Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8DA3F9DAC34011EF9DD15EB8762E951A.roa
File: 8DA3F9DAC34011EF9DD15EB8762E951A.roa (raw, json)
Hash identifier: ZG647yJqnqIeCmToOGk5uoeTQASrrIO2YLRqzPfSJDY=
Subject key identifier: 51:E5:AE:0F:1C:32:72:B7:A0:34:A4:2D:B8:04:6C:BF:79:F1:C8:46
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EBC5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8DA3F9DAC34011EF9DD15EB8762E951A.roa
Signing time: Thu 26 Dec 2024 04:19:09 +0000
ROA not before: Thu 26 Dec 2024 04:19:06 +0000
ROA not after: Fri 10 Dec 2027 04:19:06 +0000
asID: 17561
IP address blocks: 156.244.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60357 (0xebc5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 04:19:06 2024 GMT
Not After : Dec 10 04:19:06 2027 GMT
Subject: CN=676cd93d-7651
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:6a:0f:9b:d3:80:d3:0c:a6:50:38:69:13:f1:
36:e4:20:cd:a8:be:fd:f6:55:c5:7d:ac:72:2b:7e:
2c:dc:0b:0b:99:7d:be:44:58:13:94:3d:14:08:09:
17:ef:76:f9:f0:3e:a5:27:8b:53:4e:34:5a:3a:5e:
dd:fa:62:92:8d:ac:95:b9:d2:1a:d5:56:f5:d0:86:
2b:e6:97:b2:cd:d1:76:81:56:b4:3b:b7:7e:22:11:
90:02:93:6f:16:51:5c:a3:01:6a:91:08:56:5d:90:
19:d2:b7:d5:ed:db:30:04:14:22:4d:55:99:f8:ac:
7c:c6:7b:38:ce:95:d8:e9:52:3d:6f:e4:ea:15:03:
c9:f6:ed:66:75:db:de:b2:3f:24:a6:44:cf:2c:4e:
bb:38:cd:f2:fb:7e:b2:8d:b2:b6:d0:61:84:92:fa:
8f:9b:fa:db:04:fa:ed:08:3b:8d:db:0e:bf:bb:f6:
b1:2f:f9:17:05:2d:0a:dc:aa:17:7b:1f:94:79:3b:
b4:31:d2:e4:47:1a:34:f6:33:cf:88:76:91:a9:e2:
51:c8:aa:99:cd:bd:d4:af:3b:08:9a:fe:a8:7b:a2:
f8:81:db:af:df:68:ac:be:95:84:2f:8e:39:a4:c5:
3c:f9:00:3f:79:34:5c:dc:b1:d9:dd:86:8c:72:0b:
57:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:E5:AE:0F:1C:32:72:B7:A0:34:A4:2D:B8:04:6C:BF:79:F1:C8:46
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8DA3F9DAC34011EF9DD15EB8762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.244.222.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:28:cf:56:87:3c:5e:73:2b:f2:47:55:da:9a:15:83:f4:69:
9f:38:08:e1:83:7f:ed:a6:d7:21:32:05:3d:8b:0b:92:e3:11:
63:27:a7:ac:64:0d:81:48:f4:65:54:b5:30:bf:2d:b3:21:52:
ed:68:64:0e:bc:28:2d:16:7d:a2:d7:58:e2:5e:0d:89:7b:16:
d5:28:6b:60:9b:7f:41:bd:5a:73:84:98:ee:c9:a5:1e:a7:b6:
d4:5b:fb:6c:26:43:09:69:b7:8f:f8:1c:f8:48:22:77:1a:e1:
23:7c:42:04:d6:8b:c4:98:0d:cb:eb:54:59:37:00:19:8f:53:
c1:27:22:8c:85:69:94:3c:b9:62:a9:f8:46:5b:27:a1:c2:cf:
67:61:60:23:5e:9e:54:b5:e2:25:40:07:7f:c9:5b:8c:b6:69:
78:a7:9a:b0:88:b8:c3:4e:f5:0d:ff:c8:1e:ed:97:17:ae:6e:
db:71:c7:3c:4e:de:33:05:62:d2:2e:02:68:6e:84:20:02:2f:
86:ab:7f:f9:0a:c5:d8:e6:78:f7:c7:cf:90:44:61:0b:5a:4a:
2f:47:51:1c:a2:1d:25:d6:23:18:e9:67:01:19:26:aa:25:1c:
a5:48:c7:39:57:32:ed:b2:b8:91:58:c8:85:98:f8:e8:9e:e6:
16:f0:b8:a6
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOvFMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDQxOTA2WhcNMjcxMjEwMDQxOTA2WjAYMRYw
FAYDVQQDEw02NzZjZDkzZC03NjUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0moPm9OA0wymUDhpE/E25CDNqL799lXFfaxyK34s3AsLmX2+RFgTlD0U
CAkX73b58D6lJ4tTTjRaOl7d+mKSjayVudIa1Vb10IYr5peyzdF2gVa0O7d+IhGQ
ApNvFlFcowFqkQhWXZAZ0rfV7dswBBQiTVWZ+Kx8xns4zpXY6VI9b+TqFQPJ9u1m
ddvesj8kpkTPLE67OM3y+36yjbK20GGEkvqPm/rbBPrtCDuN2w6/u/axL/kXBS0K
3KoXex+UeTu0MdLkRxo09jPPiHaRqeJRyKqZzb3UrzsImv6oe6L4gduv32isvpWE
L445pMU8+QA/eTRc3LHZ3YaMcgtXvQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFHl
rg8cMnK3oDSkLbgEbL958chGMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84REEzRjlEQUMzNDAxMUVGOUREMTVFQjg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPTeMA0GCSqGSIb3DQEBCwUA
A4IBAQBLKM9WhzxecyvyR1XamhWD9GmfOAjhg3/tptchMgU9iwuS4xFjJ6esZA2B
SPRlVLUwvy2zIVLtaGQOvCgtFn2i11jiXg2JexbVKGtgm39BvVpzhJjuyaUep7bU
W/tsJkMJabeP+Bz4SCJ3GuEjfEIE1ovEmA3L61RZNwAZj1PBJyKMhWmUPLliqfhG
Wyehws9nYWAjXp5UteIlQAd/yVuMtml4p5qwiLjDTvUN/8ge7ZcXrm7bccc8Tt4z
BWLSLgJoboQgAi+Gq3/5CsXY5nj3x8+QRGELWkovR1Ecoh0l1iMY6WcBGSaqJRyl
SMc5VzLtsriRWMiFmPjonuYW8Lim
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:52:51 2025 by rpki-client