Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8D92547AC33911EF93B9ED89762E951A.roa
File: 8D92547AC33911EF93B9ED89762E951A.roa (raw, json)
Hash identifier: 1nCD7+nJ60sHthfTjKJH2GHBJ/jz0LwoukQrqL0gC14=
Subject key identifier: 97:B3:72:33:46:EB:05:4E:68:C3:65:8D:95:5D:3F:DF:14:31:73:5B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EB73
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8D92547AC33911EF93B9ED89762E951A.roa
Signing time: Thu 26 Dec 2024 03:29:03 +0000
ROA not before: Thu 26 Dec 2024 03:28:59 +0000
ROA not after: Fri 10 Dec 2027 03:28:59 +0000
asID: 17561
IP address blocks: 156.244.181.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60275 (0xeb73)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 03:28:59 2024 GMT
Not After : Dec 10 03:28:59 2027 GMT
Subject: CN=676ccd7f-3bfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:1e:4f:df:6b:46:2e:f5:2e:59:df:fb:94:ea:
d7:a3:9b:c6:bf:93:aa:b1:89:08:4d:c7:13:4d:d9:
bb:0f:c5:c4:ac:d7:59:d5:8a:be:f2:e5:c5:0e:8e:
07:e6:a2:32:d3:28:cb:14:7c:1d:a6:37:47:93:3a:
82:32:df:7a:60:43:f8:d0:3a:2e:d5:eb:b0:4c:28:
de:c9:9f:3d:36:b9:9d:67:02:7e:1f:17:80:f2:8f:
d0:9d:b3:41:63:41:f1:2d:9d:08:21:b5:3c:26:dc:
ef:f7:12:7b:e2:fc:c5:ce:8b:54:4f:93:da:f0:1f:
f2:10:37:a1:46:36:ca:38:41:cb:19:3b:4f:94:2f:
4d:f8:0b:f7:ba:b8:f1:24:8b:ca:fc:07:aa:d8:b2:
70:81:1f:b6:b9:ba:99:dc:9c:3a:b3:58:2e:2e:53:
13:25:c0:fd:5e:ac:13:ee:5f:d5:01:e5:42:14:5b:
30:8d:c4:72:f6:e6:b0:e5:a0:38:45:54:25:f6:81:
a8:b7:d6:92:fa:5f:71:4e:4f:01:e4:4c:5a:1d:7a:
d7:c3:a2:f3:a2:29:21:b9:cf:fc:63:18:45:5c:1d:
5c:a1:a3:34:55:8c:34:bf:99:7f:77:b8:75:0c:69:
19:02:ae:8e:96:25:2a:4c:ac:d5:9a:da:78:9b:ee:
d1:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:B3:72:33:46:EB:05:4E:68:C3:65:8D:95:5D:3F:DF:14:31:73:5B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8D92547AC33911EF93B9ED89762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.244.181.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:d0:c9:6c:f4:1e:f8:4f:94:9b:43:c8:59:d0:f7:74:e6:aa:
e8:d5:ad:11:89:53:d7:13:bc:fd:55:78:94:c3:cc:70:da:1e:
3e:e3:f4:5d:ce:d7:07:0b:37:fa:e7:6b:67:95:14:0a:1f:11:
90:b5:1a:63:ee:44:00:a7:12:ef:29:79:03:1f:c5:a7:87:18:
ce:44:25:a1:30:6a:89:50:1c:2f:77:82:70:83:03:d9:ec:9c:
01:9f:1b:ac:ba:09:02:6e:db:de:05:76:59:90:72:55:51:ae:
bd:88:53:4c:11:46:6a:4d:f9:b6:b1:d1:c6:a3:56:94:bd:94:
19:1c:4e:84:37:40:db:fc:dc:15:02:33:77:2f:b7:c9:e3:a4:
cd:5b:43:7d:6a:b9:49:ba:94:86:b6:7f:dc:c6:15:8c:8a:cc:
33:6a:8f:30:5e:83:58:df:cf:c5:c6:4f:df:6c:4e:db:30:54:
27:bb:44:1f:b9:b5:c8:53:48:58:b1:96:b6:90:4b:2e:74:f9:
b5:c3:af:12:a1:10:6e:d0:03:05:29:41:fb:46:51:78:cb:5b:
26:2c:2b:d0:0e:3c:0c:e9:90:99:1a:e7:f9:6f:c5:8a:88:65:
46:5b:0c:6d:45:50:60:07:11:b1:09:a3:7a:0c:4c:ad:94:4e:
e2:62:cc:90
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOtzMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDMyODU5WhcNMjcxMjEwMDMyODU5WjAYMRYw
FAYDVQQDEw02NzZjY2Q3Zi0zYmZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqx5P32tGLvUuWd/7lOrXo5vGv5OqsYkITccTTdm7D8XErNdZ1Yq+8uXF
Do4H5qIy0yjLFHwdpjdHkzqCMt96YEP40Dou1euwTCjeyZ89NrmdZwJ+HxeA8o/Q
nbNBY0HxLZ0IIbU8Jtzv9xJ74vzFzotUT5Pa8B/yEDehRjbKOEHLGTtPlC9N+Av3
urjxJIvK/Aeq2LJwgR+2ubqZ3Jw6s1guLlMTJcD9XqwT7l/VAeVCFFswjcRy9uaw
5aA4RVQl9oGot9aS+l9xTk8B5ExaHXrXw6Lzoikhuc/8YxhFXB1coaM0VYw0v5l/
d7h1DGkZAq6OliUqTKzVmtp4m+7RewIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJez
cjNG6wVOaMNljZVdP98UMXNbMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84RDkyNTQ3QUMzMzkxMUVGOTNCOUVEODk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPS1MA0GCSqGSIb3DQEBCwUA
A4IBAQA60Mls9B74T5SbQ8hZ0Pd05qro1a0RiVPXE7z9VXiUw8xw2h4+4/RdztcH
Czf652tnlRQKHxGQtRpj7kQApxLvKXkDH8WnhxjORCWhMGqJUBwvd4JwgwPZ7JwB
nxusugkCbtveBXZZkHJVUa69iFNMEUZqTfm2sdHGo1aUvZQZHE6EN0Db/NwVAjN3
L7fJ46TNW0N9arlJupSGtn/cxhWMiswzao8wXoNY38/Fxk/fbE7bMFQnu0QfubXI
U0hYsZa2kEsudPm1w68SoRBu0AMFKUH7RlF4y1smLCvQDjwM6ZCZGuf5b8WKiGVG
WwxtRVBgBxGxCaN6DEytlE7iYsyQ
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:42:41 2025 by rpki-client