Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9F564FC4D24111EF856F4C8D762E951A.roa
File: 9F564FC4D24111EF856F4C8D762E951A.roa (raw, json)
Hash identifier: F6/yzz1rw9XCm8XIx7pyP+hxixl0wyK96A2HyHpntag=
Subject key identifier: 31:B8:5D:C1:0B:65:18:63:9E:85:A5:2A:DB:EC:B1:A2:21:51:53:E3
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0106B0
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9F564FC4D24111EF856F4C8D762E951A.roa
Signing time: Tue 14 Jan 2025 06:34:36 +0000
ROA not before: Tue 14 Jan 2025 06:34:32 +0000
ROA not after: Thu 15 May 2025 06:34:32 +0000
asID: 18013
IP address blocks: 156.224.28.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67248 (0x106b0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 14 06:34:32 2025 GMT
Not After : May 15 06:34:32 2025 GMT
Subject: CN=6786057c-fca0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:86:b6:d8:a3:47:c9:ea:af:24:f6:f2:78:fa:
b0:d1:bd:87:dd:91:70:fb:2d:c6:56:c5:17:fb:68:
d4:d9:b7:b6:cc:41:48:d2:79:7b:d9:ce:7b:32:7f:
f7:48:11:ae:5f:93:90:ee:51:9b:5d:5e:00:14:62:
d4:30:4e:91:e7:55:8c:cd:fe:39:0a:a4:ed:f7:19:
f1:69:03:ab:b8:ea:cf:03:73:87:46:5e:9d:a0:0f:
2f:61:d0:62:48:d3:6d:e6:05:cd:64:7e:40:b5:93:
96:46:f9:cd:0c:d0:96:ff:69:46:4f:de:54:2b:e3:
25:11:95:c9:56:55:b1:1e:2d:dd:ca:e6:f4:ed:e4:
fb:8c:47:b3:96:70:a9:40:28:1f:a2:4d:de:db:c6:
f7:35:07:1b:8a:d4:19:ce:3a:42:c1:4f:0c:89:37:
03:d7:ca:ea:1a:3f:c7:ef:bd:d9:31:f5:cf:69:64:
bb:ff:db:33:7c:fa:50:ff:08:51:b8:82:0d:f7:93:
c9:0a:ab:91:74:fa:6b:39:f1:70:1d:0c:8e:a6:75:
18:c8:3a:da:f2:20:da:aa:5d:eb:25:f1:49:d3:10:
c7:46:87:1e:75:bd:e0:e3:12:10:de:cf:82:65:e3:
65:26:62:52:da:8f:f8:3c:4b:bc:d5:77:c9:21:2d:
c8:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:B8:5D:C1:0B:65:18:63:9E:85:A5:2A:DB:EC:B1:A2:21:51:53:E3
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9F564FC4D24111EF856F4C8D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.224.28.0/23
Signature Algorithm: sha256WithRSAEncryption
0d:84:9f:88:0b:d4:cd:2e:a0:32:76:0a:14:0f:1a:04:7c:4f:
b8:d3:71:b4:b9:3e:63:8c:a0:03:bd:aa:f8:6a:18:66:68:19:
2c:e4:3b:ae:da:d5:a8:8c:bf:8c:63:1c:14:b1:bd:07:37:93:
e0:67:52:f2:dc:46:e2:97:e1:61:30:c7:c9:74:3d:0c:1a:14:
bc:58:fa:2c:ff:d4:06:c7:14:0b:a7:aa:60:de:66:6a:d5:cc:
a0:e0:8a:50:4e:b7:33:fa:0d:08:7a:a9:19:6a:bc:1d:cb:36:
3b:72:7d:a4:5b:8e:85:d8:ec:c4:b8:92:95:5d:a7:3f:bd:b9:
59:e8:84:76:42:e6:9f:d8:27:24:8f:1e:39:43:8a:10:46:97:
d4:b9:d4:4b:b4:37:f5:ac:74:e1:3a:f7:d4:b9:e2:b1:c4:7d:
56:fe:5f:98:67:70:02:ce:eb:cc:42:7e:dd:0a:f6:43:b8:af:
2a:41:4d:2e:9e:66:7b:0d:1d:f0:71:0e:bd:f0:64:81:bd:6f:
18:6f:bd:62:ca:56:51:35:c1:a3:8a:a8:e9:37:e9:e6:08:8d:
14:e2:32:46:ab:62:8d:cd:04:ee:f8:dc:4d:be:e1:aa:84:98:
1e:52:00:94:05:e6:97:20:3f:b0:fc:d1:93:9a:a9:4a:aa:27:
be:4f:01:ee
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQawMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE0MDYzNDMyWhcNMjUwNTE1MDYzNDMyWjAYMRYw
FAYDVQQDEw02Nzg2MDU3Yy1mY2EwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqoa22KNHyeqvJPbyePqw0b2H3ZFw+y3GVsUX+2jU2be2zEFI0nl72c57
Mn/3SBGuX5OQ7lGbXV4AFGLUME6R51WMzf45CqTt9xnxaQOruOrPA3OHRl6doA8v
YdBiSNNt5gXNZH5AtZOWRvnNDNCW/2lGT95UK+MlEZXJVlWxHi3dyub07eT7jEez
lnCpQCgfok3e28b3NQcbitQZzjpCwU8MiTcD18rqGj/H773ZMfXPaWS7/9szfPpQ
/whRuIIN95PJCquRdPprOfFwHQyOpnUYyDra8iDaql3rJfFJ0xDHRocedb3g4xIQ
3s+CZeNlJmJS2o/4PEu81XfJIS3IEQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDG4
XcELZRhjnoWlKtvssaIhUVPjMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85RjU2NEZDNEQyNDExMUVGODU2RjRDOEQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnOAcMA0GCSqGSIb3DQEBCwUA
A4IBAQANhJ+IC9TNLqAydgoUDxoEfE+403G0uT5jjKADvar4ahhmaBks5Duu2tWo
jL+MYxwUsb0HN5PgZ1Ly3Ebil+FhMMfJdD0MGhS8WPos/9QGxxQLp6pg3mZq1cyg
4IpQTrcz+g0IeqkZarwdyzY7cn2kW46F2OzEuJKVXac/vblZ6IR2Quaf2Cckjx45
Q4oQRpfUudRLtDf1rHThOvfUueKxxH1W/l+YZ3ACzuvMQn7dCvZDuK8qQU0unmZ7
DR3wcQ698GSBvW8Yb71iylZRNcGjiqjpN+nmCI0U4jJGq2KNzQTu+NxNvuGqhJge
UgCUBeaXID+w/NGTmqlKqie+TwHu
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:57:12 2025 by rpki-client