Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B8312D58C98511EF8CFF529D762E951A.roa
File: B8312D58C98511EF8CFF529D762E951A.roa (raw, json)
Hash identifier: BEHGnun6Y4va2NzIOzbYggpfvtbjs5CGWfj9AVA1rLQ=
Subject key identifier: 74:54:4F:24:1B:29:5A:FA:8E:40:F0:82:3E:63:B7:31:FD:53:6B:EA
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F57B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B8312D58C98511EF8CFF529D762E951A.roa
Signing time: Fri 03 Jan 2025 03:49:23 +0000
ROA not before: Fri 03 Jan 2025 03:49:19 +0000
ROA not after: Mon 13 Dec 2027 03:49:19 +0000
asID: 17561
IP address blocks: 156.232.74.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62843 (0xf57b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 03:49:19 2025 GMT
Not After : Dec 13 03:49:19 2027 GMT
Subject: CN=67775e43-544b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:8c:07:ee:45:76:6f:fd:f4:fd:32:d3:0d:8e:
15:c3:9f:77:7a:e5:04:d3:95:ab:27:e1:92:42:76:
34:67:ee:37:e2:ee:09:ca:a2:11:0c:0a:bb:ac:d6:
b3:88:17:66:95:7b:b7:20:fd:0e:d1:f0:36:fd:a3:
0a:26:f1:95:7a:93:48:46:01:c7:c6:22:27:d2:08:
0e:a1:5f:ea:8a:b5:b5:fb:1b:4b:67:72:b6:88:54:
04:49:6d:8d:fa:61:24:57:64:99:e4:2f:9e:93:7e:
57:ce:82:d5:b5:91:bf:a6:fb:65:37:ba:cd:bb:6e:
76:ca:39:d1:54:8c:d8:b1:ec:f8:6c:2b:8f:6b:d0:
f1:58:49:45:21:c4:01:df:4e:2c:20:ce:82:28:92:
d4:2b:8c:5a:8e:d3:ca:77:73:5c:b9:0d:82:14:6d:
00:80:c2:22:ba:d0:91:06:85:42:c4:6e:e2:b5:1e:
e7:30:43:f9:c5:9c:09:66:ee:bc:ee:74:3d:8e:1b:
42:60:92:d8:42:4c:cb:3e:05:5f:de:7d:b9:f0:e9:
5c:e8:06:e2:91:e5:e3:fb:40:4e:14:f8:af:53:bf:
b9:5e:4b:67:81:dc:0a:1d:67:c0:31:80:e5:cc:40:
31:ef:45:d4:75:92:1c:25:1f:a1:ca:d0:a2:c0:8e:
65:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:54:4F:24:1B:29:5A:FA:8E:40:F0:82:3E:63:B7:31:FD:53:6B:EA
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B8312D58C98511EF8CFF529D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.232.74.0/24
Signature Algorithm: sha256WithRSAEncryption
23:65:f9:34:81:a2:61:2e:ae:16:82:c5:db:0f:b9:7d:27:af:
22:a5:d8:4c:39:24:e8:98:c3:76:04:e9:71:13:61:50:32:9f:
c5:20:d3:46:7a:49:15:bf:ee:d2:03:f6:69:fc:1b:a1:36:7b:
6a:77:b3:d0:8a:de:07:15:78:b8:68:b7:e7:91:7e:22:26:23:
3d:0d:93:87:65:a3:9e:1a:91:5f:4b:cd:39:04:4f:97:b0:58:
2b:3e:54:88:e1:1b:d1:04:da:73:34:86:73:9c:e6:94:64:d3:
cd:ad:03:d0:7b:48:c3:3d:21:1c:10:57:9a:fb:0e:52:fd:41:
89:0a:bd:28:a1:a6:7a:eb:fe:75:c4:44:54:0e:79:7c:42:f7:
85:76:25:03:a6:d1:50:49:6c:5d:f2:c4:20:d6:18:a2:87:d4:
a4:9f:45:e7:a4:35:69:96:36:b3:b0:77:eb:d6:b9:80:4e:66:
25:14:47:e7:09:96:bd:6c:dc:8c:64:10:be:2e:b7:1a:3a:51:
0f:dc:48:c0:e6:e6:0e:60:2b:d5:ed:08:82:79:ef:64:f4:f2:
64:20:78:96:bd:a1:7f:ab:8d:3c:cc:04:81:ee:d4:51:9f:c5:
e0:85:f3:48:de:48:8c:dd:0f:58:c9:44:1e:2d:53:6b:e0:b6:
a8:98:c1:48
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPV7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDM0OTE5WhcNMjcxMjEzMDM0OTE5WjAYMRYw
FAYDVQQDEw02Nzc3NWU0My01NDRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvYwH7kV2b/30/TLTDY4Vw593euUE05WrJ+GSQnY0Z+434u4JyqIRDAq7
rNaziBdmlXu3IP0O0fA2/aMKJvGVepNIRgHHxiIn0ggOoV/qirW1+xtLZ3K2iFQE
SW2N+mEkV2SZ5C+ek35XzoLVtZG/pvtlN7rNu252yjnRVIzYsez4bCuPa9DxWElF
IcQB304sIM6CKJLUK4xajtPKd3NcuQ2CFG0AgMIiutCRBoVCxG7itR7nMEP5xZwJ
Zu687nQ9jhtCYJLYQkzLPgVf3n258Olc6AbikeXj+0BOFPivU7+5XktngdwKHWfA
MYDlzEAx70XUdZIcJR+hytCiwI5lsQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHRU
TyQbKVr6jkDwgj5jtzH9U2vqMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CODMxMkQ1OEM5ODUxMUVGOENGRjUyOUQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOhKMA0GCSqGSIb3DQEBCwUA
A4IBAQAjZfk0gaJhLq4WgsXbD7l9J68ipdhMOSTomMN2BOlxE2FQMp/FINNGekkV
v+7SA/Zp/BuhNntqd7PQit4HFXi4aLfnkX4iJiM9DZOHZaOeGpFfS805BE+XsFgr
PlSI4RvRBNpzNIZznOaUZNPNrQPQe0jDPSEcEFea+w5S/UGJCr0ooaZ66/51xERU
Dnl8QveFdiUDptFQSWxd8sQg1hiih9Skn0XnpDVpljazsHfr1rmATmYlFEfnCZa9
bNyMZBC+LrcaOlEP3EjA5uYOYCvV7QiCee9k9PJkIHiWvaF/q408zASB7tRRn8Xg
hfNI3kiM3Q9YyUQeLVNr4LaomMFI
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:54:44 2025 by rpki-client