Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8C813534C33811EFB3FEBF83762E951A.roa
File: 8C813534C33811EFB3FEBF83762E951A.roa (raw, json)
Hash identifier: Gplfr9SWO2S23z5KFBc8CS9bJfAAlS/CC6LVSmQocVU=
Subject key identifier: DF:D4:5E:5E:67:DC:86:C0:B3:DE:8D:E2:33:69:88:41:C4:82:F1:44
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EB67
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8C813534C33811EFB3FEBF83762E951A.roa
Signing time: Thu 26 Dec 2024 03:21:51 +0000
ROA not before: Thu 26 Dec 2024 03:21:48 +0000
ROA not after: Wed 10 Dec 2025 03:21:48 +0000
asID: 984
IP address blocks: 156.244.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60263 (0xeb67)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 03:21:48 2024 GMT
Not After : Dec 10 03:21:48 2025 GMT
Subject: CN=676ccbcf-bece
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:48:0e:42:d8:2b:bd:16:d4:5c:ed:df:2d:35:
e1:12:2a:4e:78:c2:56:50:a3:d6:cd:da:af:5c:e1:
d5:f0:b4:14:94:fa:07:23:f3:0f:90:64:39:f2:0d:
8b:3b:da:c2:b1:e6:0a:8b:10:43:cd:a5:cd:d6:26:
52:0b:be:13:ad:e6:b2:c1:3c:39:58:e2:ac:54:bd:
77:6f:2d:d4:7d:ca:36:4a:12:11:7f:5c:90:8c:e6:
e8:f0:73:d9:b6:9a:57:82:55:3e:f5:37:38:8c:f9:
48:f0:b9:0b:1b:53:79:98:36:ff:64:34:de:96:78:
b4:72:fe:5a:44:f5:d1:34:71:ce:13:f9:25:12:b0:
05:1d:4e:99:ea:2a:b0:e8:ee:9b:64:a2:c1:83:4b:
97:ea:88:d0:af:07:9e:71:52:1a:fb:f2:6d:ed:5b:
fc:c5:2f:09:c8:76:2c:35:21:b2:0f:2d:82:dc:1b:
b1:01:9d:9c:a9:5f:ce:a0:84:e9:c9:ed:66:d2:29:
fa:75:42:15:c8:8c:5e:0e:1c:6d:ad:f0:fe:3c:d1:
48:bb:7a:da:e4:bc:16:20:69:15:0a:41:4d:c1:82:
08:73:d1:6b:95:4b:33:d4:a6:60:c1:b1:cb:44:e2:
fc:5b:98:02:52:de:cf:54:4f:ff:df:9d:6f:4c:29:
ca:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:D4:5E:5E:67:DC:86:C0:B3:DE:8D:E2:33:69:88:41:C4:82:F1:44
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8C813534C33811EFB3FEBF83762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.244.175.0/24
Signature Algorithm: sha256WithRSAEncryption
94:70:1a:75:43:48:ec:b8:a1:cb:d0:5a:fb:64:55:0f:02:7f:
a2:cb:bb:03:d5:65:d0:75:4a:00:f6:6e:68:53:65:ad:fb:b7:
23:08:31:83:b8:45:85:9d:c7:50:e3:18:7a:e6:99:e2:db:ee:
d4:8c:60:78:f7:85:72:fe:d5:55:d6:27:af:d3:b3:f9:01:88:
c4:ae:b6:47:d8:fa:8d:9b:5a:f4:5e:0d:41:15:93:e6:53:11:
c1:39:ff:ba:e0:03:8c:5b:ec:cb:df:87:10:46:3a:fe:5e:d8:
55:5e:61:4e:98:c1:a4:c9:70:31:21:2d:35:e4:60:b0:fb:76:
0f:7a:02:e4:56:8d:4a:57:b7:2a:2c:8f:ab:75:6a:f2:77:76:
76:14:72:97:a3:90:0c:92:a0:c5:7d:9f:4c:89:9e:b3:1b:91:
cb:16:ad:98:d8:4f:f1:0b:cb:98:82:5a:2d:8f:6c:b1:e1:10:
5a:98:c9:cc:5a:e4:0c:3d:16:9a:f9:cb:dc:53:70:ad:b1:3b:
dc:f6:32:a6:92:f6:d5:c5:fe:52:34:2b:2a:f7:ef:fd:3d:ed:
e5:2c:38:74:2c:4c:e1:2e:10:16:94:95:2f:81:77:07:58:49:
b1:7e:44:d1:7b:5c:08:e8:2c:1f:19:3c:08:2a:b1:d1:c8:e7:
5e:75:a2:22
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOtnMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDMyMTQ4WhcNMjUxMjEwMDMyMTQ4WjAYMRYw
FAYDVQQDEw02NzZjY2JjZi1iZWNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA50gOQtgrvRbUXO3fLTXhEipOeMJWUKPWzdqvXOHV8LQUlPoHI/MPkGQ5
8g2LO9rCseYKixBDzaXN1iZSC74TreaywTw5WOKsVL13by3Ufco2ShIRf1yQjObo
8HPZtppXglU+9Tc4jPlI8LkLG1N5mDb/ZDTelni0cv5aRPXRNHHOE/klErAFHU6Z
6iqw6O6bZKLBg0uX6ojQrweecVIa+/Jt7Vv8xS8JyHYsNSGyDy2C3BuxAZ2cqV/O
oITpye1m0in6dUIVyIxeDhxtrfD+PNFIu3ra5LwWIGkVCkFNwYIIc9FrlUsz1KZg
wbHLROL8W5gCUt7PVE//351vTCnKGwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFN/U
Xl5n3IbAs96N4jNpiEHEgvFEMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84QzgxMzUzNEMzMzgxMUVGQjNGRUJGODM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPSvMA0GCSqGSIb3DQEBCwUA
A4IBAQCUcBp1Q0jsuKHL0Fr7ZFUPAn+iy7sD1WXQdUoA9m5oU2Wt+7cjCDGDuEWF
ncdQ4xh65pni2+7UjGB494Vy/tVV1iev07P5AYjErrZH2PqNm1r0Xg1BFZPmUxHB
Of+64AOMW+zL34cQRjr+XthVXmFOmMGkyXAxIS015GCw+3YPegLkVo1KV7cqLI+r
dWryd3Z2FHKXo5AMkqDFfZ9MiZ6zG5HLFq2Y2E/xC8uYglotj2yx4RBamMnMWuQM
PRaa+cvcU3CtsTvc9jKmkvbVxf5SNCsq9+/9Pe3lLDh0LEzhLhAWlJUvgXcHWEmx
fkTRe1wI6CwfGTwIKrHRyOdedaIi
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:48:14 2025 by rpki-client