Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/95BE2BFCBEAB11EFBADA8DB4762E951A.roa
File: 95BE2BFCBEAB11EFBADA8DB4762E951A.roa (raw, json)
Hash identifier: /DmP2/9Ni6cUiuQJor9Sd3KcHhEY1IzZ5vmyne4NKCo=
Subject key identifier: A5:94:10:D2:AE:87:91:73:43:EE:EC:2A:B4:4A:B8:77:C1:CC:F6:3F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E71D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/95BE2BFCBEAB11EFBADA8DB4762E951A.roa
Signing time: Fri 20 Dec 2024 08:22:43 +0000
ROA not before: Fri 20 Dec 2024 08:22:40 +0000
ROA not after: Sun 23 Mar 2025 08:22:40 +0000
asID: 328608
IP address blocks: 156.227.208.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59165 (0xe71d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 20 08:22:40 2024 GMT
Not After : Mar 23 08:22:40 2025 GMT
Subject: CN=67652953-f920
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:78:ea:f6:63:41:2f:30:78:2e:be:9f:55:00:
8c:90:12:e9:20:19:40:e6:88:a6:3c:b0:82:42:05:
20:b3:58:bb:e9:9b:85:b4:af:84:8f:7d:4a:2b:a2:
6e:34:12:ba:20:04:4c:59:91:9b:bc:d8:bf:09:45:
60:ba:0b:5e:66:74:20:52:f2:29:59:8e:e0:fd:92:
f9:93:ba:b9:7f:ff:90:5b:2a:84:31:9f:c0:fa:eb:
32:09:da:a4:5e:74:1f:6e:ee:ed:38:b4:72:6a:77:
3c:a4:e1:80:ed:de:90:52:48:fa:39:7a:d5:62:f5:
af:71:6e:ce:31:0c:69:0c:d7:ff:3a:76:f0:06:c6:
dd:79:e3:f0:e9:b0:4c:e2:9a:b4:d6:f2:9f:13:12:
af:33:79:ce:05:0c:86:fa:af:6d:d1:91:53:3c:da:
7c:da:fa:46:b1:e3:93:87:94:4c:1a:6d:bb:bd:35:
01:1e:83:54:76:fe:d7:19:fb:1f:83:d3:c8:5e:f4:
72:de:84:90:9f:68:ca:10:54:01:60:37:4b:5e:e2:
a1:78:c4:f7:c7:a4:47:ab:b0:8b:f1:9e:98:4a:b9:
ff:0b:53:5f:1e:e1:b4:29:d5:f8:16:7e:c2:c9:77:
11:6d:4b:95:ea:e3:e2:08:1a:30:ef:6e:1b:9b:92:
38:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:94:10:D2:AE:87:91:73:43:EE:EC:2A:B4:4A:B8:77:C1:CC:F6:3F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/95BE2BFCBEAB11EFBADA8DB4762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.208.0/21
Signature Algorithm: sha256WithRSAEncryption
1d:83:e7:1f:d6:97:d5:99:df:b8:f8:30:f3:20:25:66:8e:78:
69:7d:65:f3:3d:74:c1:58:5e:f2:40:40:46:21:eb:ff:4d:4b:
c7:15:bb:d5:5b:47:9c:5b:bb:6f:7b:1f:48:03:9f:35:22:44:
fa:99:7d:23:ae:f1:fa:f8:95:af:d7:d6:e6:22:b1:ea:59:4c:
3e:3f:e7:a2:6d:9e:81:d6:cc:c9:3e:38:a2:98:28:fa:98:5f:
50:63:78:ce:68:ee:fa:e8:3f:d8:3a:68:38:6e:b4:8f:3a:64:
55:0f:62:f4:0e:21:00:39:c3:02:e4:1d:bf:e9:27:38:96:56:
84:2d:32:7c:61:89:1c:99:12:7d:31:99:88:37:c6:40:51:7c:
5a:8a:f9:90:88:26:11:40:9a:0b:10:7e:e2:f7:99:50:3f:6a:
b8:90:a1:4c:0a:07:54:52:fa:5d:40:cc:fc:88:bd:24:2b:e9:
69:52:b5:ae:47:ae:ca:f2:bb:0a:4f:26:8d:1c:b8:db:c1:af:
27:99:85:8d:68:b7:3f:e7:53:93:3b:9d:a0:de:f5:c5:d6:75:
d8:ed:f8:6a:6e:78:8a:ae:a9:45:75:f8:11:42:54:80:c3:00:
e6:e8:bf:3c:a6:b6:9e:74:a7:65:5b:81:67:96:f4:f1:af:03:
97:be:bc:cd
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOcdMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjIwMDgyMjQwWhcNMjUwMzIzMDgyMjQwWjAYMRYw
FAYDVQQDEw02NzY1Mjk1My1mOTIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5Xjq9mNBLzB4Lr6fVQCMkBLpIBlA5oimPLCCQgUgs1i76ZuFtK+Ej31K
K6JuNBK6IARMWZGbvNi/CUVgugteZnQgUvIpWY7g/ZL5k7q5f/+QWyqEMZ/A+usy
CdqkXnQfbu7tOLRyanc8pOGA7d6QUkj6OXrVYvWvcW7OMQxpDNf/OnbwBsbdeePw
6bBM4pq01vKfExKvM3nOBQyG+q9t0ZFTPNp82vpGseOTh5RMGm27vTUBHoNUdv7X
Gfsfg9PIXvRy3oSQn2jKEFQBYDdLXuKheMT3x6RHq7CL8Z6YSrn/C1NfHuG0KdX4
Fn7CyXcRbUuV6uPiCBow724bm5I4awIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKWU
ENKuh5FzQ+7sKrRKuHfBzPY/MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85NUJFMkJGQ0JFQUIxMUVGQkFEQThEQjQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnOPQMA0GCSqGSIb3DQEBCwUA
A4IBAQAdg+cf1pfVmd+4+DDzICVmjnhpfWXzPXTBWF7yQEBGIev/TUvHFbvVW0ec
W7tvex9IA581IkT6mX0jrvH6+JWv19bmIrHqWUw+P+eibZ6B1szJPjiimCj6mF9Q
Y3jOaO766D/YOmg4brSPOmRVD2L0DiEAOcMC5B2/6Sc4llaELTJ8YYkcmRJ9MZmI
N8ZAUXxaivmQiCYRQJoLEH7i95lQP2q4kKFMCgdUUvpdQMz8iL0kK+lpUrWuR67K
8rsKTyaNHLjbwa8nmYWNaLc/51OTO52g3vXF1nXY7fhqbniKrqlFdfgRQlSAwwDm
6L88praedKdlW4FnlvTxrwOXvrzN
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:56:57 2025 by rpki-client