Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B72F75F8B3CE11EF8CA9AD5E762E951A.roa
File: B72F75F8B3CE11EF8CA9AD5E762E951A.roa (raw, json)
Hash identifier: QxKze3Aa12iep9Y2bQ7CgvGzqwNP7EqTqMML4xufGIM=
Subject key identifier: 5F:BE:E5:0D:6A:7C:47:36:58:9E:F2:90:38:DE:45:85:69:12:90:D8
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E015
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B72F75F8B3CE11EF8CA9AD5E762E951A.roa
Signing time: Fri 06 Dec 2024 12:36:29 +0000
ROA not before: Fri 06 Dec 2024 12:36:25 +0000
ROA not after: Wed 06 Dec 2034 12:36:25 +0000
asID: 17561
IP address blocks: 156.230.128.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57365 (0xe015)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 6 12:36:25 2024 GMT
Not After : Dec 6 12:36:25 2034 GMT
Subject: CN=6752efcd-748e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:66:9f:04:d3:83:10:9d:00:aa:c2:5e:49:8a:
2c:94:3f:e7:2f:b9:55:6c:c0:5f:a2:6a:0d:ca:8a:
ee:3b:eb:e6:59:26:a6:f2:98:3f:83:c9:b1:bf:a6:
4c:34:b3:f6:08:e4:50:e9:21:49:72:c9:c7:67:32:
d6:3f:bd:fa:91:21:f1:3c:c3:47:62:f7:e0:b5:ec:
81:53:81:b8:e1:9a:39:b4:f2:ef:ec:6a:71:45:7a:
cb:3d:d2:92:a8:d7:5a:da:0b:81:5a:c8:4d:fe:49:
da:4c:cd:8b:0a:77:4a:1e:8f:6f:9f:14:66:6b:4c:
88:85:20:3a:4a:4d:15:8b:d9:a3:f6:17:93:9e:38:
9c:00:d8:1f:24:1d:75:5d:e8:d6:55:74:97:26:ba:
a7:05:30:f5:0f:30:82:f9:38:7f:d0:60:fc:92:6f:
a4:11:a6:d9:27:c6:08:17:ed:ed:8a:af:72:b5:0a:
0a:29:34:1a:8f:9e:b9:9b:af:c9:cb:44:d8:e3:31:
fb:24:d7:9b:d3:04:6e:e8:41:3b:64:97:94:c1:59:
f2:fb:75:6e:d1:46:d8:c3:26:fc:cd:08:6f:3f:f2:
c4:ec:75:e2:27:eb:22:de:ae:ac:10:9e:8b:17:75:
b5:98:8d:81:6c:48:33:94:15:99:45:46:5f:a4:f2:
6d:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:BE:E5:0D:6A:7C:47:36:58:9E:F2:90:38:DE:45:85:69:12:90:D8
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B72F75F8B3CE11EF8CA9AD5E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.230.128.0/22
Signature Algorithm: sha256WithRSAEncryption
43:bf:13:a3:88:fe:bd:2f:45:05:32:d9:d5:ab:6e:be:4d:ea:
63:33:43:fb:08:60:9b:c7:be:80:21:f7:d3:07:5b:c4:4a:f1:
7e:20:ef:df:b2:ea:90:25:16:2d:d5:7f:b8:38:2c:54:6c:28:
1f:82:d2:5e:68:ec:fa:de:10:c9:f0:9e:6c:27:42:1e:12:1e:
73:ed:52:d4:78:fe:bd:2a:c2:e3:c1:6d:88:71:b3:dc:46:2f:
e3:e7:ec:90:d1:d2:c3:6c:b7:af:b7:cb:83:c7:4e:9b:e7:cb:
e9:9a:9a:28:09:8f:7b:2d:f2:cb:2a:78:4d:52:d4:6c:c0:1a:
5f:46:71:20:a4:d5:c6:5c:81:eb:52:36:64:10:2c:44:bc:f8:
c1:13:0f:09:da:e8:8c:1a:b5:46:f4:db:3d:cd:86:45:29:5e:
c1:e4:ee:16:dd:3d:be:c0:36:1f:28:66:cd:f6:e6:2e:bc:8b:
87:e5:5e:af:7f:9c:ef:33:05:58:d6:3d:21:c1:8f:96:8a:4a:
5e:2b:ce:84:48:a4:c5:e1:18:4f:dd:16:15:bf:63:91:ad:fe:
68:37:53:fc:15:c5:c2:15:13:a9:d1:db:28:b7:62:94:5c:d0:
ab:04:4e:38:56:86:cb:2c:d0:df:a1:04:52:55:08:18:74:7b:
37:26:26:f1
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOAVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjA2MTIzNjI1WhcNMzQxMjA2MTIzNjI1WjAYMRYw
FAYDVQQDEw02NzUyZWZjZC03NDhlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6GafBNODEJ0AqsJeSYoslD/nL7lVbMBfomoNyoruO+vmWSam8pg/g8mx
v6ZMNLP2CORQ6SFJcsnHZzLWP736kSHxPMNHYvfgteyBU4G44Zo5tPLv7GpxRXrL
PdKSqNda2guBWshN/knaTM2LCndKHo9vnxRma0yIhSA6Sk0Vi9mj9heTnjicANgf
JB11XejWVXSXJrqnBTD1DzCC+Th/0GD8km+kEabZJ8YIF+3tiq9ytQoKKTQaj565
m6/Jy0TY4zH7JNeb0wRu6EE7ZJeUwVny+3Vu0UbYwyb8zQhvP/LE7HXiJ+si3q6s
EJ6LF3W1mI2BbEgzlBWZRUZfpPJtbQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFF++
5Q1qfEc2WJ7ykDjeRYVpEpDYMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CNzJGNzVGOEIzQ0UxMUVGOENBOUFENUU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnOaAMA0GCSqGSIb3DQEBCwUA
A4IBAQBDvxOjiP69L0UFMtnVq26+TepjM0P7CGCbx76AIffTB1vESvF+IO/fsuqQ
JRYt1X+4OCxUbCgfgtJeaOz63hDJ8J5sJ0IeEh5z7VLUeP69KsLjwW2IcbPcRi/j
5+yQ0dLDbLevt8uDx06b58vpmpooCY97LfLLKnhNUtRswBpfRnEgpNXGXIHrUjZk
ECxEvPjBEw8J2uiMGrVG9Ns9zYZFKV7B5O4W3T2+wDYfKGbN9uYuvIuH5V6vf5zv
MwVY1j0hwY+WikpeK86ESKTF4RhP3RYVv2ORrf5oN1P8FcXCFROp0dsot2KUXNCr
BE44VobLLNDfoQRSVQgYdHs3Jibx
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:55:43 2025 by rpki-client