Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/ABA7F374C28B11EFA7515CBC762E951A.roa
File: ABA7F374C28B11EFA7515CBC762E951A.roa (raw, json)
Hash identifier: JCk2UJ5fUkTpJcxrXErzS8VP6HmPMLlVee3dGcttvJk=
Subject key identifier: 08:F7:88:82:16:47:45:7A:BA:74:DA:DF:90:1C:26:53:E5:65:DA:AD
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E96B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/ABA7F374C28B11EFA7515CBC762E951A.roa
Signing time: Wed 25 Dec 2024 06:44:21 +0000
ROA not before: Wed 25 Dec 2024 06:44:17 +0000
ROA not after: Wed 10 Dec 2025 06:44:17 +0000
asID: 984
IP address blocks: 156.228.205.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59755 (0xe96b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 25 06:44:17 2024 GMT
Not After : Dec 10 06:44:17 2025 GMT
Subject: CN=676ba9c5-baf9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:6e:f0:99:a2:ec:2e:d4:8a:96:2b:40:39:26:
40:66:f2:ed:b4:d5:82:45:1e:b5:43:27:3a:58:0c:
4f:f5:ac:3c:dd:6b:bc:61:e4:14:9c:9d:2e:06:d9:
db:38:02:15:20:69:d5:53:9e:aa:9a:b6:56:28:aa:
a6:5d:b2:4b:c4:d9:18:f9:ef:72:23:4a:ca:08:ea:
2e:57:aa:24:1d:25:bf:c8:ca:c7:b2:aa:01:41:fa:
a1:7f:84:a2:7d:6a:72:4d:6c:c9:a4:f0:24:93:d3:
d1:fc:76:47:97:ac:cb:e7:7f:61:38:fe:5e:65:99:
3f:56:63:b1:c2:40:73:55:20:7b:94:02:77:12:7e:
9e:ce:aa:41:1c:09:c8:92:d7:cf:aa:1e:b9:0e:f1:
46:41:69:80:22:6d:f2:d4:3a:e1:43:c5:59:c0:42:
9f:ea:82:c4:82:02:4c:bc:09:1f:18:94:9d:b8:bd:
77:b9:22:21:5a:fd:6e:f1:cb:bb:a0:7d:0b:26:9b:
1a:36:36:ae:28:18:c7:50:6e:7d:85:28:b7:ad:11:
8d:9e:b0:6e:fd:05:fc:2f:b1:0e:d9:03:e1:37:4b:
7b:d7:91:f9:e7:9f:cc:1e:33:ac:a7:85:0b:8c:cc:
9d:ea:b0:52:9f:5b:b0:77:eb:15:d1:4c:9d:82:e2:
1b:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:F7:88:82:16:47:45:7A:BA:74:DA:DF:90:1C:26:53:E5:65:DA:AD
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/ABA7F374C28B11EFA7515CBC762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.205.0/24
Signature Algorithm: sha256WithRSAEncryption
06:fa:20:57:ba:bf:1b:0e:35:f1:5e:a1:0f:0f:50:16:d1:12:
3f:47:48:7f:5f:3b:bb:eb:87:83:93:09:41:05:08:0f:a9:70:
11:d6:b4:5f:76:0b:fb:34:00:8c:05:74:0b:85:0c:8e:5e:d0:
58:82:40:63:b0:e1:f1:47:8a:e4:a4:ab:49:c4:6a:0e:ba:a0:
89:c6:cb:fe:40:74:6b:07:54:45:b9:42:5b:d1:bf:c3:78:48:
73:38:e6:7b:0e:44:45:a8:b1:86:23:de:0e:2a:e5:b6:27:51:
15:2d:83:7e:4c:48:9e:00:41:81:13:69:bf:88:09:3d:6e:0c:
a5:1f:3e:e3:c2:8a:03:90:ef:6e:8c:1a:e0:33:6d:fa:e3:83:
fd:0a:91:0d:0f:e0:31:cb:bc:4c:a7:d8:32:e5:7a:77:39:e6:
62:eb:26:e9:31:0e:d1:5e:c8:8f:32:52:a5:c0:3a:85:46:76:
3a:0c:02:bd:21:d4:ba:dc:5f:29:27:00:62:99:19:45:3c:ef:
27:b6:31:8f:f4:47:d6:1f:bc:b3:83:de:36:4c:b0:3d:90:b6:
c7:15:48:4f:b7:06:4e:fa:d4:5a:59:1b:a9:4f:b9:08:4e:3f:
82:29:ee:2a:25:65:88:7c:e0:62:e5:64:0d:9c:d4:88:43:af:
cb:01:d5:eb
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOlrMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI1MDY0NDE3WhcNMjUxMjEwMDY0NDE3WjAYMRYw
FAYDVQQDEw02NzZiYTljNS1iYWY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAym7wmaLsLtSKlitAOSZAZvLttNWCRR61Qyc6WAxP9aw83Wu8YeQUnJ0u
BtnbOAIVIGnVU56qmrZWKKqmXbJLxNkY+e9yI0rKCOouV6okHSW/yMrHsqoBQfqh
f4SifWpyTWzJpPAkk9PR/HZHl6zL539hOP5eZZk/VmOxwkBzVSB7lAJ3En6ezqpB
HAnIktfPqh65DvFGQWmAIm3y1DrhQ8VZwEKf6oLEggJMvAkfGJSduL13uSIhWv1u
8cu7oH0LJpsaNjauKBjHUG59hSi3rRGNnrBu/QX8L7EO2QPhN0t715H555/MHjOs
p4ULjMyd6rBSn1uwd+sV0UydguIbHwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAj3
iIIWR0V6unTa35AcJlPlZdqtMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BQkE3RjM3NEMyOEIxMUVGQTc1MTVDQkM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOTNMA0GCSqGSIb3DQEBCwUA
A4IBAQAG+iBXur8bDjXxXqEPD1AW0RI/R0h/Xzu764eDkwlBBQgPqXAR1rRfdgv7
NACMBXQLhQyOXtBYgkBjsOHxR4rkpKtJxGoOuqCJxsv+QHRrB1RFuUJb0b/DeEhz
OOZ7DkRFqLGGI94OKuW2J1EVLYN+TEieAEGBE2m/iAk9bgylHz7jwooDkO9ujBrg
M23644P9CpEND+Axy7xMp9gy5Xp3OeZi6ybpMQ7RXsiPMlKlwDqFRnY6DAK9IdS6
3F8pJwBimRlFPO8ntjGP9EfWH7yzg942TLA9kLbHFUhPtwZO+tRaWRupT7kITj+C
Ke4qJWWIfOBi5WQNnNSIQ6/LAdXr
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:01:39 2025 by rpki-client