Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/829CE84EC27D11EFBCFA8664762E951A.roa
File: 829CE84EC27D11EFBCFA8664762E951A.roa (raw, json)
Hash identifier: Grs6Nzsp3gNUzvKoopTBT7IWaCV8q9hOr+hHct7kqsU=
Subject key identifier: F7:DB:A9:4A:F7:AF:F5:F9:71:2F:B8:E8:8D:79:77:56:EA:36:96:06
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E8BD
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/829CE84EC27D11EFBCFA8664762E951A.roa
Signing time: Wed 25 Dec 2024 05:02:59 +0000
ROA not before: Wed 25 Dec 2024 05:02:55 +0000
ROA not after: Wed 10 Dec 2025 05:02:55 +0000
asID: 984
IP address blocks: 156.227.176.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59581 (0xe8bd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 25 05:02:55 2024 GMT
Not After : Dec 10 05:02:55 2025 GMT
Subject: CN=676b9203-c3bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:73:f6:af:31:1b:8a:ff:a7:d7:7b:01:0d:ae:
96:bd:42:76:35:e6:76:47:f0:97:bd:9d:0c:07:d6:
f3:4f:9e:fb:02:3f:5d:d6:96:d3:fb:ce:fc:cc:f4:
a8:ab:dd:7b:ce:cc:35:a4:00:f9:ec:d7:19:6c:fe:
93:93:bf:cb:99:31:c3:ab:c2:40:87:a0:af:25:c8:
e5:bf:57:6a:ce:b0:a9:33:2b:cb:01:b2:ca:24:66:
8a:5f:1f:ec:02:43:b8:e9:9e:30:e9:37:eb:66:81:
7d:c7:8f:60:70:1a:2c:70:a1:40:c2:41:d8:5c:b4:
2d:4f:2b:c6:72:04:9e:0b:73:86:6a:43:4b:65:a2:
0d:fc:ad:ba:4b:f9:8d:18:6f:01:96:8f:1d:b7:08:
b5:1a:cf:55:28:aa:8f:69:58:19:11:65:6a:9c:4e:
14:a9:06:2a:00:d8:1c:10:f6:3c:cb:93:d2:94:b2:
5e:59:86:88:b3:0e:0a:c7:d1:67:f4:0e:ce:57:04:
d9:21:ac:41:ea:4b:df:a0:2c:7f:23:5e:90:24:f6:
58:25:d7:59:d5:bc:b1:b7:56:6c:8f:b4:0a:95:37:
df:a0:04:30:5c:bd:df:64:e7:91:a0:0b:08:74:e3:
e4:ae:81:a8:51:b9:4f:a7:a3:6a:eb:9a:ff:6a:bb:
7b:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:DB:A9:4A:F7:AF:F5:F9:71:2F:B8:E8:8D:79:77:56:EA:36:96:06
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/829CE84EC27D11EFBCFA8664762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.176.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:d6:55:45:0a:b8:0c:ed:d1:f0:09:c5:b4:55:0b:aa:97:49:
c1:34:3c:f1:e2:b2:40:a9:bb:46:5b:6e:3e:be:41:3d:de:02:
d8:5a:54:cd:be:fb:6d:5d:98:9f:5e:2d:6c:ba:bd:82:95:2b:
5c:01:b5:27:1a:aa:b7:fd:02:6d:68:ce:43:17:31:d7:d6:9e:
db:40:d1:e5:3a:c1:07:7c:00:3d:5d:4a:f3:f5:d0:3e:0e:dd:
1d:bd:b0:fa:0e:b7:69:39:13:73:4e:c5:07:d7:53:95:5e:cd:
c8:79:b0:30:99:56:fe:0f:1f:2b:fe:b4:7e:04:58:e2:d7:9f:
63:ef:86:a6:fa:8b:1d:0e:99:2b:c6:82:3e:a6:85:d7:e8:4b:
67:02:85:b5:4d:c1:f8:c7:d6:33:20:51:46:03:0e:52:34:4b:
bc:8b:ab:4d:77:1c:eb:97:17:c4:e1:9e:a9:ef:17:e8:d1:44:
ba:0d:42:ff:24:e9:1e:eb:dd:cb:03:06:6e:c0:b0:c1:98:52:
58:25:02:ce:c7:f8:ae:8b:58:ec:24:51:48:f4:c4:6b:e1:f2:
4e:b6:91:97:b3:be:6d:e9:77:1f:81:48:66:d3:f5:44:71:0a:
0c:c5:e6:37:38:38:46:9d:33:3b:b6:60:b2:b8:70:63:f3:2a:
62:d9:94:b9
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOi9MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI1MDUwMjU1WhcNMjUxMjEwMDUwMjU1WjAYMRYw
FAYDVQQDEw02NzZiOTIwMy1jM2JjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsXP2rzEbiv+n13sBDa6WvUJ2NeZ2R/CXvZ0MB9bzT577Aj9d1pbT+878
zPSoq917zsw1pAD57NcZbP6Tk7/LmTHDq8JAh6CvJcjlv1dqzrCpMyvLAbLKJGaK
Xx/sAkO46Z4w6TfrZoF9x49gcBoscKFAwkHYXLQtTyvGcgSeC3OGakNLZaIN/K26
S/mNGG8Blo8dtwi1Gs9VKKqPaVgZEWVqnE4UqQYqANgcEPY8y5PSlLJeWYaIsw4K
x9Fn9A7OVwTZIaxB6kvfoCx/I16QJPZYJddZ1byxt1Zsj7QKlTffoAQwXL3fZOeR
oAsIdOPkroGoUblPp6Nq65r/art7SwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPfb
qUr3r/X5cS+46I15d1bqNpYGMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84MjlDRTg0RUMyN0QxMUVGQkNGQTg2NjQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOOwMA0GCSqGSIb3DQEBCwUA
A4IBAQC41lVFCrgM7dHwCcW0VQuql0nBNDzx4rJAqbtGW24+vkE93gLYWlTNvvtt
XZifXi1sur2ClStcAbUnGqq3/QJtaM5DFzHX1p7bQNHlOsEHfAA9XUrz9dA+Dt0d
vbD6DrdpORNzTsUH11OVXs3IebAwmVb+Dx8r/rR+BFji159j74am+osdDpkrxoI+
poXX6EtnAoW1TcH4x9YzIFFGAw5SNEu8i6tNdxzrlxfE4Z6p7xfo0US6DUL/JOke
693LAwZuwLDBmFJYJQLOx/iui1jsJFFI9MRr4fJOtpGXs75t6XcfgUhm0/VEcQoM
xeY3ODhGnTM7tmCyuHBj8ypi2ZS5
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:53:58 2025 by rpki-client