Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C4303DBCC96F11EFA8ECC67D762E951A.roa
File: C4303DBCC96F11EFA8ECC67D762E951A.roa (raw, json)
Hash identifier: hOfgHBHsCjoQPfQo0Xv4D5vK7O+1Zl/k5e9vDMJUD6Y=
Subject key identifier: B7:3F:B3:72:F3:B4:88:EF:A0:9C:DE:7E:22:68:9B:5D:AB:AB:3D:BB
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F4A9
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C4303DBCC96F11EFA8ECC67D762E951A.roa
Signing time: Fri 03 Jan 2025 01:12:14 +0000
ROA not before: Fri 03 Jan 2025 01:12:10 +0000
ROA not after: Mon 13 Dec 2027 01:12:10 +0000
asID: 17561
IP address blocks: 156.227.70.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62633 (0xf4a9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 01:12:10 2025 GMT
Not After : Dec 13 01:12:10 2027 GMT
Subject: CN=6777396e-c508
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:c2:00:3a:40:13:8b:85:e5:cb:90:b6:1f:d3:
17:e0:53:34:de:c8:57:50:e5:73:2e:bd:1c:21:ab:
c0:bd:4a:e5:67:7e:36:1b:20:26:70:d5:6d:64:97:
2e:35:f1:c6:5a:ef:4d:ee:9d:f9:4c:af:13:cd:8d:
9e:2f:89:ee:c4:b0:3e:bd:4b:70:66:d2:30:cb:de:
b8:92:f4:17:73:66:76:e2:52:1e:28:e3:97:7d:d1:
37:50:56:6e:b4:81:b0:6d:2f:48:86:ab:ee:70:74:
2f:51:5c:4c:f5:4e:49:cd:6d:9a:15:1c:c9:eb:5b:
df:5d:3f:ef:5e:62:47:15:a3:8d:e1:df:b0:67:02:
b0:bd:69:41:e1:c6:4f:52:7e:2b:69:3b:da:f3:df:
4a:99:e1:f9:97:24:f0:44:b7:8f:0c:f8:00:2e:f2:
e2:30:02:e3:50:a9:33:69:90:aa:32:85:a4:82:dd:
02:4a:60:77:a6:42:f3:c7:3c:dc:09:00:c8:5d:e3:
17:3b:b0:05:cf:b8:f7:be:8e:4f:a4:a5:04:59:36:
1d:c5:e0:9e:6f:41:e6:b4:99:b5:07:fa:d2:76:72:
45:48:bf:b2:29:96:51:bc:37:62:00:08:18:c2:68:
b5:dc:b6:4d:2b:12:b4:c1:32:69:41:91:70:47:af:
22:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:3F:B3:72:F3:B4:88:EF:A0:9C:DE:7E:22:68:9B:5D:AB:AB:3D:BB
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C4303DBCC96F11EFA8ECC67D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.70.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:e2:27:43:57:ca:8d:4d:27:05:22:eb:5f:98:5c:73:ff:46:
c3:f2:eb:c8:87:e2:e3:09:5a:e6:df:a7:4b:9f:5c:eb:85:89:
b7:3b:34:ca:ce:2e:42:6a:8a:b2:05:a7:bc:96:a1:63:3e:ba:
3f:cc:4e:19:66:38:c5:d7:da:8a:7a:b2:2a:3c:8b:3d:e8:6d:
ac:8e:3f:b4:40:24:39:11:a2:90:40:25:37:df:5c:ae:ed:03:
ce:5d:78:e4:ca:e6:f6:d1:79:6c:ea:bb:72:b8:21:c5:91:94:
d4:fb:02:fa:3d:8e:42:43:1b:e7:fe:55:ab:6f:b2:02:02:0b:
9a:42:6b:13:eb:24:72:99:52:42:e8:51:41:c0:59:7c:eb:18:
23:d1:9e:22:2f:44:9c:e9:ba:20:7e:7c:53:81:28:67:f8:18:
76:0f:c3:cd:3a:41:f3:5b:aa:a5:db:55:c5:d1:21:2c:21:3b:
af:ec:f4:99:e4:fd:3e:6f:44:63:27:66:2d:df:e9:29:9d:d9:
82:ac:ac:98:53:df:97:0a:e9:29:00:b7:56:66:e4:77:90:27:
cf:b6:3d:53:5b:15:00:c8:e1:ba:9f:5a:aa:bd:d1:00:53:9a:
5d:83:d2:05:d8:9a:ef:41:3a:33:bc:e6:fc:94:ff:fb:0b:74:
3d:b5:41:e6
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPSpMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDExMjEwWhcNMjcxMjEzMDExMjEwWjAYMRYw
FAYDVQQDEw02Nzc3Mzk2ZS1jNTA4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtsIAOkATi4Xly5C2H9MX4FM03shXUOVzLr0cIavAvUrlZ342GyAmcNVt
ZJcuNfHGWu9N7p35TK8TzY2eL4nuxLA+vUtwZtIwy964kvQXc2Z24lIeKOOXfdE3
UFZutIGwbS9IhqvucHQvUVxM9U5JzW2aFRzJ61vfXT/vXmJHFaON4d+wZwKwvWlB
4cZPUn4raTva899KmeH5lyTwRLePDPgALvLiMALjUKkzaZCqMoWkgt0CSmB3pkLz
xzzcCQDIXeMXO7AFz7j3vo5PpKUEWTYdxeCeb0HmtJm1B/rSdnJFSL+yKZZRvDdi
AAgYwmi13LZNKxK0wTJpQZFwR68iTQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLc/
s3LztIjvoJzefiJom12rqz27MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DNDMwM0RCQ0M5NkYxMUVGQThFQ0M2N0Q3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnONGMA0GCSqGSIb3DQEBCwUA
A4IBAQC44idDV8qNTScFIutfmFxz/0bD8uvIh+LjCVrm36dLn1zrhYm3OzTKzi5C
aoqyBae8lqFjPro/zE4ZZjjF19qKerIqPIs96G2sjj+0QCQ5EaKQQCU331yu7QPO
XXjkyub20Xls6rtyuCHFkZTU+wL6PY5CQxvn/lWrb7ICAguaQmsT6yRymVJC6FFB
wFl86xgj0Z4iL0Sc6bogfnxTgShn+Bh2D8PNOkHzW6ql21XF0SEsITuv7PSZ5P0+
b0RjJ2Yt3+kpndmCrKyYU9+XCukpALdWZuR3kCfPtj1TWxUAyOG6n1qqvdEAU5pd
g9IF2JrvQTozvOb8lP/7C3Q9tUHm
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:56:26 2025 by rpki-client