Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B39D583CCCCF11EF8DFB0778762E951A.roa
File: B39D583CCCCF11EF8DFB0778762E951A.roa (raw, json)
Hash identifier: IbqoDi7h8xwZvNCQxm4Wa58HqP5nKIUtqPz86/lP4a4=
Subject key identifier: 64:B4:11:E4:73:A1:9C:78:6C:BB:7B:6A:C7:F7:6A:69:3A:04:8D:16
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FAB5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B39D583CCCCF11EF8DFB0778762E951A.roa
Signing time: Tue 07 Jan 2025 08:16:32 +0000
ROA not before: Tue 07 Jan 2025 08:16:28 +0000
ROA not after: Mon 13 Dec 2027 08:16:28 +0000
asID: 17561
IP address blocks: 156.233.145.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64181 (0xfab5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 08:16:28 2025 GMT
Not After : Dec 13 08:16:28 2027 GMT
Subject: CN=677ce2df-c465
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:4f:82:87:33:2b:87:6a:b3:24:9e:ff:ed:44:
51:d6:04:0b:e8:7d:3c:af:12:ec:5c:05:44:b1:90:
d6:60:8e:35:1c:c1:2b:9a:5a:09:ad:33:d9:d7:bf:
8b:c6:4e:7f:0d:07:64:e5:c0:c5:7a:99:b4:16:8b:
d7:71:37:c8:cd:17:47:6e:05:cf:0a:b6:f0:22:21:
ce:df:5b:a5:28:d7:99:1c:d6:8b:a6:45:1b:34:c8:
0e:21:fb:13:69:aa:b7:56:f4:38:65:92:69:0d:67:
b0:97:51:90:06:be:3c:08:c9:00:e4:92:f0:3f:1e:
e3:fb:d6:c1:ef:8f:b0:d9:cc:88:62:c0:a7:74:79:
a0:fa:7f:ec:91:cb:8d:6a:ee:1b:6b:d9:6e:ad:0b:
0f:cd:14:a0:13:d2:07:9a:46:d9:7c:3c:51:cf:0e:
b4:1e:52:cb:c6:88:36:e6:d4:8d:2e:09:58:e9:40:
16:c0:33:0a:80:e0:13:1a:03:43:1d:86:51:67:6d:
03:df:b0:86:78:84:05:60:5d:61:53:89:3c:ac:03:
bc:0e:e3:d6:b8:42:3d:57:e9:08:ab:4a:61:cf:28:
85:1c:8f:b1:1e:d9:03:de:54:f4:35:09:1d:4e:49:
b5:4e:d0:47:7a:8e:a3:f5:75:f5:db:ac:40:bb:d1:
c4:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:B4:11:E4:73:A1:9C:78:6C:BB:7B:6A:C7:F7:6A:69:3A:04:8D:16
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B39D583CCCCF11EF8DFB0778762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.145.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:10:bd:5d:82:cd:b4:7c:77:fb:7b:75:45:0e:56:c8:7d:23:
58:fa:2d:de:7b:47:49:e4:b9:0a:4e:f1:57:4b:e6:68:73:35:
5e:e3:33:1b:81:7f:f8:46:98:6c:eb:c3:61:88:fb:05:24:08:
c8:40:c1:07:32:94:8b:e2:5b:5a:73:c8:00:4b:7a:59:5c:a9:
a4:d5:74:c5:94:ac:a0:8a:3f:cc:7b:60:9e:4a:b0:0d:da:d8:
7c:b7:ef:e6:6c:91:4f:18:df:b2:34:fb:84:e5:ca:ed:7f:bf:
5d:34:11:f3:83:39:a6:bc:5b:f7:48:fd:a9:85:7e:9f:03:9c:
91:97:fa:1c:0d:28:d2:95:0c:17:98:00:7c:b4:45:be:dd:95:
38:11:6d:02:b6:22:e1:a6:2f:a9:d0:c6:e2:46:49:f5:6b:61:
fb:1b:c0:42:6b:98:e8:18:db:43:e7:08:b5:06:e0:c9:ec:e4:
8a:f6:32:a0:56:a0:42:59:dc:ce:5a:c2:3f:5d:e9:5f:b4:87:
9c:75:10:13:ae:6c:7f:d7:d6:ce:d0:f7:d8:c6:de:21:53:73:
37:ac:fd:3b:d9:08:82:19:c7:94:b6:e0:0b:5c:ed:69:e6:21:
0f:ed:b5:2a:3d:d0:c9:98:09:fd:2a:93:73:c6:75:66:df:43:
29:05:c7:fc
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPq1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDgxNjI4WhcNMjcxMjEzMDgxNjI4WjAYMRYw
FAYDVQQDEw02NzdjZTJkZi1jNDY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApk+ChzMrh2qzJJ7/7URR1gQL6H08rxLsXAVEsZDWYI41HMErmloJrTPZ
17+Lxk5/DQdk5cDFepm0FovXcTfIzRdHbgXPCrbwIiHO31ulKNeZHNaLpkUbNMgO
IfsTaaq3VvQ4ZZJpDWewl1GQBr48CMkA5JLwPx7j+9bB74+w2cyIYsCndHmg+n/s
kcuNau4ba9lurQsPzRSgE9IHmkbZfDxRzw60HlLLxog25tSNLglY6UAWwDMKgOAT
GgNDHYZRZ20D37CGeIQFYF1hU4k8rAO8DuPWuEI9V+kIq0phzyiFHI+xHtkD3lT0
NQkdTkm1TtBHeo6j9XX126xAu9HEoQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGS0
EeRzoZx4bLt7asf3amk6BI0WMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CMzlENTgzQ0NDQ0YxMUVGOERGQjA3Nzg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOmRMA0GCSqGSIb3DQEBCwUA
A4IBAQCcEL1dgs20fHf7e3VFDlbIfSNY+i3ee0dJ5LkKTvFXS+ZoczVe4zMbgX/4
Rphs68NhiPsFJAjIQMEHMpSL4ltac8gAS3pZXKmk1XTFlKygij/Me2CeSrAN2th8
t+/mbJFPGN+yNPuE5crtf79dNBHzgzmmvFv3SP2phX6fA5yRl/ocDSjSlQwXmAB8
tEW+3ZU4EW0CtiLhpi+p0MbiRkn1a2H7G8BCa5joGNtD5wi1BuDJ7OSK9jKgVqBC
WdzOWsI/XelftIecdRATrmx/19bO0PfYxt4hU3M3rP072QiCGceUtuALXO1p5iEP
7bUqPdDJmAn9KpNzxnVm30MpBcf8
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:52:09 2025 by rpki-client