Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B28B71E4CCF811EFA1D76B7B762E951A.roa
File: B28B71E4CCF811EFA1D76B7B762E951A.roa (raw, json)
Hash identifier: QBQYz8sDuME0p3DJV6AOeXxqaiKj0Z7wRmShBVLgL7w=
Subject key identifier: 72:1D:B7:99:8E:0B:AF:73:88:29:98:66:7B:05:35:1F:D2:D0:77:D2
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FC2D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B28B71E4CCF811EFA1D76B7B762E951A.roa
Signing time: Tue 07 Jan 2025 13:09:59 +0000
ROA not before: Tue 07 Jan 2025 13:09:55 +0000
ROA not after: Mon 13 Dec 2027 13:09:55 +0000
asID: 17561
IP address blocks: 156.236.122.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64557 (0xfc2d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 13:09:55 2025 GMT
Not After : Dec 13 13:09:55 2027 GMT
Subject: CN=677d27a7-183a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:da:32:4f:45:24:9e:59:95:66:38:39:e3:3d:
11:2c:6f:fb:f4:bd:e0:53:b8:1c:3b:bf:7a:24:8b:
a9:62:a9:96:7e:e0:b8:3b:12:66:84:44:3f:e3:83:
73:38:cf:5e:a5:5b:cb:bc:6c:34:8d:cb:e0:1c:db:
a5:7a:a9:8d:b5:f3:3a:12:55:d4:33:6d:f0:3b:32:
59:b0:e7:ef:e0:43:9e:b9:8e:1d:7e:88:00:73:68:
9b:f6:19:69:af:03:6b:e5:66:3f:15:53:dd:c9:37:
c2:9c:b2:d6:93:7c:7e:ff:e1:8a:56:22:39:7e:65:
19:c3:6b:af:8c:a2:6e:2a:05:c8:69:b4:a9:76:1a:
c1:9f:44:4b:60:a7:0f:81:44:3e:5c:53:db:0a:03:
2d:ae:1b:07:e3:5f:01:98:0d:91:97:32:4b:ed:43:
4c:21:bd:d9:10:06:c6:b2:23:5b:aa:2c:c1:9d:1e:
ec:92:67:fe:ee:40:3b:f1:53:2a:47:41:44:03:42:
79:f7:a8:cc:bc:87:72:94:58:47:9c:6f:89:47:19:
49:00:18:33:02:16:c5:7f:b1:57:68:31:45:d5:ac:
76:7b:96:4b:15:9a:fc:a6:85:e3:02:ef:1a:63:0c:
0f:5e:5a:f4:50:32:5f:40:fc:bf:8d:f8:fa:bf:50:
c3:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:1D:B7:99:8E:0B:AF:73:88:29:98:66:7B:05:35:1F:D2:D0:77:D2
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B28B71E4CCF811EFA1D76B7B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.236.122.0/24
Signature Algorithm: sha256WithRSAEncryption
77:3e:d0:7f:34:7d:6a:a9:e1:ce:54:aa:3f:d0:13:4a:5a:5a:
f0:46:15:f4:3c:14:c5:ff:bf:35:21:8e:78:3c:e0:2a:a1:22:
c3:26:dc:42:e0:c3:a0:48:3d:bc:cf:5e:a8:0b:b3:a2:27:1d:
ec:89:2a:b7:b4:c4:54:2e:fb:98:4b:1c:63:d3:8f:07:68:c6:
91:7a:8c:96:ca:11:7a:07:e4:a9:61:3c:bf:a5:93:a5:39:55:
fc:89:14:c0:1d:13:55:65:8a:64:73:2d:6b:82:56:65:dd:4f:
70:17:e2:5a:72:3c:42:34:54:8d:e0:3f:4c:03:f5:78:10:a6:
b0:64:dc:74:06:cc:e8:86:ea:c9:33:50:ad:82:43:43:92:31:
b2:b7:13:44:85:9f:85:06:b7:f4:45:9b:0e:b4:d3:74:d1:c8:
5f:a4:ae:07:2f:b8:ac:a4:6c:57:97:d2:ae:33:e4:2e:1d:80:
60:0f:e6:3b:b0:ab:f8:16:f4:34:23:da:65:70:d4:8b:17:cf:
4d:0a:2e:93:ec:65:53:2a:88:77:4b:df:09:6a:56:78:a9:c7:
9d:c2:9c:d2:16:54:82:47:da:7d:55:97:90:94:ac:37:8b:d2:
27:f8:ad:9d:12:e3:60:69:37:6d:ad:cd:a4:b2:43:02:2b:e6:
c7:40:36:9d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPwtMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTMwOTU1WhcNMjcxMjEzMTMwOTU1WjAYMRYw
FAYDVQQDEw02NzdkMjdhNy0xODNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAq9oyT0UknlmVZjg54z0RLG/79L3gU7gcO796JIupYqmWfuC4OxJmhEQ/
44NzOM9epVvLvGw0jcvgHNuleqmNtfM6ElXUM23wOzJZsOfv4EOeuY4dfogAc2ib
9hlprwNr5WY/FVPdyTfCnLLWk3x+/+GKViI5fmUZw2uvjKJuKgXIabSpdhrBn0RL
YKcPgUQ+XFPbCgMtrhsH418BmA2RlzJL7UNMIb3ZEAbGsiNbqizBnR7skmf+7kA7
8VMqR0FEA0J596jMvIdylFhHnG+JRxlJABgzAhbFf7FXaDFF1ax2e5ZLFZr8poXj
Au8aYwwPXlr0UDJfQPy/jfj6v1DDowIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHId
t5mOC69ziCmYZnsFNR/S0HfSMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CMjhCNzFFNENDRjgxMUVGQTFENzZCN0I3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOx6MA0GCSqGSIb3DQEBCwUA
A4IBAQB3PtB/NH1qqeHOVKo/0BNKWlrwRhX0PBTF/781IY54POAqoSLDJtxC4MOg
SD28z16oC7OiJx3siSq3tMRULvuYSxxj048HaMaReoyWyhF6B+SpYTy/pZOlOVX8
iRTAHRNVZYpkcy1rglZl3U9wF+JacjxCNFSN4D9MA/V4EKawZNx0BszohurJM1Ct
gkNDkjGytxNEhZ+FBrf0RZsOtNN00chfpK4HL7ispGxXl9KuM+QuHYBgD+Y7sKv4
FvQ0I9plcNSLF89NCi6T7GVTKoh3S98JalZ4qcedwpzSFlSCR9p9VZeQlKw3i9In
+K2dEuNgaTdtrc2kskMCK+bHQDad
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:45:20 2025 by rpki-client