Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8EC95A16C98611EF97EAB8A4762E951A.roa
File: 8EC95A16C98611EF97EAB8A4762E951A.roa (raw, json)
Hash identifier: qseR2aWUtktwQo7awzjJrk2G3BzgMQMqrFm5+W3EsLs=
Subject key identifier: 57:E8:B8:8E:8A:E8:9C:38:82:05:5E:D1:D8:95:55:C3:04:4D:69:A6
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F583
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8EC95A16C98611EF97EAB8A4762E951A.roa
Signing time: Fri 03 Jan 2025 03:55:23 +0000
ROA not before: Fri 03 Jan 2025 03:55:19 +0000
ROA not after: Mon 13 Dec 2027 03:55:19 +0000
asID: 17561
IP address blocks: 156.232.89.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62851 (0xf583)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 03:55:19 2025 GMT
Not After : Dec 13 03:55:19 2027 GMT
Subject: CN=67775fab-1f4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:fd:45:ed:f2:67:38:6b:2d:b2:7c:c7:da:5f:
5c:a0:94:d9:ba:6f:dc:d6:b0:34:fe:9a:eb:be:78:
53:80:ff:2d:61:24:b7:e3:ab:85:b3:34:36:5e:cf:
ca:8b:64:19:bb:b3:47:57:72:58:ef:f0:65:8f:e3:
d4:8a:be:9a:a6:f0:1d:d1:12:20:42:91:98:37:b7:
b2:34:ba:78:4a:74:e2:e4:19:15:41:37:e8:36:ed:
5d:7f:02:3a:f1:87:7f:6c:16:e1:13:ab:2a:8e:9a:
10:86:17:74:69:16:23:6b:b4:69:23:88:7a:32:d2:
e8:d3:79:65:48:df:19:d2:8c:5d:50:0b:2f:d7:99:
3a:5b:c5:c7:8a:2b:69:6e:b0:48:62:ac:b5:1f:f1:
ba:00:69:9f:07:b6:f9:05:8b:28:d0:81:c5:ad:85:
9a:66:ab:3a:fe:e3:b6:33:22:f5:e7:75:f9:42:6f:
5d:6e:c4:1e:ab:30:7b:41:7b:28:da:c2:a9:5d:2c:
d6:6a:22:cc:b6:13:33:f1:50:3e:70:a8:e5:7f:62:
f5:15:93:0d:58:7c:59:0a:a4:93:a1:7d:21:e1:86:
f3:62:e3:0b:d0:28:12:a3:30:cd:a7:f4:bb:52:32:
26:06:8e:44:6b:dd:77:ba:84:77:e3:89:a6:d7:05:
1c:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:E8:B8:8E:8A:E8:9C:38:82:05:5E:D1:D8:95:55:C3:04:4D:69:A6
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8EC95A16C98611EF97EAB8A4762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.232.89.0/24
Signature Algorithm: sha256WithRSAEncryption
66:2e:8e:2c:32:ad:c5:13:12:0a:0f:7d:83:12:7c:e5:45:97:
8f:6a:95:d1:f9:7b:d3:cd:79:b7:88:d6:48:8d:9f:f2:6e:d0:
c3:67:51:78:60:df:3f:15:7a:f9:d0:c7:40:e5:5d:42:f3:a7:
df:80:bf:42:28:55:b6:b9:c0:f5:db:f6:d2:71:ec:aa:57:b0:
48:47:e4:98:c4:f4:99:bc:f2:ef:60:d7:37:ca:89:ba:57:3b:
25:d7:df:03:00:0b:2c:71:30:72:1b:52:95:3c:27:e3:7b:b6:
12:5f:72:58:0d:0e:a5:3f:45:0d:a3:37:c8:97:a5:e7:ca:25:
04:0f:9a:81:4a:6a:10:50:c9:2f:41:fd:83:25:17:b1:41:0d:
7c:10:65:26:e6:23:0f:86:ed:ef:e2:63:0d:56:02:49:e0:9d:
e1:ff:41:2f:61:1f:d7:5d:b5:0a:ff:23:f6:14:91:70:95:a5:
4b:70:41:b7:b6:84:43:da:25:85:a8:ca:c7:88:23:3f:47:67:
fa:8d:d3:ac:ae:56:87:ad:63:9c:a5:23:48:2a:b6:63:de:f2:
2b:c5:5f:30:52:0c:e3:64:23:02:45:4d:6e:f7:4a:f4:4a:01:
c4:8b:d4:ab:02:ca:8a:bf:fa:3d:2d:03:cd:a5:3f:5d:46:b8:
c8:70:00:e7
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPWDMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDM1NTE5WhcNMjcxMjEzMDM1NTE5WjAYMRYw
FAYDVQQDEw02Nzc3NWZhYi0xZjRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwP1F7fJnOGstsnzH2l9coJTZum/c1rA0/prrvnhTgP8tYSS346uFszQ2
Xs/Ki2QZu7NHV3JY7/Blj+PUir6apvAd0RIgQpGYN7eyNLp4SnTi5BkVQTfoNu1d
fwI68Yd/bBbhE6sqjpoQhhd0aRYja7RpI4h6MtLo03llSN8Z0oxdUAsv15k6W8XH
iitpbrBIYqy1H/G6AGmfB7b5BYso0IHFrYWaZqs6/uO2MyL153X5Qm9dbsQeqzB7
QXso2sKpXSzWaiLMthMz8VA+cKjlf2L1FZMNWHxZCqSToX0h4YbzYuML0CgSozDN
p/S7UjImBo5Ea913uoR344mm1wUcnQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFfo
uI6K6Jw4ggVe0diVVcMETWmmMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84RUM5NUExNkM5ODYxMUVGOTdFQUI4QTQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOhZMA0GCSqGSIb3DQEBCwUA
A4IBAQBmLo4sMq3FExIKD32DEnzlRZePapXR+XvTzXm3iNZIjZ/ybtDDZ1F4YN8/
FXr50MdA5V1C86ffgL9CKFW2ucD12/bSceyqV7BIR+SYxPSZvPLvYNc3yom6Vzsl
198DAAsscTByG1KVPCfje7YSX3JYDQ6lP0UNozfIl6XnyiUED5qBSmoQUMkvQf2D
JRexQQ18EGUm5iMPhu3v4mMNVgJJ4J3h/0EvYR/XXbUK/yP2FJFwlaVLcEG3toRD
2iWFqMrHiCM/R2f6jdOsrlaHrWOcpSNIKrZj3vIrxV8wUgzjZCMCRU1u90r0SgHE
i9SrAsqKv/o9LQPNpT9dRrjIcADn
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:40:56 2025 by rpki-client