Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8C28125AC94C11EFB655249F762E951A.roa
File: 8C28125AC94C11EFB655249F762E951A.roa (raw, json)
Hash identifier: J0jiIJQzM63enAUDaweZSro3H0TSLHBguYsAXkYXnKA=
Subject key identifier: 71:AB:78:34:B8:2B:30:05:4C:23:A0:E3:C7:E5:ED:7B:39:48:32:49
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F39C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8C28125AC94C11EFB655249F762E951A.roa
Signing time: Thu 02 Jan 2025 21:00:08 +0000
ROA not before: Thu 02 Jan 2025 21:00:04 +0000
ROA not after: Mon 13 Dec 2027 21:00:04 +0000
asID: 17561
IP address blocks: 156.225.165.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62364 (0xf39c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 2 21:00:04 2025 GMT
Not After : Dec 13 21:00:04 2027 GMT
Subject: CN=6776fe58-3682
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:79:82:f5:d8:fb:e6:7c:68:c2:03:5d:8c:14:
36:95:59:15:76:34:49:a5:e7:bd:be:d0:2b:e6:0d:
17:10:46:8d:36:03:fa:63:ee:4a:a0:3c:ef:b9:63:
92:f1:a0:8a:04:29:4b:7f:0a:86:77:88:90:20:88:
73:0d:e0:13:de:0e:f9:ad:a3:34:81:81:2f:b0:07:
3e:e3:83:9a:60:e4:cd:78:2f:60:9a:e2:8d:cd:12:
f2:e7:4a:02:c1:3e:55:78:ff:0c:07:83:6e:56:d4:
6f:71:4f:d0:d9:7f:f3:7d:03:0a:2e:a2:a2:0e:5b:
c3:68:0a:b1:60:14:f3:2a:64:df:22:b8:9a:2b:5d:
f1:7a:94:9a:8d:3e:59:13:87:f5:18:14:36:56:95:
5f:be:c5:dd:9f:fa:af:47:b1:31:cc:82:74:83:e6:
47:71:d9:5f:95:63:14:48:7d:7e:da:25:21:34:74:
b9:33:15:19:db:ed:16:c4:d2:88:c6:f8:5d:eb:9e:
f5:c0:b7:be:dd:4a:20:37:7a:80:04:e5:35:b7:51:
5f:2a:0c:0d:77:d6:53:23:5f:21:89:16:8d:ce:a1:
ed:b2:bc:3a:61:4a:2d:b5:18:48:ab:7d:dc:92:d5:
8d:8b:13:4b:bb:94:b0:2b:9d:34:1f:ba:91:15:fe:
2d:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:AB:78:34:B8:2B:30:05:4C:23:A0:E3:C7:E5:ED:7B:39:48:32:49
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8C28125AC94C11EFB655249F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.165.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:15:97:08:1b:c4:19:7c:5e:a9:1b:ec:92:b0:88:46:50:71:
1f:c0:e5:64:0a:73:88:72:9b:bb:4a:ad:3d:6e:0f:1f:43:54:
ad:45:c3:99:c6:47:21:d6:8d:a2:6d:50:87:5a:be:14:d1:fb:
74:83:53:cf:c9:27:73:b2:5e:50:8e:99:0f:9e:d7:59:6b:1e:
6b:4a:91:cd:6a:e6:43:d8:83:ed:09:35:73:e3:10:c4:df:91:
60:c9:1a:8d:93:55:aa:5d:11:c3:d2:2a:2a:2e:dc:0b:4d:40:
cc:02:1d:be:bb:b0:cf:d8:da:e5:7a:78:98:6b:68:ed:21:cd:
4f:e1:34:8f:22:64:27:c2:6e:76:2b:db:85:1a:e1:88:6f:2d:
56:47:0b:93:75:55:f7:95:46:98:87:13:8d:3c:e5:32:f1:ae:
eb:81:91:41:39:66:58:55:84:34:52:56:32:8c:11:a6:0d:4f:
fe:c9:5a:a5:fe:49:b8:71:eb:9f:3f:db:02:02:34:03:4d:68:
3d:a3:0b:4a:99:72:d8:e5:70:25:82:cd:e2:ad:c2:3d:7c:12:
f8:19:18:fb:4b:a5:d7:3a:70:67:5d:53:1c:99:f3:4e:76:19:
4e:9d:a6:89:ed:30:19:57:34:eb:fb:61:b4:4f:fb:a9:f9:68:
c0:4b:ae:0c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPOcMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAyMjEwMDA0WhcNMjcxMjEzMjEwMDA0WjAYMRYw
FAYDVQQDEw02Nzc2ZmU1OC0zNjgyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAs3mC9dj75nxowgNdjBQ2lVkVdjRJpee9vtAr5g0XEEaNNgP6Y+5KoDzv
uWOS8aCKBClLfwqGd4iQIIhzDeAT3g75raM0gYEvsAc+44OaYOTNeC9gmuKNzRLy
50oCwT5VeP8MB4NuVtRvcU/Q2X/zfQMKLqKiDlvDaAqxYBTzKmTfIriaK13xepSa
jT5ZE4f1GBQ2VpVfvsXdn/qvR7ExzIJ0g+ZHcdlflWMUSH1+2iUhNHS5MxUZ2+0W
xNKIxvhd6571wLe+3UogN3qABOU1t1FfKgwNd9ZTI18hiRaNzqHtsrw6YUottRhI
q33cktWNixNLu5SwK500H7qRFf4tlwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHGr
eDS4KzAFTCOg48fl7Xs5SDJJMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84QzI4MTI1QUM5NEMxMUVGQjY1NTI0OUY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOGlMA0GCSqGSIb3DQEBCwUA
A4IBAQBvFZcIG8QZfF6pG+ySsIhGUHEfwOVkCnOIcpu7Sq09bg8fQ1StRcOZxkch
1o2ibVCHWr4U0ft0g1PPySdzsl5QjpkPntdZax5rSpHNauZD2IPtCTVz4xDE35Fg
yRqNk1WqXRHD0ioqLtwLTUDMAh2+u7DP2NrleniYa2jtIc1P4TSPImQnwm52K9uF
GuGIby1WRwuTdVX3lUaYhxONPOUy8a7rgZFBOWZYVYQ0UlYyjBGmDU/+yVql/km4
ceufP9sCAjQDTWg9owtKmXLY5XAlgs3ircI9fBL4GRj7S6XXOnBnXVMcmfNOdhlO
naaJ7TAZVzTr+2G0T/up+WjAS64M
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:53:25 2025 by rpki-client