Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/828F6372C98511EFB85E3B9D762E951A.roa
File: 828F6372C98511EFB85E3B9D762E951A.roa (raw, json)
Hash identifier: dIzMoSANEF/Mjvq9u00AJ2MtPwMsmUfmMm5fPhY5LKo=
Subject key identifier: 3E:60:6A:70:35:21:FA:E1:ED:BA:4D:8B:92:68:15:5C:B0:B1:79:33
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F579
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/828F6372C98511EFB85E3B9D762E951A.roa
Signing time: Fri 03 Jan 2025 03:47:53 +0000
ROA not before: Fri 03 Jan 2025 03:47:49 +0000
ROA not after: Sat 13 Dec 2025 03:47:49 +0000
asID: 984
IP address blocks: 156.232.73.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62841 (0xf579)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 03:47:49 2025 GMT
Not After : Dec 13 03:47:49 2025 GMT
Subject: CN=67775de9-c963
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:69:f6:0a:5f:4e:e2:73:0e:78:3f:ac:80:47:
0f:88:22:24:79:a4:b5:4d:4f:33:6a:df:ed:5c:d2:
95:0d:33:f5:9b:e7:69:b8:0f:6a:40:85:b0:01:6b:
b8:89:38:59:42:f2:e6:c1:31:25:6d:6f:9f:c7:30:
fc:93:fc:93:ea:98:37:99:68:67:13:e3:bd:68:97:
30:16:40:3e:46:6d:da:7c:87:33:7f:b3:ab:20:9b:
89:aa:4a:0a:b0:07:96:bc:44:c9:c5:db:c0:78:c7:
eb:9a:7f:9e:f3:b8:65:59:8a:b3:ed:8b:19:ff:c8:
75:64:f7:97:b2:e5:02:27:b2:06:d6:77:ee:0b:b0:
44:a9:d8:9b:c4:41:c3:54:37:5c:c4:84:92:b4:a4:
8b:2a:a7:ec:12:0b:ac:17:4b:69:de:1d:b0:fd:89:
23:37:6e:09:52:fa:dd:2c:2c:6a:d1:39:9a:f3:5f:
82:21:38:b4:48:15:29:2e:e4:b6:f4:0c:e5:5e:93:
1a:85:59:65:13:11:8f:ac:b4:ef:f7:cf:9d:47:d7:
a1:d9:0f:6e:c9:b6:58:e2:26:86:cc:15:86:fd:dc:
b0:d3:a0:d1:23:52:d5:6a:c4:8e:f3:85:d2:0f:ee:
a1:69:72:75:c3:be:41:b3:19:dd:be:7d:53:8d:4e:
88:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:60:6A:70:35:21:FA:E1:ED:BA:4D:8B:92:68:15:5C:B0:B1:79:33
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/828F6372C98511EFB85E3B9D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.232.73.0/24
Signature Algorithm: sha256WithRSAEncryption
82:59:4b:e7:b5:72:1b:ed:1d:09:a5:8b:e1:5a:73:3c:d0:bb:
30:49:a5:bd:7a:92:eb:c9:4e:18:db:5f:5d:b0:f5:01:74:51:
8c:d9:64:53:8e:93:86:c2:bb:64:e6:68:e1:6a:51:d9:58:92:
1a:c4:69:5e:d1:e1:93:b0:94:01:f1:b9:88:a5:7a:d8:63:84:
21:b9:f0:fd:1c:a5:25:6c:ec:7c:8a:5e:9b:59:35:c6:32:f3:
53:8f:97:12:46:1b:a1:13:53:48:c7:a5:1e:b3:da:29:3a:75:
d7:40:ff:60:f4:18:3a:3a:1b:e6:94:5b:29:bb:bb:4e:ea:51:
72:65:f0:a5:2f:1f:37:56:fe:86:22:92:2b:d2:39:b4:8d:09:
1a:87:b6:e7:61:80:ae:69:33:37:e9:0c:6f:a5:bc:92:1a:53:
86:ed:4a:ec:55:29:70:68:5f:2e:99:e6:ba:78:ab:2c:b7:ce:
33:98:97:59:90:17:17:01:91:99:96:af:47:64:e1:3f:25:ce:
0b:fc:8e:ac:4d:5c:b0:12:83:b7:63:df:76:f2:54:b0:de:ee:
2e:ec:17:e0:71:35:74:3c:b1:23:d3:40:8b:8a:bf:af:1b:40:
fc:be:f6:fd:a3:37:e9:04:8b:35:aa:c0:17:a0:ce:19:da:fc:
20:5b:a8:15
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPV5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDM0NzQ5WhcNMjUxMjEzMDM0NzQ5WjAYMRYw
FAYDVQQDEw02Nzc3NWRlOS1jOTYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAx2n2Cl9O4nMOeD+sgEcPiCIkeaS1TU8zat/tXNKVDTP1m+dpuA9qQIWw
AWu4iThZQvLmwTElbW+fxzD8k/yT6pg3mWhnE+O9aJcwFkA+Rm3afIczf7OrIJuJ
qkoKsAeWvETJxdvAeMfrmn+e87hlWYqz7YsZ/8h1ZPeXsuUCJ7IG1nfuC7BEqdib
xEHDVDdcxISStKSLKqfsEgusF0tp3h2w/YkjN24JUvrdLCxq0Tma81+CITi0SBUp
LuS29AzlXpMahVllExGPrLTv98+dR9eh2Q9uybZY4iaGzBWG/dyw06DRI1LVasSO
84XSD+6haXJ1w75Bsxndvn1TjU6IEQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFD5g
anA1Ifrh7bpNi5JoFVywsXkzMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84MjhGNjM3MkM5ODUxMUVGQjg1RTNCOUQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOhJMA0GCSqGSIb3DQEBCwUA
A4IBAQCCWUvntXIb7R0JpYvhWnM80LswSaW9epLryU4Y219dsPUBdFGM2WRTjpOG
wrtk5mjhalHZWJIaxGle0eGTsJQB8bmIpXrYY4QhufD9HKUlbOx8il6bWTXGMvNT
j5cSRhuhE1NIx6Ues9opOnXXQP9g9Bg6OhvmlFspu7tO6lFyZfClLx83Vv6GIpIr
0jm0jQkah7bnYYCuaTM36QxvpbySGlOG7UrsVSlwaF8umea6eKsst84zmJdZkBcX
AZGZlq9HZOE/Jc4L/I6sTVywEoO3Y9928lSw3u4u7BfgcTV0PLEj00CLir+vG0D8
vvb9ozfpBIs1qsAXoM4Z2vwgW6gV
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:40:55 2025 by rpki-client