Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9AFBD6FAC31F11EF94E07451762E951A.roa
File: 9AFBD6FAC31F11EF94E07451762E951A.roa (raw, json)
Hash identifier: fP7j9GXVzi+TYAfnWeefxUe0SrMGH0QnQDTPTbF3LzM=
Subject key identifier: B6:2C:3B:3D:8C:EB:B3:7A:11:81:AA:FB:89:8B:4A:5E:8D:43:9A:D0
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EA0F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9AFBD6FAC31F11EF94E07451762E951A.roa
Signing time: Thu 26 Dec 2024 00:23:18 +0000
ROA not before: Thu 26 Dec 2024 00:00:15 +0000
ROA not after: Wed 10 Dec 2025 00:00:15 +0000
asID: 984
IP address blocks: 156.228.214.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59919 (0xea0f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 00:00:15 2024 GMT
Not After : Dec 10 00:00:15 2025 GMT
Subject: CN=676ca1f6-e8ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:fc:0a:a3:aa:03:0b:23:93:3a:1d:35:ae:ce:
71:66:18:df:f1:91:40:1f:65:7c:c8:a5:21:fb:ae:
5b:59:de:45:11:89:18:2e:57:c0:93:50:ff:cf:f7:
13:3f:22:7b:04:94:eb:62:51:12:c0:9a:49:e3:1c:
65:20:6a:f6:21:2b:f5:63:76:6e:7d:c7:ce:84:8a:
b5:7c:00:e0:cc:8f:f9:35:60:29:95:cf:ea:9b:be:
00:6d:0e:25:a3:33:ac:09:ff:a8:30:f9:80:5d:e3:
eb:4f:e4:4e:f5:1c:29:70:6f:36:76:c6:c1:bf:74:
19:e1:38:97:93:75:72:bd:55:84:4c:d7:11:1c:5c:
b3:ab:9f:cb:9a:3f:c3:ca:d9:9a:0b:43:6d:06:a3:
03:7f:5f:67:17:b1:91:ee:07:54:cc:39:31:ba:15:
6e:85:e0:59:63:32:a5:b8:2f:0c:f5:bc:38:93:23:
c5:bc:82:6e:8a:29:a5:63:2e:49:fa:bf:47:5b:9d:
7e:05:de:e0:a8:45:e6:b1:6f:84:46:6c:67:96:e9:
7a:f1:aa:c8:2b:3c:1e:91:ea:7c:a5:a8:27:53:52:
06:b3:2e:07:98:e8:05:d0:56:d3:7f:4d:eb:ef:6c:
20:73:90:05:db:e1:90:4c:c8:50:f1:20:1f:ef:48:
70:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:2C:3B:3D:8C:EB:B3:7A:11:81:AA:FB:89:8B:4A:5E:8D:43:9A:D0
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9AFBD6FAC31F11EF94E07451762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.214.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:da:e5:84:75:47:36:d5:6a:8d:e8:f0:b6:7c:4f:b2:ed:87:
99:28:eb:8f:63:c6:26:bd:94:5c:69:d3:96:73:47:ce:7a:e5:
53:c1:06:1e:bf:34:fc:88:71:89:24:8f:85:6d:fa:d6:c8:6f:
e1:b3:ea:60:ff:e7:f7:62:7b:ac:dd:25:be:80:a1:4a:9c:c3:
67:7d:dd:96:c2:d7:78:94:3f:31:5b:18:27:45:77:94:ca:ea:
ea:b1:71:bf:0f:9b:e5:b1:42:b4:1c:dc:fd:e3:62:e8:0b:2f:
0f:5c:6e:1b:da:24:eb:67:ec:1f:1b:3a:9a:25:ee:f4:e3:a1:
21:a6:2e:98:f4:07:12:08:f0:74:24:38:50:cb:ad:e1:08:b6:
c6:50:60:af:17:af:a8:a2:ba:c0:a4:33:2b:86:3a:d4:4b:31:
68:5e:c9:32:f7:6c:ac:70:5d:56:f6:6e:64:67:e3:7b:f7:8f:
64:3d:83:13:0b:e4:b6:a6:8b:95:19:1c:ff:bb:ba:b3:46:11:
6e:b6:d5:0a:b4:de:d9:69:e0:9f:a6:6d:46:b4:1c:59:c0:2a:
03:90:f9:9f:b6:ce:16:91:70:76:19:34:9e:32:f2:d1:8c:af:
ba:04:43:63:51:54:a8:1e:ed:bd:95:74:ed:1e:09:c1:91:ae:
e4:64:c5:1c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOoPMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDAwMDE1WhcNMjUxMjEwMDAwMDE1WjAYMRYw
FAYDVQQDEw02NzZjYTFmNi1lOGVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAs/wKo6oDCyOTOh01rs5xZhjf8ZFAH2V8yKUh+65bWd5FEYkYLlfAk1D/
z/cTPyJ7BJTrYlESwJpJ4xxlIGr2ISv1Y3ZufcfOhIq1fADgzI/5NWAplc/qm74A
bQ4lozOsCf+oMPmAXePrT+RO9RwpcG82dsbBv3QZ4TiXk3VyvVWETNcRHFyzq5/L
mj/DytmaC0NtBqMDf19nF7GR7gdUzDkxuhVuheBZYzKluC8M9bw4kyPFvIJuiiml
Yy5J+r9HW51+Bd7gqEXmsW+ERmxnlul68arIKzwekep8pagnU1IGsy4HmOgF0FbT
f03r72wgc5AF2+GQTMhQ8SAf70hwCwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLYs
Oz2M67N6EYGq+4mLSl6NQ5rQMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85QUZCRDZGQUMzMUYxMUVGOTRFMDc0NTE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOTWMA0GCSqGSIb3DQEBCwUA
A4IBAQCt2uWEdUc21WqN6PC2fE+y7YeZKOuPY8YmvZRcadOWc0fOeuVTwQYevzT8
iHGJJI+FbfrWyG/hs+pg/+f3Ynus3SW+gKFKnMNnfd2Wwtd4lD8xWxgnRXeUyurq
sXG/D5vlsUK0HNz942LoCy8PXG4b2iTrZ+wfGzqaJe7046Ehpi6Y9AcSCPB0JDhQ
y63hCLbGUGCvF6+oorrApDMrhjrUSzFoXsky92yscF1W9m5kZ+N7949kPYMTC+S2
pouVGRz/u7qzRhFuttUKtN7ZaeCfpm1GtBxZwCoDkPmfts4WkXB2GTSeMvLRjK+6
BENjUVSoHu29lXTtHgnBka7kZMUc
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:54:31 2025 by rpki-client