Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B5AC0DCAC28A11EF8B522CB6762E951A.roa
File: B5AC0DCAC28A11EF8B522CB6762E951A.roa (raw, json)
Hash identifier: 3aaZhUHuShzyuk6FxnJdgB1IPLhjizPIk0NHvyVcCTE=
Subject key identifier: 70:3D:6D:F3:B8:2D:D5:04:3F:1B:AC:50:96:67:4B:F0:04:2B:89:C9
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E95F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B5AC0DCAC28A11EF8B522CB6762E951A.roa
Signing time: Wed 25 Dec 2024 06:37:28 +0000
ROA not before: Wed 25 Dec 2024 06:37:24 +0000
ROA not after: Wed 10 Dec 2025 06:37:24 +0000
asID: 984
IP address blocks: 156.228.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59743 (0xe95f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 25 06:37:24 2024 GMT
Not After : Dec 10 06:37:24 2025 GMT
Subject: CN=676ba828-3552
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:0d:cf:3e:4b:70:cc:d9:05:e4:fc:99:d8:a7:
fc:c5:01:40:c3:b4:4b:e4:78:fd:bd:19:22:62:f2:
1f:63:ed:ee:c4:38:55:af:28:d4:fd:b6:da:1a:46:
3d:63:74:b5:3e:18:34:d6:f3:24:14:e8:c7:21:5b:
d8:f4:be:67:0a:1e:2d:7a:e7:76:18:1a:38:04:47:
12:89:77:ea:21:07:ab:5e:65:5d:bb:fe:84:80:a1:
9f:72:f1:1a:d3:e2:61:61:80:1c:f0:ca:80:21:0a:
f0:4e:72:c1:90:2f:b9:00:a6:75:9b:7d:84:b9:fa:
55:c4:6d:12:d1:5f:ae:85:39:bd:ec:48:27:b0:45:
ea:bc:2d:c5:85:71:a7:08:53:d0:54:8d:d4:b2:ef:
c6:1e:27:22:65:60:c0:fb:5f:0c:05:9e:ac:51:2b:
8e:9f:70:56:f8:4d:3f:9d:b4:25:91:ac:87:b7:50:
50:2d:ea:95:00:a7:29:03:d8:b0:72:18:6c:cb:ee:
a3:0e:63:0c:ca:ab:69:da:07:b2:cd:cb:30:32:b0:
7a:bc:8d:cd:24:75:ef:29:6a:fe:16:c5:e8:5c:dd:
ae:26:c1:61:9c:f4:8b:0b:d9:8c:5c:00:d2:d5:c8:
3a:84:01:e8:c0:62:7f:2d:55:10:ab:c9:1a:81:68:
c0:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:3D:6D:F3:B8:2D:D5:04:3F:1B:AC:50:96:67:4B:F0:04:2B:89:C9
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B5AC0DCAC28A11EF8B522CB6762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.198.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:70:74:44:82:a6:ec:a9:69:d9:bf:b2:54:b8:16:e1:13:4b:
84:a9:7b:19:fd:cc:27:47:05:39:0f:0d:db:05:95:76:97:7c:
7a:36:96:0f:2c:c5:6b:1f:6a:11:43:58:c5:f9:c5:e2:07:12:
48:76:5f:f0:58:6f:85:67:47:9f:c8:4e:18:4c:bf:fe:dd:f2:
bf:b5:0b:56:c8:24:16:93:99:cc:83:aa:70:2f:0f:cd:d0:e7:
01:65:0b:25:d6:f6:38:95:cc:5e:a6:d4:57:ad:69:d4:5a:f6:
3e:a5:a1:50:b3:74:9c:a9:c1:bd:53:9e:94:00:0e:6b:05:21:
2f:32:0b:4c:cb:ed:3c:63:31:58:d2:ca:46:29:2c:86:83:5b:
cb:6e:e3:5f:8c:03:16:61:b5:1f:c4:85:7d:fe:f8:05:b3:15:
4d:f9:67:f7:b6:13:72:8d:08:b9:26:3f:04:79:10:ab:c2:56:
f3:58:e0:fe:51:25:4d:7d:37:a0:20:5f:35:a6:e0:4a:ac:36:
66:e2:6b:75:77:39:c2:fa:89:73:8a:14:16:30:5d:bc:bd:b5:
1d:58:bf:fc:2d:f1:3d:6c:e4:02:49:bf:9c:7a:90:d4:8b:ab:
4a:79:ce:98:b0:82:6f:b6:28:29:30:ee:d3:43:a9:ea:f8:7f:
a1:17:a0:d6
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOlfMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI1MDYzNzI0WhcNMjUxMjEwMDYzNzI0WjAYMRYw
FAYDVQQDEw02NzZiYTgyOC0zNTUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvg3PPktwzNkF5PyZ2Kf8xQFAw7RL5Hj9vRkiYvIfY+3uxDhVryjU/bba
GkY9Y3S1Phg01vMkFOjHIVvY9L5nCh4teud2GBo4BEcSiXfqIQerXmVdu/6EgKGf
cvEa0+JhYYAc8MqAIQrwTnLBkC+5AKZ1m32EufpVxG0S0V+uhTm97EgnsEXqvC3F
hXGnCFPQVI3Usu/GHiciZWDA+18MBZ6sUSuOn3BW+E0/nbQlkayHt1BQLeqVAKcp
A9iwchhsy+6jDmMMyqtp2geyzcswMrB6vI3NJHXvKWr+FsXoXN2uJsFhnPSLC9mM
XADS1cg6hAHowGJ/LVUQq8kagWjARQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHA9
bfO4LdUEPxusUJZnS/AEK4nJMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CNUFDMERDQUMyOEExMUVGOEI1MjJDQjY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOTGMA0GCSqGSIb3DQEBCwUA
A4IBAQCgcHREgqbsqWnZv7JUuBbhE0uEqXsZ/cwnRwU5Dw3bBZV2l3x6NpYPLMVr
H2oRQ1jF+cXiBxJIdl/wWG+FZ0efyE4YTL/+3fK/tQtWyCQWk5nMg6pwLw/N0OcB
ZQsl1vY4lcxeptRXrWnUWvY+paFQs3ScqcG9U56UAA5rBSEvMgtMy+08YzFY0spG
KSyGg1vLbuNfjAMWYbUfxIV9/vgFsxVN+Wf3thNyjQi5Jj8EeRCrwlbzWOD+USVN
fTegIF81puBKrDZm4mt1dznC+olzihQWMF28vbUdWL/8LfE9bOQCSb+cepDUi6tK
ec6YsIJvtigpMO7TQ6nq+H+hF6DW
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:44:25 2025 by rpki-client