Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/88E62B3AC33F11EFA8052FB2762E951A.roa
File: 88E62B3AC33F11EFA8052FB2762E951A.roa (raw, json)
Hash identifier: k7uQf70g3/dpKaZTCxuVRDjuIElEcKKhOiDP2yF19Pc=
Subject key identifier: 68:AD:80:C1:9C:29:28:D7:CC:EE:E7:9C:3B:C3:F2:C8:E2:A8:75:1B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EBB9
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/88E62B3AC33F11EFA8052FB2762E951A.roa
Signing time: Thu 26 Dec 2024 04:11:52 +0000
ROA not before: Thu 26 Dec 2024 04:11:48 +0000
ROA not after: Fri 10 Dec 2027 04:11:48 +0000
asID: 17561
IP address blocks: 156.244.216.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60345 (0xebb9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 04:11:48 2024 GMT
Not After : Dec 10 04:11:48 2027 GMT
Subject: CN=676cd788-9e6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:a4:65:f3:cf:f1:c1:ac:d1:67:71:b4:17:67:
7c:13:1e:cc:0c:74:a1:c2:73:48:53:41:18:b5:05:
fe:ba:a3:28:99:a8:f2:57:7f:9a:0d:99:55:cf:da:
aa:38:1c:ab:c7:65:f4:b0:f1:b4:22:c9:c5:46:37:
b0:02:0c:04:01:75:3e:8b:28:53:9f:ab:95:fb:05:
37:20:78:6a:68:b8:59:10:41:1b:ff:22:9a:89:57:
3e:f3:b4:ba:f5:47:88:0c:f0:4b:74:a2:d1:82:60:
f5:8e:1f:5f:2f:77:2f:1d:cb:24:20:4b:c5:3f:80:
64:c4:c8:bd:22:93:45:9c:be:9a:4d:df:fa:c3:1d:
c1:5b:65:9b:a8:bc:e0:ff:58:91:4c:1e:1c:a1:13:
2c:6d:6a:87:a9:44:65:59:0a:68:15:2e:0a:d1:17:
a1:91:73:ef:83:c8:d3:d3:17:0b:5d:3a:9f:66:21:
1d:87:4d:ce:bc:53:50:1f:f7:86:e6:e9:81:45:fe:
5b:e5:b1:b8:37:d7:f3:7e:c3:b0:51:ed:a5:ce:65:
14:fd:a1:9e:05:9d:0c:8f:d1:3b:c8:dd:d8:37:76:
61:ad:45:59:9a:ad:d9:6b:46:d3:56:e8:ec:d9:9f:
74:19:b5:30:0f:df:a9:33:2a:69:4d:e1:02:70:6d:
58:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:AD:80:C1:9C:29:28:D7:CC:EE:E7:9C:3B:C3:F2:C8:E2:A8:75:1B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/88E62B3AC33F11EFA8052FB2762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.244.216.0/24
Signature Algorithm: sha256WithRSAEncryption
32:52:30:e2:d6:f9:8d:bb:74:27:6d:be:22:49:b4:24:23:64:
76:74:1e:b4:2e:8f:ef:22:bf:a8:9e:73:05:78:18:40:8e:41:
68:c0:96:91:6b:ef:c9:84:c5:46:39:ac:89:d1:e0:e3:7b:44:
8d:c8:bb:45:76:52:28:5d:09:23:bb:8b:45:d6:89:6d:d4:42:
43:6c:75:ee:ce:93:d1:45:c8:32:a5:bb:be:fa:9b:ab:d8:99:
5d:bf:4d:e5:1a:fc:8c:50:ba:71:14:89:5e:aa:53:18:9c:70:
35:65:21:3e:a2:16:25:70:59:1d:a4:a5:f6:88:eb:5e:81:a2:
cf:d0:45:f0:24:ef:ea:4a:f7:3e:36:80:5e:f5:5c:ed:7e:dd:
35:40:1f:39:44:92:68:e6:c4:ef:ac:98:bb:a9:85:8e:1c:b9:
48:b9:d1:19:34:ef:37:c8:ca:3f:50:f4:f4:af:70:91:a0:a8:
12:9e:78:15:03:89:85:8f:e2:cc:64:4e:48:5b:83:ac:65:a3:
c1:b3:ef:1d:90:f1:c0:61:e5:ad:40:d7:31:9d:74:d0:8e:0a:
51:49:05:ac:68:f5:10:90:9a:14:f3:59:3c:b0:54:e8:16:c7:
50:1d:52:ed:46:88:8f:b2:70:da:63:f6:3e:26:8b:b3:1a:5e:
a4:6d:a6:dd
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOu5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDQxMTQ4WhcNMjcxMjEwMDQxMTQ4WjAYMRYw
FAYDVQQDEw02NzZjZDc4OC05ZTZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAr6Rl88/xwazRZ3G0F2d8Ex7MDHShwnNIU0EYtQX+uqMomajyV3+aDZlV
z9qqOByrx2X0sPG0IsnFRjewAgwEAXU+iyhTn6uV+wU3IHhqaLhZEEEb/yKaiVc+
87S69UeIDPBLdKLRgmD1jh9fL3cvHcskIEvFP4BkxMi9IpNFnL6aTd/6wx3BW2Wb
qLzg/1iRTB4coRMsbWqHqURlWQpoFS4K0RehkXPvg8jT0xcLXTqfZiEdh03OvFNQ
H/eG5umBRf5b5bG4N9fzfsOwUe2lzmUU/aGeBZ0Mj9E7yN3YN3ZhrUVZmq3Za0bT
Vujs2Z90GbUwD9+pMyppTeECcG1YrQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGit
gMGcKSjXzO7nnDvD8sjiqHUbMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84OEU2MkIzQUMzM0YxMUVGQTgwNTJGQjI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPTYMA0GCSqGSIb3DQEBCwUA
A4IBAQAyUjDi1vmNu3Qnbb4iSbQkI2R2dB60Lo/vIr+onnMFeBhAjkFowJaRa+/J
hMVGOayJ0eDje0SNyLtFdlIoXQkju4tF1olt1EJDbHXuzpPRRcgypbu++pur2Jld
v03lGvyMULpxFIleqlMYnHA1ZSE+ohYlcFkdpKX2iOtegaLP0EXwJO/qSvc+NoBe
9Vztft01QB85RJJo5sTvrJi7qYWOHLlIudEZNO83yMo/UPT0r3CRoKgSnngVA4mF
j+LMZE5IW4OsZaPBs+8dkPHAYeWtQNcxnXTQjgpRSQWsaPUQkJoU81k8sFToFsdQ
HVLtRoiPsnDaY/Y+JouzGl6kbabd
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:55:45 2025 by rpki-client