Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/88556BDCCCE411EFACDFD17C762E951A.roa
File: 88556BDCCCE411EFACDFD17C762E951A.roa (raw, json)
Hash identifier: lOl5EbwM77iCa3OJ1NbH90b9hesUttyE3DO2ybM84Nk=
Subject key identifier: F0:43:36:A5:28:40:D5:7B:20:8B:B0:10:3B:E2:B0:BD:4D:23:AF:ED
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FBC1
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/88556BDCCCE411EFACDFD17C762E951A.roa
Signing time: Tue 07 Jan 2025 10:45:38 +0000
ROA not before: Tue 07 Jan 2025 10:45:34 +0000
ROA not after: Mon 13 Dec 2027 10:45:34 +0000
asID: 17561
IP address blocks: 156.233.245.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64449 (0xfbc1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 10:45:34 2025 GMT
Not After : Dec 13 10:45:34 2027 GMT
Subject: CN=677d05d2-b27a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:a7:65:1b:89:ab:5a:2f:1c:0b:2b:71:be:f5:
37:80:a4:52:6e:f2:2c:15:ef:f4:3e:2f:fb:4c:4d:
ec:33:16:5d:b7:7c:0b:14:ec:7b:f0:7c:de:f9:9c:
23:ac:b7:8d:02:54:74:8e:9e:bc:93:ac:69:cb:ea:
91:3f:13:65:64:03:b8:da:cc:b9:19:7b:68:d2:01:
2c:a2:1a:cc:14:23:7f:20:a0:b8:2d:ab:bc:99:2a:
06:df:4c:b6:5e:54:02:6c:a6:71:cf:38:40:41:e5:
bd:fa:95:b5:47:e7:c1:9e:6b:0b:d0:e2:af:79:02:
79:96:5a:0c:84:d3:4e:f3:42:d8:5c:be:a6:89:ec:
05:25:33:95:86:f5:f2:b5:33:41:06:76:0c:63:3b:
4d:dd:e1:0c:c1:18:32:e1:71:1c:bf:fd:5e:2d:06:
78:61:cc:a1:e2:b7:57:7f:8f:56:2b:92:89:fb:9c:
2c:04:26:82:9f:30:f5:f3:31:fb:e2:30:4c:33:a1:
aa:7f:f5:fd:13:9d:1e:a3:9a:9d:ec:b6:ac:22:7b:
8d:e6:6e:2a:93:f2:f8:66:48:69:f9:15:f2:30:c6:
05:5f:f8:fa:40:77:de:6f:b8:16:8d:e1:e4:b6:5a:
6d:aa:56:e5:c5:ea:08:47:57:55:8a:39:0a:f4:ad:
e9:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:43:36:A5:28:40:D5:7B:20:8B:B0:10:3B:E2:B0:BD:4D:23:AF:ED
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/88556BDCCCE411EFACDFD17C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.245.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:6e:87:37:58:ef:5a:3a:67:21:54:da:8b:a6:f5:35:19:94:
03:63:f3:d0:ed:cc:db:4c:1f:9f:21:67:d2:c0:55:e9:48:45:
88:c5:a5:ee:d2:47:97:10:e5:c1:e0:5e:11:f1:c4:b1:91:27:
e1:38:38:90:ba:a5:86:2f:e3:35:59:d0:81:e7:58:7e:59:d3:
ae:90:27:a1:0d:dc:60:94:93:98:5a:a2:58:97:a1:77:1e:72:
b4:66:1d:cb:b8:ba:f9:a5:f8:e8:ce:1a:54:19:2b:6c:10:37:
f2:89:dd:31:d7:b3:27:4d:80:9e:c4:5b:11:4b:60:c5:af:71:
ab:64:43:8b:1d:10:80:91:4e:13:eb:63:3d:a9:04:72:30:7e:
d5:c7:c7:ff:be:61:50:7a:b6:ca:82:dc:98:04:bf:59:6a:ce:
26:6f:55:9d:47:c4:5d:76:61:b7:05:1c:74:ec:ce:c7:1d:cf:
e6:2e:67:ed:a4:f6:0b:f7:b7:bb:b8:83:37:75:37:db:ac:73:
cf:6f:c0:da:b5:96:3a:ac:7a:1c:5d:55:12:cc:bd:53:81:7b:
01:38:ce:c7:5e:d6:92:bb:a1:d2:ff:40:8f:cd:46:4c:79:b5:
66:fc:d0:65:f5:5a:4f:ea:bd:45:f1:ac:60:bb:d1:7d:7d:c3:
a4:e3:08:86
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPvBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTA0NTM0WhcNMjcxMjEzMTA0NTM0WjAYMRYw
FAYDVQQDEw02NzdkMDVkMi1iMjdhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvKdlG4mrWi8cCytxvvU3gKRSbvIsFe/0Pi/7TE3sMxZdt3wLFOx78Hze
+ZwjrLeNAlR0jp68k6xpy+qRPxNlZAO42sy5GXto0gEsohrMFCN/IKC4Lau8mSoG
30y2XlQCbKZxzzhAQeW9+pW1R+fBnmsL0OKveQJ5lloMhNNO80LYXL6miewFJTOV
hvXytTNBBnYMYztN3eEMwRgy4XEcv/1eLQZ4Ycyh4rdXf49WK5KJ+5wsBCaCnzD1
8zH74jBMM6Gqf/X9E50eo5qd7LasInuN5m4qk/L4Zkhp+RXyMMYFX/j6QHfeb7gW
jeHktlptqlblxeoIR1dVijkK9K3pgQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPBD
NqUoQNV7IIuwEDvisL1NI6/tMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84ODU1NkJEQ0NDRTQxMUVGQUNERkQxN0M3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOn1MA0GCSqGSIb3DQEBCwUA
A4IBAQCuboc3WO9aOmchVNqLpvU1GZQDY/PQ7czbTB+fIWfSwFXpSEWIxaXu0keX
EOXB4F4R8cSxkSfhODiQuqWGL+M1WdCB51h+WdOukCehDdxglJOYWqJYl6F3HnK0
Zh3LuLr5pfjozhpUGStsEDfyid0x17MnTYCexFsRS2DFr3GrZEOLHRCAkU4T62M9
qQRyMH7Vx8f/vmFQerbKgtyYBL9Zas4mb1WdR8RddmG3BRx07M7HHc/mLmftpPYL
97e7uIM3dTfbrHPPb8DatZY6rHocXVUSzL1TgXsBOM7HXtaSu6HS/0CPzUZMebVm
/NBl9VpP6r1F8axgu9F9fcOk4wiG
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:53:33 2025 by rpki-client