Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/86880DF2CD0511EFB3C5274C762E951A.roa
File: 86880DF2CD0511EFB3C5274C762E951A.roa (raw, json)
Hash identifier: P/DWIW0m1c9syf22cp5w39tdA2Qnng1rOC/wA66P/f0=
Subject key identifier: 08:63:50:76:80:76:21:40:1F:7E:7B:40:FA:2D:57:7C:35:28:65:D7
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FC95
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/86880DF2CD0511EFB3C5274C762E951A.roa
Signing time: Tue 07 Jan 2025 14:41:49 +0000
ROA not before: Tue 07 Jan 2025 14:41:45 +0000
ROA not after: Mon 13 Dec 2027 14:41:45 +0000
asID: 17561
IP address blocks: 156.239.28.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64661 (0xfc95)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 14:41:45 2025 GMT
Not After : Dec 13 14:41:45 2027 GMT
Subject: CN=677d3d2d-362d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:e3:a4:c4:7b:98:33:60:ca:97:5d:7e:3b:7d:
32:95:c9:3e:52:fb:ef:4a:d2:a9:4a:9f:7c:6e:33:
d5:ca:2b:98:37:73:5e:c4:2d:de:41:6e:a3:d1:1e:
a4:43:2b:35:60:01:04:82:30:9b:ea:bc:36:10:ca:
db:75:6f:4d:9d:0e:1e:e8:4a:ad:04:72:3b:91:ee:
a1:54:88:d9:73:77:4a:d1:bd:d5:a3:c2:8b:f2:24:
fc:9c:e8:e5:ce:3a:77:e4:64:eb:72:af:89:6d:1a:
cf:4d:85:29:9e:07:75:56:91:0b:74:c1:d8:89:f9:
5f:15:99:c7:1b:6a:9b:95:ed:f8:a3:5f:99:0a:de:
4f:e4:db:1a:a5:51:26:95:46:35:3c:8a:c0:da:56:
c3:5f:d2:70:70:5a:d6:9e:cd:6a:89:8e:f1:29:fb:
62:e8:99:dc:9e:42:81:4f:3a:71:04:5a:33:64:0c:
c9:fa:21:a3:96:c2:4f:af:e3:7f:77:ae:b6:73:07:
d7:9d:a1:fb:c3:4d:d7:5c:34:92:c8:b9:ba:1b:e6:
d1:f0:28:51:f6:f0:b5:3e:be:5a:1d:c1:91:60:74:
ec:2a:4c:cc:13:bd:bb:ab:17:af:30:9b:72:c6:9f:
26:bf:e1:dc:7d:34:2f:c4:89:73:2c:94:b1:16:ec:
78:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:63:50:76:80:76:21:40:1F:7E:7B:40:FA:2D:57:7C:35:28:65:D7
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/86880DF2CD0511EFB3C5274C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.239.28.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:76:05:64:99:00:37:cb:44:13:5a:3a:eb:33:27:36:98:6d:
16:c0:67:29:27:20:70:c1:65:15:b9:02:ba:08:ce:f8:c6:c6:
a7:fc:74:9e:84:04:36:1c:97:70:2d:99:12:16:d7:c7:02:9f:
5f:82:84:d1:91:2e:af:1a:82:e2:31:05:5f:b7:03:aa:0b:f8:
9d:30:29:5f:44:e8:1f:c3:d7:f8:28:5e:78:f0:c9:4e:68:73:
ee:7a:4a:11:bc:94:b0:e3:bf:31:2f:1a:d3:b0:6a:b7:20:dd:
13:36:59:ad:48:be:64:51:25:98:68:1d:6b:0d:b5:11:03:f3:
41:e8:d2:f9:64:07:6b:df:48:8b:2c:67:27:d5:06:36:84:e7:
25:9b:2a:6e:a8:26:d3:fe:f3:5a:15:0a:e0:d5:e3:5a:76:ca:
d6:f1:71:13:a5:0e:19:c1:3d:b3:6c:d1:57:fc:27:d0:38:87:
72:58:58:29:e1:10:19:ee:80:3d:aa:6f:2d:5c:85:67:5c:02:
7b:04:2b:f5:b2:10:5d:21:c5:85:eb:11:45:40:0a:96:7d:63:
cb:d8:0b:74:38:63:48:02:ac:80:d8:6a:e2:46:3b:4e:7c:03:
70:14:3b:7c:25:1b:aa:a3:9b:7d:a6:52:28:06:dc:df:e8:df:
e8:a2:85:e4
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPyVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTQ0MTQ1WhcNMjcxMjEzMTQ0MTQ1WjAYMRYw
FAYDVQQDEw02NzdkM2QyZC0zNjJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5uOkxHuYM2DKl11+O30ylck+UvvvStKpSp98bjPVyiuYN3NexC3eQW6j
0R6kQys1YAEEgjCb6rw2EMrbdW9NnQ4e6EqtBHI7ke6hVIjZc3dK0b3Vo8KL8iT8
nOjlzjp35GTrcq+JbRrPTYUpngd1VpELdMHYiflfFZnHG2qble34o1+ZCt5P5Nsa
pVEmlUY1PIrA2lbDX9JwcFrWns1qiY7xKfti6JncnkKBTzpxBFozZAzJ+iGjlsJP
r+N/d662cwfXnaH7w03XXDSSyLm6G+bR8ChR9vC1Pr5aHcGRYHTsKkzME727qxev
MJtyxp8mv+HcfTQvxIlzLJSxFux4pwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAhj
UHaAdiFAH357QPotV3w1KGXXMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84Njg4MERGMkNEMDUxMUVGQjNDNTI3NEM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO8cMA0GCSqGSIb3DQEBCwUA
A4IBAQBvdgVkmQA3y0QTWjrrMyc2mG0WwGcpJyBwwWUVuQK6CM74xsan/HSehAQ2
HJdwLZkSFtfHAp9fgoTRkS6vGoLiMQVftwOqC/idMClfROgfw9f4KF548MlOaHPu
ekoRvJSw478xLxrTsGq3IN0TNlmtSL5kUSWYaB1rDbURA/NB6NL5ZAdr30iLLGcn
1QY2hOclmypuqCbT/vNaFQrg1eNadsrW8XETpQ4ZwT2zbNFX/CfQOIdyWFgp4RAZ
7oA9qm8tXIVnXAJ7BCv1shBdIcWF6xFFQAqWfWPL2At0OGNIAqyA2GriRjtOfANw
FDt8JRuqo5t9plIoBtzf6N/oooXk
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:36:47 2025 by rpki-client