Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AA4C3878D2E911EFAB703BB3762E951A.roa
File: AA4C3878D2E911EFAB703BB3762E951A.roa (raw, json)
Hash identifier: HIrOeTMHS14BU780RXnQbnDVOknppiKnl41RLTeewHM=
Subject key identifier: 6B:95:37:13:39:4A:1D:AA:B7:31:30:A6:2E:A2:30:87:D9:8A:D9:6D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01074D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AA4C3878D2E911EFAB703BB3762E951A.roa
Signing time: Wed 15 Jan 2025 02:37:30 +0000
ROA not before: Wed 15 Jan 2025 02:37:26 +0000
ROA not after: Mon 03 Jan 2028 02:37:26 +0000
asID: 17561
IP address blocks: 156.226.236.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67405 (0x1074d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 15 02:37:26 2025 GMT
Not After : Jan 3 02:37:26 2028 GMT
Subject: CN=67871f6a-33aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:3f:d9:da:27:cf:49:bc:a9:0a:56:89:48:f9:
d4:3a:f8:2b:35:0d:69:33:ab:ad:06:52:e1:25:05:
ae:07:c4:62:0c:2e:e3:1f:2b:47:23:5a:0e:cc:b7:
79:28:0f:d2:c5:3d:64:81:86:b3:76:ca:cf:d9:ee:
35:93:24:c2:c4:aa:cc:54:24:f7:85:10:1f:cb:9d:
06:14:63:67:ab:3b:fc:09:d4:86:d7:91:8b:ba:4d:
00:cb:ca:fb:97:18:47:8f:f5:d4:7c:c6:13:e8:e0:
8f:a6:88:50:4f:79:47:29:60:cf:fa:da:78:1d:c1:
de:dc:ae:c3:d7:fd:76:1f:18:29:f3:1a:af:63:45:
e8:31:dc:b3:2d:fa:e4:f9:4d:53:fd:2a:1a:06:c1:
4f:1c:8b:df:14:79:61:78:42:79:56:20:3b:18:30:
5b:e0:df:41:a5:f3:50:31:de:01:2e:ae:5d:d8:b5:
f9:22:6d:3c:d6:19:29:88:a6:ff:f7:5a:bc:af:7d:
6e:5c:54:7d:04:7a:46:31:64:61:4e:43:25:95:7d:
f7:c5:a7:60:52:cc:f3:c6:1d:83:9c:36:c5:62:4a:
90:27:a4:25:6e:ef:f6:65:17:e3:cf:a1:3e:bf:f6:
e4:fc:a9:7a:70:ec:2b:d2:b2:56:23:13:48:f7:12:
a9:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:95:37:13:39:4A:1D:AA:B7:31:30:A6:2E:A2:30:87:D9:8A:D9:6D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AA4C3878D2E911EFAB703BB3762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.226.236.0/24
Signature Algorithm: sha256WithRSAEncryption
58:a6:9d:b3:e9:76:eb:be:07:13:4c:7a:1b:bb:41:6e:20:60:
90:0a:df:13:72:0d:6b:7c:ae:4f:fd:07:2b:08:9b:a1:a3:95:
83:a4:14:3b:bf:dc:44:1c:c1:38:16:4b:c9:f9:75:55:8f:24:
19:e2:99:37:a5:86:fe:16:62:dc:e8:18:5d:e3:b8:ef:c2:30:
8b:40:db:79:12:fe:06:7f:40:7b:97:8a:91:e6:d2:90:6c:b2:
87:e3:e0:97:98:d2:90:8e:78:5d:fa:7c:e0:92:78:15:90:45:
72:11:ae:7b:02:e8:03:ef:0a:7b:b7:a9:02:e9:11:4c:5f:d5:
68:a0:73:cc:a0:e6:f0:22:ee:24:ae:40:21:23:e0:a5:58:74:
f8:e6:b3:86:62:a9:9e:bb:c2:0b:48:76:9d:8a:03:cd:29:00:
43:31:1f:a6:a3:a4:63:54:2e:b1:9e:a6:86:3a:68:55:20:3d:
ec:bf:a7:b8:0b:f8:c7:81:f0:d4:77:ff:e0:c0:07:cd:a4:70:
35:b7:98:ab:35:9f:32:0b:7e:ce:ba:7d:75:49:40:77:b5:4d:
35:1e:af:d6:ce:94:28:a0:e0:93:62:d8:d4:8f:5f:b0:3b:b6:
0e:cf:cc:ae:34:ed:ab:b8:8a:b8:b3:55:4b:90:40:78:68:94:
d1:5f:93:6f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQdNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE1MDIzNzI2WhcNMjgwMTAzMDIzNzI2WjAYMRYw
FAYDVQQDEw02Nzg3MWY2YS0zM2FhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzz/Z2ifPSbypClaJSPnUOvgrNQ1pM6utBlLhJQWuB8RiDC7jHytHI1oO
zLd5KA/SxT1kgYazdsrP2e41kyTCxKrMVCT3hRAfy50GFGNnqzv8CdSG15GLuk0A
y8r7lxhHj/XUfMYT6OCPpohQT3lHKWDP+tp4HcHe3K7D1/12Hxgp8xqvY0XoMdyz
Lfrk+U1T/SoaBsFPHIvfFHlheEJ5ViA7GDBb4N9BpfNQMd4BLq5d2LX5Im081hkp
iKb/91q8r31uXFR9BHpGMWRhTkMllX33xadgUszzxh2DnDbFYkqQJ6Qlbu/2ZRfj
z6E+v/bk/Kl6cOwr0rJWIxNI9xKp6QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGuV
NxM5Sh2qtzEwpi6iMIfZitltMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BQTRDMzg3OEQyRTkxMUVGQUI3MDNCQjM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOLsMA0GCSqGSIb3DQEBCwUA
A4IBAQBYpp2z6XbrvgcTTHobu0FuIGCQCt8Tcg1rfK5P/QcrCJuho5WDpBQ7v9xE
HME4FkvJ+XVVjyQZ4pk3pYb+FmLc6Bhd47jvwjCLQNt5Ev4Gf0B7l4qR5tKQbLKH
4+CXmNKQjnhd+nzgkngVkEVyEa57AugD7wp7t6kC6RFMX9VooHPMoObwIu4krkAh
I+ClWHT45rOGYqmeu8ILSHadigPNKQBDMR+mo6RjVC6xnqaGOmhVID3sv6e4C/jH
gfDUd//gwAfNpHA1t5irNZ8yC37Oun11SUB3tU01Hq/WzpQooOCTYtjUj1+wO7YO
z8yuNO2ruIq4s1VLkEB4aJTRX5Nv
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:56:41 2025 by rpki-client