Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/82AD290AC97811EFA95CDF40762E951A.roa
File: 82AD290AC97811EFA95CDF40762E951A.roa (raw, json)
Hash identifier: aGu4RQ1V/dlo02gfIzF6g+p2EB76PKwRsSzpQK6QE6c=
Subject key identifier: 0C:65:F3:95:FA:6E:2B:CF:C1:41:96:F8:2B:BF:DE:40:5D:2F:5F:E9
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F4FD
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/82AD290AC97811EFA95CDF40762E951A.roa
Signing time: Fri 03 Jan 2025 02:14:50 +0000
ROA not before: Fri 03 Jan 2025 02:14:46 +0000
ROA not after: Mon 13 Dec 2027 02:14:46 +0000
asID: 17561
IP address blocks: 156.227.112.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62717 (0xf4fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 02:14:46 2025 GMT
Not After : Dec 13 02:14:46 2027 GMT
Subject: CN=6777481a-fdf6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:93:db:e4:9b:04:92:9b:23:89:c6:ad:27:08:
18:fd:cd:ef:b6:66:9a:e2:8a:c3:a1:5e:0a:fe:71:
31:66:55:11:6f:1c:6e:5f:d7:33:33:51:51:98:b1:
3a:12:ff:d0:be:f0:9b:63:43:42:ad:a3:10:ba:a0:
3b:b5:44:39:91:66:1e:da:9a:e1:88:36:fd:bc:3a:
e3:73:ee:82:9f:56:30:6f:3b:a8:0f:4c:eb:49:e4:
7a:20:b9:19:ea:6b:8b:76:db:d6:ae:70:88:c0:07:
b6:42:6d:e0:79:f6:64:04:c9:2e:23:c3:09:e7:9a:
35:f9:3f:51:b3:a7:af:2d:79:78:be:84:4d:a5:00:
e0:1b:bb:e8:26:75:b9:4e:31:05:00:48:43:8a:7a:
41:c6:ac:02:86:4f:4f:16:70:fa:32:a8:f2:56:60:
5f:4e:b7:c0:b9:c8:4d:eb:b0:b5:34:96:0c:ce:26:
3d:71:62:29:05:7c:0f:97:ea:08:49:09:d9:75:ca:
79:5a:78:05:c6:da:d1:94:e4:bb:aa:9a:28:58:a7:
14:71:ea:0f:15:c7:db:c0:03:16:43:aa:b4:31:c0:
c5:c8:a2:f6:45:ff:f5:fd:a9:cf:7c:56:40:12:22:
05:4a:47:7f:4f:99:b1:32:16:7d:0a:d6:fd:90:ec:
20:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:65:F3:95:FA:6E:2B:CF:C1:41:96:F8:2B:BF:DE:40:5D:2F:5F:E9
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/82AD290AC97811EFA95CDF40762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.112.0/24
Signature Algorithm: sha256WithRSAEncryption
23:1d:e8:82:97:cd:17:fc:7d:06:43:2b:22:f3:cd:11:9d:e1:
1b:59:60:42:ba:aa:1d:0e:4e:50:f9:18:ba:c5:82:08:2e:5c:
d1:ea:b0:f4:30:1d:1f:8c:67:7a:86:b0:33:b2:87:33:3f:58:
b6:df:a1:55:88:de:f1:bf:27:21:35:9a:db:9b:f3:7f:8b:e0:
26:4e:92:f9:78:c4:50:f4:0f:ab:75:1f:47:3d:09:37:46:0c:
5c:db:53:85:4c:a9:c6:59:2f:09:06:38:03:6a:ad:26:8c:da:
27:56:75:f6:4b:f7:fb:18:87:21:b6:ba:1e:5d:d8:17:76:01:
9d:48:b2:f8:d3:95:4e:ae:1e:af:b6:c0:99:84:90:04:ed:c7:
71:44:c6:2c:7f:2a:a1:ce:59:b9:50:67:4a:42:b3:a7:a5:4b:
97:33:6a:d3:f2:2c:14:0a:2f:d4:5e:d7:fd:69:95:c2:7c:30:
14:41:5b:d9:46:26:ec:61:66:db:9b:7d:27:94:7b:a5:25:c3:
b7:d2:69:92:9d:8a:31:33:a1:71:01:1f:06:24:3e:2b:46:91:
7c:7f:bf:b3:ac:4a:2f:b7:40:e0:ac:c7:db:ca:6a:28:b2:75:
21:a2:b3:cc:41:3d:ce:80:52:95:fc:95:ec:c9:3b:34:a2:6e:
c5:a4:00:55
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPT9MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDIxNDQ2WhcNMjcxMjEzMDIxNDQ2WjAYMRYw
FAYDVQQDEw02Nzc3NDgxYS1mZGY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxJPb5JsEkpsjicatJwgY/c3vtmaa4orDoV4K/nExZlURbxxuX9czM1FR
mLE6Ev/QvvCbY0NCraMQuqA7tUQ5kWYe2prhiDb9vDrjc+6Cn1YwbzuoD0zrSeR6
ILkZ6muLdtvWrnCIwAe2Qm3gefZkBMkuI8MJ55o1+T9Rs6evLXl4voRNpQDgG7vo
JnW5TjEFAEhDinpBxqwChk9PFnD6MqjyVmBfTrfAuchN67C1NJYMziY9cWIpBXwP
l+oISQnZdcp5WngFxtrRlOS7qpooWKcUceoPFcfbwAMWQ6q0McDFyKL2Rf/1/anP
fFZAEiIFSkd/T5mxMhZ9Ctb9kOwgtwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAxl
85X6bivPwUGW+Cu/3kBdL1/pMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84MkFEMjkwQUM5NzgxMUVGQTk1Q0RGNDA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnONwMA0GCSqGSIb3DQEBCwUA
A4IBAQAjHeiCl80X/H0GQysi880RneEbWWBCuqodDk5Q+Ri6xYIILlzR6rD0MB0f
jGd6hrAzsoczP1i236FViN7xvychNZrbm/N/i+AmTpL5eMRQ9A+rdR9HPQk3Rgxc
21OFTKnGWS8JBjgDaq0mjNonVnX2S/f7GIchtroeXdgXdgGdSLL405VOrh6vtsCZ
hJAE7cdxRMYsfyqhzlm5UGdKQrOnpUuXM2rT8iwUCi/UXtf9aZXCfDAUQVvZRibs
YWbbm30nlHulJcO30mmSnYoxM6FxAR8GJD4rRpF8f7+zrEovt0DgrMfbymoosnUh
orPMQT3OgFKV/JXsyTs0om7FpABV
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:59:24 2025 by rpki-client