3:8a:ec:9f:60:a8:82:8a:07:4d:
a2:1e:18:fd:dc:94:bf:8f:d7:cc:fb:ac:d6:af:ca:
c5:3c:de:2f:1c:f0:5d:60:6e:ef:a2:13:5a:1c:2e:
6d:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:2F:65:75:38:EE:65:A7:68:BD:58:82:91:51:9D:1F:7B:9B:4F:AF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/80C76056EB6511EFBD8ABFAB762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.126.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:2e:bf:ed:6c:5d:e4:f8:f8:c9:1f:1d:93:ab:24:76:26:81:
c8:ee:e7:ca:f2:c8:c2:78:dd:af:61:9a:72:28:8f:f5:4d:c0:
38:08:80:ae:a5:55:f2:2c:84:07:7f:30:34:5e:74:6b:cb:a6:
aa:e6:f0:2c:4a:e0:bc:12:13:61:96:66:6d:82:3e:c6:b6:dd:
03:39:5e:3d:79:05:b6:db:8c:94:6e:8a:0c:b4:d5:9c:e9:da:
19:60:5e:d5:91:93:95:5e:6f:6f:d3:af:d9:f1:e6:70:bf:35:
c9:18:24:7f:3e:8f:59:63:07:e2:45:1b:ad:36:74:cf:03:38:
98:e0:1c:28:99:fa:a1:24:d0:63:52:5c:07:e7:cb:89:24:28:
7e:ac:e8:28:98:5f:5a:00:82:89:6a:b4:41:f2:a1:02:5d:56:
c2:dd:0a:1b:ac:51:e3:10:b0:14:34:39:57:5a:6c:c9:68:89:
d2:8f:5b:0b:b1:a8:b9:9e:17:3a:3a:f5:3d:ad:c5:c4:88:bb:
d2:16:a2:6d:56:7d:39:6c:b7:4c:b5:e8:c7:43:42:07:47:f0:
52:a6:43:40:60:59:aa:06:a5:72:13:a3:07:2d:b0:94:23:79:
9c:9b:1c:87:f5:aa:34:d9:9f:54:ed:11:16:e1:8b:a5:30:36:
f3:d5:46:43
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDASOoMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjE1MDYyNDIyWhcNMjUwMjIyMDYyNDIyWjAYMRYw
FAYDVQQDEw02N2IwMzMxYS02M2ExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7uQVAfI6cnweT9YJD4x7TAJLguPenTsBnejD4M3iKcr5O/IIYDMCSoG1
y/wsgW+wtswq6r/7ZmIaozVAnMzsbADiKzQdurACz9B1uP2RxfwIpCaH7nx02DD5
+HVHzJDZIqpyZm5eCoAIYRqqNafXJUbicyy1vjWUYQQC4x+QE3a6PhpSr4sxw0R6
N2osoxst26wKv0FtPU2HHgnRhmtCP1FZV3V6lX9o9Nxo/R+7EyGYzWD++0LpLC2K
b13H8Khy4IrmNfDllcljwRom87WmfQFXBzYoZrOK7J9gqIKKB02iHhj93JS/j9fM
+6zWr8rFPN4vHPBdYG7vohNaHC5tLQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDMv
ZXU47mWnaL1YgpFRnR97m0+vMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84MEM3NjA1NkVCNjUxMUVGQkQ4QUJGQUI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOR+MA0GCSqGSIb3DQEBCwUA
A4IBAQCuLr/tbF3k+PjJHx2TqyR2JoHI7ufK8sjCeN2vYZpyKI/1TcA4CICupVXy
LIQHfzA0XnRry6aq5vAsSuC8EhNhlmZtgj7Gtt0DOV49eQW224yUbooMtNWc6doZ
YF7VkZOVXm9v06/Z8eZwvzXJGCR/Po9ZYwfiRRutNnTPAziY4BwomfqhJNBjUlwH
58uJJCh+rOgomF9aAIKJarRB8qECXVbC3QobrFHjELAUNDlXWmzJaInSj1sLsai5
nhc6OvU9rcXEiLvSFqJtVn05bLdMtejHQ0IHR/BSpkNAYFmqBqVyE6MHLbCUI3mc
mxyH9ao02Z9U7REW4YulMDbz1UZD
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:58:45 2025 by rpki-client