Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A8B3304CE00011EFB3F72AB4762E951A.roa
File: A8B3304CE00011EFB3F72AB4762E951A.roa (raw, json)
Hash identifier: +PZb8EMn9vJO1EcLWj8mzpgicsHkoFAop7Xuea+pJro=
Subject key identifier: 73:D3:89:26:66:B4:3D:F9:63:F4:A9:EE:40:B1:7F:85:5F:CC:ED:85
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0116E5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A8B3304CE00011EFB3F72AB4762E951A.roa
Signing time: Fri 31 Jan 2025 18:24:51 +0000
ROA not before: Fri 31 Jan 2025 18:24:47 +0000
ROA not after: Tue 04 Mar 2025 18:24:47 +0000
asID: 213636
IP address blocks: 156.229.236.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 04 Feb 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 71397 (0x116e5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 31 18:24:47 2025 GMT
Not After : Mar 4 18:24:47 2025 GMT
Subject: CN=679d1573-1444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:d4:31:51:36:39:b5:8a:c1:73:7c:56:93:1b:
b3:cc:fa:20:9a:6e:57:46:7d:cf:42:27:68:41:a2:
1b:3b:a6:ba:4a:49:a3:d1:53:da:fe:cc:1d:c5:d0:
c5:b1:7b:b1:ba:e0:bb:a0:89:97:e8:cb:07:ea:7e:
6b:41:e3:43:8b:7b:8c:b6:75:ca:6a:1a:53:01:b6:
80:1b:d2:34:f0:45:cf:e2:8a:b3:33:48:3d:79:67:
46:d0:6b:97:63:d1:bd:9b:2a:e3:23:9e:df:98:59:
c8:9e:05:e9:78:24:80:f9:73:d9:80:e6:24:71:95:
92:13:ff:7f:54:31:0e:fe:ad:d9:27:d9:3a:2d:0f:
4d:35:f0:05:4e:70:b5:a3:99:84:17:37:88:b3:24:
fa:51:fd:ff:23:76:c1:d3:11:14:af:be:ab:47:f6:
9b:cd:d6:9e:fa:b8:f7:e5:79:49:21:a8:48:bc:38:
d8:42:1a:cb:f4:0f:da:a4:9d:e5:87:9b:c6:c9:24:
d6:25:b6:5a:36:64:1a:47:63:ec:4d:df:e3:e5:0f:
16:48:28:11:70:2a:20:6f:20:54:36:ee:98:b9:30:
e8:12:a2:d2:ef:2b:b0:f2:b6:78:02:d9:c9:1e:d5:
c4:5f:de:84:a9:a4:95:be:46:20:9f:8a:85:f7:a6:
8a:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:D3:89:26:66:B4:3D:F9:63:F4:A9:EE:40:B1:7F:85:5F:CC:ED:85
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A8B3304CE00011EFB3F72AB4762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.236.0/24
Signature Algorithm: sha256WithRSAEncryption
62:b2:5a:8e:86:60:d3:d6:10:9e:61:38:b7:0e:e3:e5:e0:50:
35:8b:c2:44:c9:66:11:e9:f3:87:42:dc:28:8d:cc:0a:96:64:
b9:df:9c:b3:a6:02:26:d8:3f:fe:d8:21:f1:a7:62:20:d4:57:
b7:2e:bd:94:94:70:7e:0d:c9:7e:54:3a:8d:36:26:d0:c4:c7:
50:0e:57:46:f9:d6:e6:19:e4:f2:09:8e:16:8c:ee:9f:43:16:
be:e6:0e:d0:0a:82:38:b3:d2:7a:d2:4d:7d:c1:4f:0a:04:fa:
45:20:d9:4a:8d:d4:86:9f:c3:26:01:da:41:af:af:f2:1b:24:
67:2e:1d:82:4a:dd:bb:6a:5c:56:bb:58:be:00:17:c9:7e:8c:
17:f5:6b:1f:a1:5c:d9:07:51:b2:68:19:17:c3:2e:2a:11:78:
0a:2d:14:38:cd:29:61:04:55:b9:1f:e1:1c:29:76:85:5b:15:
73:00:72:35:ab:55:b0:74:ee:7f:e5:27:95:ae:28:b3:28:47:
b8:78:c0:a2:e9:00:41:fa:a9:ec:2c:8f:5d:f9:7c:0b:76:ef:
ed:e1:c5:4d:ea:f3:39:93:19:90:1b:ab:31:cb:85:20:d9:3c:
23:2d:8f:b2:ca:8a:35:91:07:c8:fa:8d:4f:86:af:30:d0:c8:
1b:3a:ca:f9
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDARblMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTMxMTgyNDQ3WhcNMjUwMzA0MTgyNDQ3WjAYMRYw
FAYDVQQDEw02NzlkMTU3My0xNDQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAntQxUTY5tYrBc3xWkxuzzPogmm5XRn3PQidoQaIbO6a6Skmj0VPa/swd
xdDFsXuxuuC7oImX6MsH6n5rQeNDi3uMtnXKahpTAbaAG9I08EXP4oqzM0g9eWdG
0GuXY9G9myrjI57fmFnIngXpeCSA+XPZgOYkcZWSE/9/VDEO/q3ZJ9k6LQ9NNfAF
TnC1o5mEFzeIsyT6Uf3/I3bB0xEUr76rR/abzdae+rj35XlJIahIvDjYQhrL9A/a
pJ3lh5vGySTWJbZaNmQaR2PsTd/j5Q8WSCgRcCogbyBUNu6YuTDoEqLS7yuw8rZ4
AtnJHtXEX96EqaSVvkYgn4qF96aKSQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHPT
iSZmtD35Y/Sp7kCxf4VfzO2FMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BOEIzMzA0Q0UwMDAxMUVGQjNGNzJBQjQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOXsMA0GCSqGSIb3DQEBCwUA
A4IBAQBislqOhmDT1hCeYTi3DuPl4FA1i8JEyWYR6fOHQtwojcwKlmS535yzpgIm
2D/+2CHxp2Ig1Fe3Lr2UlHB+Dcl+VDqNNibQxMdQDldG+dbmGeTyCY4WjO6fQxa+
5g7QCoI4s9J60k19wU8KBPpFINlKjdSGn8MmAdpBr6/yGyRnLh2CSt27alxWu1i+
ABfJfowX9WsfoVzZB1GyaBkXwy4qEXgKLRQ4zSlhBFW5H+EcKXaFWxVzAHI1q1Ww
dO5/5SeVriizKEe4eMCi6QBB+qnsLI9d+XwLdu/t4cVN6vM5kxmQG6sxy4Ug2Twj
LY+yyoo1kQfI+o1Phq8w0MgbOsr5
-----END CERTIFICATE-----
Generated at Sun Feb 2 16:04:09 2025 by rpki-client