Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8D374B0EF46511EF88F7154E762E951A.roa
File: 8D374B0EF46511EF88F7154E762E951A.roa (raw, json)
Hash identifier: whbnzz+Dd9lBOM1cZZMCiaOOJ6Uud4jrwGsjeBF+218=
Subject key identifier: 05:D1:FD:19:5A:8F:E3:41:44:2C:7F:2E:5E:13:AC:AC:5B:D3:DB:1F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013577
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8D374B0EF46511EF88F7154E762E951A.roa
Signing time: Wed 26 Feb 2025 17:17:27 +0000
ROA not before: Wed 26 Feb 2025 17:17:23 +0000
ROA not after: Sat 19 Feb 2028 17:17:23 +0000
asID: 17561
IP address blocks: 156.233.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79223 (0x13577)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 17:17:23 2025 GMT
Not After : Feb 19 17:17:23 2028 GMT
Subject: CN=67bf4ca7-395b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:8d:49:04:15:36:6d:f0:d1:77:7f:99:2d:5e:
e1:66:4a:43:92:37:2e:92:e3:14:b7:7a:d1:9c:4a:
7c:05:16:8a:c7:bd:c0:02:f4:8c:64:64:ee:08:9d:
8c:f3:26:a2:2e:0d:4f:4c:58:2f:47:ca:31:76:19:
f7:1a:b6:4e:e0:fd:7d:24:c4:94:87:aa:ac:fd:cc:
60:10:ee:73:03:17:6f:0e:de:36:a8:46:08:29:6d:
bc:2c:b3:ae:3c:aa:18:d7:ce:47:ba:ad:a2:8a:ac:
56:3d:5d:9d:bc:48:94:5d:c3:9d:75:24:5d:82:49:
b3:7f:68:8a:1b:1d:83:4a:a7:3a:56:14:f1:3a:11:
54:f4:1d:fa:ed:60:af:74:db:6d:30:c3:c3:f3:74:
5b:8b:4a:74:68:02:51:fd:f2:e9:7b:34:d3:05:ee:
e7:ef:77:5b:11:59:83:61:6c:e4:eb:22:f7:88:cc:
db:75:7c:69:99:ab:e2:84:dd:5d:30:50:8a:6f:9f:
d2:cd:f5:df:6d:89:4a:fb:d7:58:be:42:01:54:ae:
e8:9e:e7:ac:f6:35:40:2e:19:a4:9f:0a:19:53:b9:
46:7e:b8:d1:57:f4:62:52:7f:4e:58:0c:78:7e:5f:
23:09:f0:8f:a8:52:c9:d0:54:3c:a6:dd:ac:39:a8:
d4:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:D1:FD:19:5A:8F:E3:41:44:2C:7F:2E:5E:13:AC:AC:5B:D3:DB:1F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8D374B0EF46511EF88F7154E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.60.0/24
Signature Algorithm: sha256WithRSAEncryption
56:4d:2d:1f:e0:b5:df:24:b2:b3:9a:38:78:9b:3d:de:2b:89:
5c:8a:58:e5:3e:21:2a:ad:7a:56:d2:57:f6:59:7b:65:32:7f:
7a:c3:3a:45:84:95:18:d6:b3:e3:66:91:b7:06:25:78:bb:c1:
a3:ae:4d:04:91:e7:42:06:7e:d7:bd:61:98:ca:70:f2:a3:03:
9f:7d:bd:2b:95:3e:f7:61:3c:92:b3:d9:e8:88:e8:6c:86:d2:
4f:38:8d:7a:f9:b7:73:c2:41:cd:8b:d8:bd:3c:0c:0c:4f:8d:
6c:36:b8:58:b1:8a:8f:72:2c:3a:bc:b5:75:00:2d:dc:40:6a:
57:cd:db:9e:e1:7d:f8:71:94:7e:36:e9:49:7a:7b:f9:9f:48:
bf:6c:90:d3:a1:5a:f1:73:ab:20:b1:76:e9:96:46:69:38:57:
5b:3c:ed:d1:12:cf:48:2e:a0:51:2f:f2:18:b1:6e:17:17:cc:
ff:ec:7d:4c:26:04:ce:e4:66:0c:1a:8a:28:de:c8:93:80:6c:
ed:a1:86:59:c7:a6:f4:c8:f3:c7:72:5c:ee:81:82:de:75:19:
68:bb:39:5c:60:36:c8:c1:34:b8:9c:68:77:17:24:41:bf:6f:
d7:7b:d7:8b:fd:55:6b:f8:8b:5b:9b:7e:2d:72:c1:6f:62:80:
49:f3:3f:53
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATV3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTcxNzIzWhcNMjgwMjE5MTcxNzIzWjAYMRYw
FAYDVQQDEw02N2JmNGNhNy0zOTViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1I1JBBU2bfDRd3+ZLV7hZkpDkjcukuMUt3rRnEp8BRaKx73AAvSMZGTu
CJ2M8yaiLg1PTFgvR8oxdhn3GrZO4P19JMSUh6qs/cxgEO5zAxdvDt42qEYIKW28
LLOuPKoY185Huq2iiqxWPV2dvEiUXcOddSRdgkmzf2iKGx2DSqc6VhTxOhFU9B36
7WCvdNttMMPD83Rbi0p0aAJR/fLpezTTBe7n73dbEVmDYWzk6yL3iMzbdXxpmavi
hN1dMFCKb5/SzfXfbYlK+9dYvkIBVK7onues9jVALhmknwoZU7lGfrjRV/RiUn9O
WAx4fl8jCfCPqFLJ0FQ8pt2sOajU5wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAXR
/Rlaj+NBRCx/Ll4TrKxb09sfMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84RDM3NEIwRUY0NjUxMUVGODhGNzE1NEU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOk8MA0GCSqGSIb3DQEBCwUA
A4IBAQBWTS0f4LXfJLKzmjh4mz3eK4lciljlPiEqrXpW0lf2WXtlMn96wzpFhJUY
1rPjZpG3BiV4u8Gjrk0EkedCBn7XvWGYynDyowOffb0rlT73YTySs9noiOhshtJP
OI16+bdzwkHNi9i9PAwMT41sNrhYsYqPciw6vLV1AC3cQGpXzdue4X34cZR+NulJ
env5n0i/bJDToVrxc6sgsXbplkZpOFdbPO3REs9ILqBRL/IYsW4XF8z/7H1MJgTO
5GYMGooo3siTgGztoYZZx6b0yPPHclzugYLedRlouzlcYDbIwTS4nGh3FyRBv2/X
e9eL/VVr+Itbm34tcsFvYoBJ8z9T
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:18:13 2025 by rpki-client