Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9540459CC27B11EFB10BB558762E951A.roa
File: 9540459CC27B11EFB10BB558762E951A.roa (raw, json)
Hash identifier: WwSQo3fnBR0UktyTEsFVxyOBiOtxcXz7LwCEIfAIWVo=
Subject key identifier: DB:C0:7F:8A:47:A8:EA:78:97:06:71:AA:D0:53:B4:EE:1B:92:D5:82
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E8A5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9540459CC27B11EFB10BB558762E951A.roa
Signing time: Wed 25 Dec 2024 04:49:11 +0000
ROA not before: Wed 25 Dec 2024 04:49:08 +0000
ROA not after: Wed 10 Dec 2025 04:49:08 +0000
asID: 984
IP address blocks: 156.227.164.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59557 (0xe8a5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 25 04:49:08 2024 GMT
Not After : Dec 10 04:49:08 2025 GMT
Subject: CN=676b8ec7-fa3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:7b:17:3e:c5:b3:e4:04:f3:ea:bb:3a:51:9b:
17:d2:6c:2b:01:03:24:57:cf:13:50:a4:3e:be:ad:
a9:fb:a5:e3:6f:84:9b:e4:83:dd:06:00:c7:00:03:
04:f2:3d:24:16:30:d7:6d:d4:2b:6b:9c:33:d2:8f:
d8:1d:39:ed:53:9a:97:8c:13:66:23:22:7c:b2:b3:
83:a9:32:60:fe:5c:ce:dc:9f:b8:f0:ba:fc:60:e9:
97:fb:ae:1b:79:6c:d3:2b:66:60:61:70:2f:5f:cb:
d7:d1:b1:0d:55:44:08:49:75:90:15:7c:cf:57:f3:
69:50:d1:a4:74:ff:86:ab:61:e1:8b:d3:e1:24:f8:
bd:2a:ad:02:92:bb:3a:b9:f6:4d:71:9d:13:40:f0:
b6:40:cf:b9:8f:ec:86:6c:77:e5:6f:04:98:87:15:
89:d4:29:51:b5:ee:49:ce:ba:29:fc:9e:79:01:bf:
7a:26:e0:ea:b3:4c:ff:7e:ce:df:66:6d:69:bc:55:
b2:17:0e:df:59:b5:0d:6b:4a:65:14:b2:e0:e6:32:
18:b3:2a:0c:2b:ae:19:65:f4:30:8e:57:fb:35:16:
5e:47:12:07:6e:26:4e:bb:e8:5f:ca:f6:a9:c4:9e:
25:7c:d3:84:9c:79:17:2b:47:11:5a:38:65:65:95:
17:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:C0:7F:8A:47:A8:EA:78:97:06:71:AA:D0:53:B4:EE:1B:92:D5:82
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9540459CC27B11EFB10BB558762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.164.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:d8:3a:4a:c3:3f:bd:62:6d:cf:55:59:98:b4:81:cc:ba:12:
fa:1b:27:ab:28:67:92:33:77:a1:e1:a9:59:53:05:2e:b7:46:
12:08:45:99:7d:27:37:fc:d2:93:43:86:9e:28:63:96:f1:da:
c6:d9:c8:6c:b3:0d:17:54:5d:2b:03:d3:b5:6f:57:1a:8e:9f:
7f:3e:dc:bd:e7:f2:5c:d2:a4:bf:bd:96:51:31:48:c4:13:e7:
34:5f:62:80:89:76:a1:8c:9a:cd:34:42:ac:7e:d7:16:1f:b1:
62:8d:a5:72:d3:1a:fd:81:7f:03:1c:e3:47:ed:da:b0:16:18:
27:03:2f:cf:72:f3:f0:96:59:97:4e:bd:52:26:02:29:09:24:
0f:fe:55:26:07:24:f3:2e:c9:70:71:51:e4:40:b4:18:c2:c9:
fe:3b:fb:2c:0e:5a:25:36:61:24:69:b6:3e:98:95:99:e8:75:
dd:fd:32:ec:40:95:23:9c:c1:95:15:f0:79:76:c6:a9:7b:c8:
dd:35:0a:bd:47:ba:3f:77:57:f4:f8:5d:c6:7e:86:ef:f5:bc:
30:9f:06:50:98:30:61:09:ae:67:56:e4:16:33:73:1f:91:75:
0e:09:2b:a9:6c:19:30:b4:91:6a:0c:5c:7c:13:ed:11:f8:fb:
24:18:34:1f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOilMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI1MDQ0OTA4WhcNMjUxMjEwMDQ0OTA4WjAYMRYw
FAYDVQQDEw02NzZiOGVjNy1mYTNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAynsXPsWz5ATz6rs6UZsX0mwrAQMkV88TUKQ+vq2p+6Xjb4Sb5IPdBgDH
AAME8j0kFjDXbdQra5wz0o/YHTntU5qXjBNmIyJ8srODqTJg/lzO3J+48Lr8YOmX
+64beWzTK2ZgYXAvX8vX0bENVUQISXWQFXzPV/NpUNGkdP+Gq2Hhi9PhJPi9Kq0C
krs6ufZNcZ0TQPC2QM+5j+yGbHflbwSYhxWJ1ClRte5Jzrop/J55Ab96JuDqs0z/
fs7fZm1pvFWyFw7fWbUNa0plFLLg5jIYsyoMK64ZZfQwjlf7NRZeRxIHbiZOu+hf
yvapxJ4lfNOEnHkXK0cRWjhlZZUXxQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNvA
f4pHqOp4lwZxqtBTtO4bktWCMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85NTQwNDU5Q0MyN0IxMUVGQjEwQkI1NTg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOOkMA0GCSqGSIb3DQEBCwUA
A4IBAQCh2DpKwz+9Ym3PVVmYtIHMuhL6GyerKGeSM3eh4alZUwUut0YSCEWZfSc3
/NKTQ4aeKGOW8drG2chssw0XVF0rA9O1b1cajp9/Pty95/Jc0qS/vZZRMUjEE+c0
X2KAiXahjJrNNEKsftcWH7FijaVy0xr9gX8DHONH7dqwFhgnAy/PcvPwllmXTr1S
JgIpCSQP/lUmByTzLslwcVHkQLQYwsn+O/ssDlolNmEkabY+mJWZ6HXd/TLsQJUj
nMGVFfB5dsape8jdNQq9R7o/d1f0+F3Gfobv9bwwnwZQmDBhCa5nVuQWM3MfkXUO
CSupbBkwtJFqDFx8E+0R+PskGDQf
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:47:21 2025 by rpki-client