Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AF68E846C28211EFA3C15B85762E951A.roa
File: AF68E846C28211EFA3C15B85762E951A.roa (raw, json)
Hash identifier: 9G/sA9Ct6aN2qcHZOCNbQePcm8JQ91qX5mo7iDkNN1A=
Subject key identifier: 7C:9A:E9:B9:C7:81:59:B3:FC:42:EA:B5:60:8F:2C:39:C2:B9:D8:EB
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E8FD
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AF68E846C28211EFA3C15B85762E951A.roa
Signing time: Wed 25 Dec 2024 05:40:02 +0000
ROA not before: Wed 25 Dec 2024 05:39:58 +0000
ROA not after: Wed 10 Dec 2025 05:39:58 +0000
asID: 984
IP address blocks: 156.228.30.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59645 (0xe8fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 25 05:39:58 2024 GMT
Not After : Dec 10 05:39:58 2025 GMT
Subject: CN=676b9ab2-074f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:12:5b:58:f6:e8:e9:50:04:4e:03:86:d9:5d:
a5:f0:36:a4:d4:13:95:29:d9:e1:59:ee:c0:d9:d4:
8c:9b:6e:62:5b:ca:16:a4:f3:32:b2:ae:ab:ea:ff:
f5:a3:3f:05:7e:17:39:e7:c5:bd:53:3e:87:9e:f2:
a5:5b:c3:63:cc:36:a0:f7:f4:fd:ef:5d:03:3e:6f:
af:62:99:b7:7a:e6:66:20:30:99:ae:70:09:03:a6:
32:8a:75:a2:f8:9f:aa:f5:5b:5b:a9:19:19:b6:b6:
bc:64:41:12:b0:4a:f9:4c:e1:9a:94:9d:52:a8:44:
17:77:ff:a9:65:f0:7f:e3:34:1b:55:1d:2d:01:c7:
a1:1e:29:f9:71:db:e9:f6:8c:f5:43:f5:be:58:7f:
3a:d4:09:a5:6d:76:c2:6d:1f:26:e1:70:63:fb:a1:
0a:9b:c3:43:6e:bc:d5:c2:9e:62:43:d3:12:71:8b:
9d:b0:f5:a7:f5:bd:e7:d7:43:d1:84:2a:4d:63:2f:
3e:e8:d5:25:4e:2f:dc:ae:57:34:5f:59:b3:ce:ad:
84:f3:5d:dd:23:ff:e7:1e:70:a1:63:d1:3b:df:a2:
75:c8:4e:6d:0c:f9:05:cb:9c:15:3b:4c:26:96:3f:
74:64:5f:a5:c0:62:04:81:c7:99:4a:e6:ef:e9:7a:
c4:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:9A:E9:B9:C7:81:59:B3:FC:42:EA:B5:60:8F:2C:39:C2:B9:D8:EB
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AF68E846C28211EFA3C15B85762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.30.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:eb:bc:4c:09:1c:b0:82:73:40:ee:83:40:94:35:c3:bf:fe:
d7:17:94:18:0e:33:41:3b:ca:53:ed:24:7a:a8:16:c4:6c:b4:
b1:a4:cf:8a:99:a8:de:43:26:a5:a3:d0:67:67:79:b7:f9:f3:
5a:79:49:c3:c2:1d:e6:c2:f7:1b:96:21:3f:c1:b0:3c:1c:ce:
86:6b:a1:fb:ed:cf:c0:4e:80:02:20:6a:6a:0f:09:78:40:29:
ca:0a:e6:24:de:f6:08:6a:b5:ad:50:0d:f9:f6:a8:d1:b4:92:
89:d8:fb:8c:1f:ff:06:96:bf:16:cc:37:c7:01:c1:b5:81:8d:
10:58:77:30:62:66:34:86:9c:e7:0e:cc:22:67:89:c6:2c:09:
18:0d:24:54:5e:c5:f3:1d:75:92:2c:f3:c6:0a:78:91:a7:5a:
22:ee:1a:36:c5:ac:67:01:17:aa:14:66:8e:c6:6c:b4:39:f5:
90:fd:1e:08:90:0a:2c:70:de:27:49:b5:fc:15:c0:97:c0:da:
76:8d:94:72:a4:6f:b0:a3:e7:83:e9:f4:7b:1e:43:98:bd:be:
55:c5:cc:14:d4:ed:bb:27:f7:c6:aa:0b:d8:51:6a:c5:6c:d4:
c8:3a:58:81:f9:23:34:05:aa:74:35:cd:95:f7:23:c2:05:fd:
c5:2d:92:2b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOj9MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI1MDUzOTU4WhcNMjUxMjEwMDUzOTU4WjAYMRYw
FAYDVQQDEw02NzZiOWFiMi0wNzRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyRJbWPbo6VAETgOG2V2l8Dak1BOVKdnhWe7A2dSMm25iW8oWpPMysq6r
6v/1oz8Ffhc558W9Uz6HnvKlW8NjzDag9/T9710DPm+vYpm3euZmIDCZrnAJA6Yy
inWi+J+q9VtbqRkZtra8ZEESsEr5TOGalJ1SqEQXd/+pZfB/4zQbVR0tAcehHin5
cdvp9oz1Q/W+WH861AmlbXbCbR8m4XBj+6EKm8NDbrzVwp5iQ9MScYudsPWn9b3n
10PRhCpNYy8+6NUlTi/crlc0X1mzzq2E813dI//nHnChY9E736J1yE5tDPkFy5wV
O0wmlj90ZF+lwGIEgceZSubv6XrEPwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHya
6bnHgVmz/ELqtWCPLDnCudjrMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BRjY4RTg0NkMyODIxMUVGQTNDMTVCODU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOQeMA0GCSqGSIb3DQEBCwUA
A4IBAQAK67xMCRywgnNA7oNAlDXDv/7XF5QYDjNBO8pT7SR6qBbEbLSxpM+Kmaje
Qyalo9BnZ3m3+fNaeUnDwh3mwvcbliE/wbA8HM6Ga6H77c/AToACIGpqDwl4QCnK
CuYk3vYIarWtUA359qjRtJKJ2PuMH/8Glr8WzDfHAcG1gY0QWHcwYmY0hpznDswi
Z4nGLAkYDSRUXsXzHXWSLPPGCniRp1oi7ho2xaxnAReqFGaOxmy0OfWQ/R4IkAos
cN4nSbX8FcCXwNp2jZRypG+wo+eD6fR7HkOYvb5VxcwU1O27J/fGqgvYUWrFbNTI
OliB+SM0Bap0Nc2V9yPCBf3FLZIr
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:39:03 2025 by rpki-client