Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8A00338ACD0311EF859558BF762E951A.roa
File: 8A00338ACD0311EF859558BF762E951A.roa (raw, json)
Hash identifier: tdo1UylRwW2S70rvwKcES1YveLs9U1A5wgNEZ93tzP8=
Subject key identifier: AB:A7:A8:5E:90:3E:24:00:77:B0:8E:E9:5E:53:34:CD:3D:95:5C:18
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FC85
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8A00338ACD0311EF859558BF762E951A.roa
Signing time: Tue 07 Jan 2025 14:27:35 +0000
ROA not before: Tue 07 Jan 2025 14:27:32 +0000
ROA not after: Mon 13 Dec 2027 14:27:32 +0000
asID: 17561
IP address blocks: 156.238.184.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64645 (0xfc85)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 14:27:32 2025 GMT
Not After : Dec 13 14:27:32 2027 GMT
Subject: CN=677d39d7-a7c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:33:1e:35:3e:11:0b:65:0a:43:8b:e9:38:15:
b8:22:ce:ae:67:bd:16:7e:c0:07:6c:47:4f:77:ac:
71:06:6b:08:76:b0:33:10:7c:c8:bf:68:0c:02:25:
cb:58:ba:82:ce:04:e4:81:93:c2:91:26:b9:aa:cc:
fc:91:fe:ca:78:f2:26:f5:39:f0:22:8a:ed:3c:aa:
5e:0b:5a:62:ec:52:d6:e5:7b:f8:9d:73:7d:cb:ee:
05:16:cf:a7:b5:d2:c9:e5:8b:c2:d5:f0:c7:d6:81:
37:cc:23:9c:83:20:e0:f7:a7:31:79:80:9d:7a:05:
d1:13:11:d5:f4:b1:c1:dd:68:e6:27:a7:ee:5a:30:
38:82:b5:0b:dc:a9:40:7a:ee:3d:a8:9e:ca:49:43:
01:c1:78:9b:e3:19:4e:31:f2:cc:07:0c:74:eb:c5:
4d:da:58:9d:e2:ea:1d:dd:f2:a5:4b:40:5d:5c:1d:
0c:e8:9f:a6:eb:c9:6b:cc:68:86:be:2d:72:67:56:
ef:bb:4d:ee:59:d8:fc:5a:af:f4:fd:bc:8d:d8:93:
fe:3e:5d:48:18:1d:31:4e:8b:39:62:58:cc:04:6b:
eb:e8:d0:c9:8b:97:c2:06:4a:7d:6e:a7:b8:9e:d6:
45:17:ff:71:3e:4f:a5:5b:d6:05:af:98:d0:46:05:
8f:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:A7:A8:5E:90:3E:24:00:77:B0:8E:E9:5E:53:34:CD:3D:95:5C:18
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8A00338ACD0311EF859558BF762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.184.0/24
Signature Algorithm: sha256WithRSAEncryption
94:1d:cc:91:fd:b1:42:a6:2e:b2:b4:fc:93:0c:3b:4f:58:60:
d5:d0:14:43:d3:e7:a6:06:30:55:99:21:bc:70:72:38:5b:47:
c6:5c:1f:57:1d:c0:e2:b1:c8:ef:3a:62:5d:1b:f5:f6:d0:33:
64:6b:2f:c6:a6:0e:b3:13:88:30:09:89:f6:8d:db:af:48:1e:
7d:48:a9:c6:8c:7c:9a:cd:bd:c8:5c:7b:22:ef:a1:b9:ff:84:
79:6c:f9:48:a1:cf:12:34:0d:b3:5f:71:16:b4:d8:34:06:f9:
02:90:7e:c3:3f:33:d2:ba:80:af:25:4f:57:c3:49:c6:ac:3c:
bf:71:98:f9:40:7e:74:d3:f9:55:f0:0e:b3:c1:3f:b4:87:d5:
f3:e7:84:6f:2d:6e:7d:8c:03:08:f4:50:20:a8:ee:58:a2:82:
7f:ee:2d:88:1b:db:d4:19:b9:e6:5e:34:2f:0e:e6:2c:fa:c5:
cc:d9:45:13:b6:c4:28:85:cc:2d:25:07:b8:cf:d1:64:17:18:
4b:d1:c2:9a:d4:a9:56:d3:1d:48:a9:8e:58:ee:67:6f:85:c1:
82:58:0b:a1:4e:bb:90:35:58:11:6d:0c:a2:ed:f6:4a:8b:2d:
0e:a7:b7:97:e5:d5:6e:ba:eb:0c:91:cc:b4:24:96:c6:c2:80:
1a:9f:e5:06
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPyFMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTQyNzMyWhcNMjcxMjEzMTQyNzMyWjAYMRYw
FAYDVQQDEw02NzdkMzlkNy1hN2MwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxTMeNT4RC2UKQ4vpOBW4Is6uZ70WfsAHbEdPd6xxBmsIdrAzEHzIv2gM
AiXLWLqCzgTkgZPCkSa5qsz8kf7KePIm9TnwIortPKpeC1pi7FLW5Xv4nXN9y+4F
Fs+ntdLJ5YvC1fDH1oE3zCOcgyDg96cxeYCdegXRExHV9LHB3WjmJ6fuWjA4grUL
3KlAeu49qJ7KSUMBwXib4xlOMfLMBwx068VN2lid4uod3fKlS0BdXB0M6J+m68lr
zGiGvi1yZ1bvu03uWdj8Wq/0/byN2JP+Pl1IGB0xTos5YljMBGvr6NDJi5fCBkp9
bqe4ntZFF/9xPk+lW9YFr5jQRgWPjQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKun
qF6QPiQAd7CO6V5TNM09lVwYMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84QTAwMzM4QUNEMDMxMUVGODU5NTU4QkY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO64MA0GCSqGSIb3DQEBCwUA
A4IBAQCUHcyR/bFCpi6ytPyTDDtPWGDV0BRD0+emBjBVmSG8cHI4W0fGXB9XHcDi
scjvOmJdG/X20DNkay/Gpg6zE4gwCYn2jduvSB59SKnGjHyazb3IXHsi76G5/4R5
bPlIoc8SNA2zX3EWtNg0BvkCkH7DPzPSuoCvJU9Xw0nGrDy/cZj5QH500/lV8A6z
wT+0h9Xz54RvLW59jAMI9FAgqO5YooJ/7i2IG9vUGbnmXjQvDuYs+sXM2UUTtsQo
hcwtJQe4z9FkFxhL0cKa1KlW0x1IqY5Y7mdvhcGCWAuhTruQNVgRbQyi7fZKiy0O
p7eX5dVuuusMkcy0JJbGwoAan+UG
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:45:23 2025 by rpki-client