Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9785B556C32211EF8BA69963762E951A.roa
File: 9785B556C32211EF8BA69963762E951A.roa (raw, json)
Hash identifier: HTXge8fTQKKqHPIxDR64/aDHQ2jpVqrl5xFQAQfthPs=
Subject key identifier: 89:0E:A1:0B:53:AE:A7:BB:2D:96:7A:EE:97:EE:FA:C8:39:1D:B9:A7
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EA37
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9785B556C32211EF8BA69963762E951A.roa
Signing time: Thu 26 Dec 2024 00:44:41 +0000
ROA not before: Thu 26 Dec 2024 00:00:37 +0000
ROA not after: Sat 01 Mar 2025 00:00:37 +0000
asID: 984
IP address blocks: 156.228.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59959 (0xea37)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 00:00:37 2024 GMT
Not After : Mar 1 00:00:37 2025 GMT
Subject: CN=676ca6f9-f638
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:da:77:c2:32:e5:9e:9e:ef:0d:4e:da:2f:db:
60:14:ea:ae:17:d4:1e:2f:80:fe:9e:91:b2:de:57:
b0:0f:f2:31:c6:0e:33:7a:92:83:d9:db:14:2e:4e:
6c:a7:02:37:11:c6:85:7c:90:9f:eb:1e:e4:79:fd:
e3:d0:b5:fc:64:26:fc:40:d3:35:61:98:8c:8d:ee:
61:13:3b:dd:38:fb:4a:4f:c1:76:81:3a:28:2c:e0:
ce:dd:b5:cd:8e:ec:47:cf:6c:1d:cc:2f:5e:83:b8:
b8:9f:46:ab:bf:b6:af:09:28:73:3d:5b:5d:e6:0f:
d0:88:87:3d:08:c0:c0:4a:c2:34:7e:7b:bb:2a:f9:
05:96:bc:2a:43:7d:12:46:eb:c9:70:4f:24:13:5d:
8d:56:d8:7d:d5:b9:6d:d9:0b:0c:33:67:07:2f:de:
fc:a6:00:f5:cf:e4:53:5b:cf:47:a7:26:74:1b:8c:
9c:ed:a5:83:fe:c4:b5:9c:37:40:ae:98:04:11:f9:
79:c7:e9:1d:35:07:c2:3e:3c:6d:d5:9f:27:1e:26:
84:46:97:ad:ff:24:a1:d0:89:7b:1d:e7:96:87:71:
a3:c4:0a:ee:3f:96:80:49:46:57:33:5f:a0:56:56:
c4:ab:ea:02:f5:54:0c:37:ee:8c:72:83:0d:c1:db:
44:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:0E:A1:0B:53:AE:A7:BB:2D:96:7A:EE:97:EE:FA:C8:39:1D:B9:A7
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9785B556C32211EF8BA69963762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.0.0/16
Signature Algorithm: sha256WithRSAEncryption
27:7f:2b:ea:92:50:99:4e:62:cc:d9:cd:1d:d3:4a:55:79:13:
f8:95:7c:7c:1e:3c:60:c5:e5:cc:10:48:9c:01:e1:f1:d6:d4:
63:cd:90:45:b1:f6:7a:8f:1c:c9:9d:bc:1b:27:81:12:1a:ba:
fe:77:bc:cd:f4:f2:98:86:98:1d:84:77:6d:b3:11:c5:97:73:
d5:62:62:be:34:76:47:0c:bd:26:4c:a5:05:f5:60:5f:b8:f1:
59:4f:1e:77:84:98:d9:ee:37:1c:2c:cd:88:83:ac:4a:b6:e6:
d7:17:44:43:72:d3:24:96:c1:46:80:32:dd:13:ff:97:7f:1c:
6d:5b:93:94:1a:f5:fd:0f:80:4d:6a:17:dc:2f:dd:5c:6c:68:
26:89:b7:80:c8:2b:99:9c:95:3d:0b:b7:88:81:c2:50:f4:7e:
21:cb:c5:22:fb:73:2e:67:ef:04:97:ad:35:34:9d:ea:31:50:
68:f4:1e:1f:5f:43:c9:f0:89:61:cf:b8:29:bd:eb:34:04:52:
41:32:ee:4d:c4:97:02:f3:60:07:7f:f0:4c:09:0b:ec:99:bc:
1d:c6:d0:5d:79:92:60:d6:61:dc:41:e5:ae:f6:ac:e1:cb:01:
e8:4d:d7:af:05:6b:53:73:c3:70:42:0f:55:4c:0c:ad:ae:15:
2c:1f:64:0a
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgIDAOo3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDAwMDM3WhcNMjUwMzAxMDAwMDM3WjAYMRYw
FAYDVQQDEw02NzZjYTZmOS1mNjM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAttp3wjLlnp7vDU7aL9tgFOquF9QeL4D+npGy3lewD/Ixxg4zepKD2dsU
Lk5spwI3EcaFfJCf6x7kef3j0LX8ZCb8QNM1YZiMje5hEzvdOPtKT8F2gTooLODO
3bXNjuxHz2wdzC9eg7i4n0arv7avCShzPVtd5g/QiIc9CMDASsI0fnu7KvkFlrwq
Q30SRuvJcE8kE12NVth91blt2QsMM2cHL978pgD1z+RTW89HpyZ0G4yc7aWD/sS1
nDdArpgEEfl5x+kdNQfCPjxt1Z8nHiaERpet/ySh0Il7HeeWh3GjxAruP5aASUZX
M1+gVlbEq+oC9VQMN+6McoMNwdtEzwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFIkO
oQtTrqe7LZZ67pfu+sg5HbmnMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85Nzg1QjU1NkMzMjIxMUVGOEJBNjk5NjM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAnOQwDQYJKoZIhvcNAQELBQAD
ggEBACd/K+qSUJlOYszZzR3TSlV5E/iVfHwePGDF5cwQSJwB4fHW1GPNkEWx9nqP
HMmdvBsngRIauv53vM308piGmB2Ed22zEcWXc9ViYr40dkcMvSZMpQX1YF+48VlP
HneEmNnuNxwszYiDrEq25tcXRENy0ySWwUaAMt0T/5d/HG1bk5Qa9f0PgE1qF9wv
3VxsaCaJt4DIK5mclT0Lt4iBwlD0fiHLxSL7cy5n7wSXrTU0neoxUGj0Hh9fQ8nw
iWHPuCm96zQEUkEy7k3ElwLzYAd/8EwJC+yZvB3G0F15kmDWYdxB5a72rOHLAehN
168Fa1Nzw3BCD1VMDK2uFSwfZAo=
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:58:50 2025 by rpki-client