Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C5EA8D1AAD5E11EF801A864E762E951A.roa
File: C5EA8D1AAD5E11EF801A864E762E951A.roa (raw, json)
Hash identifier: fmY1J47ANCZYwQoYBOJnrsD0dVlbwR1jU3dddl/oXy0=
Subject key identifier: 5A:A0:F2:04:88:B8:26:4B:08:A3:99:C3:17:2A:42:2C:5E:58:FB:8F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: DC61
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C5EA8D1AAD5E11EF801A864E762E951A.roa
Signing time: Thu 28 Nov 2024 08:00:03 +0000
ROA not before: Thu 28 Nov 2024 07:59:59 +0000
ROA not after: Tue 11 Feb 2025 07:59:59 +0000
asID: 22773
IP address blocks: 156.238.176.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 56417 (0xdc61)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Nov 28 07:59:59 2024 GMT
Not After : Feb 11 07:59:59 2025 GMT
Subject: CN=67482303-28e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:1f:7d:6d:9d:e7:17:53:7e:88:75:6a:c2:9b:
53:0f:0f:08:60:56:51:e1:5b:3a:45:0d:1a:67:b3:
3f:c2:b6:c0:3a:ce:7e:d5:bd:89:b0:a4:8b:51:18:
5a:0e:53:ab:64:ba:14:78:24:2d:b1:5d:33:22:e7:
4f:e1:1c:0b:6a:e4:0f:51:a0:55:f7:73:f3:96:61:
c0:d4:25:f1:38:f2:ba:00:24:18:bc:8e:a5:38:18:
09:07:0e:d9:0f:a9:83:78:58:6c:fb:df:23:47:e4:
d0:f4:5b:0e:f3:8b:f0:14:61:9b:71:c0:ea:46:d1:
f2:79:03:70:f0:0b:72:0c:e0:26:a8:ce:89:5d:fd:
7f:fb:13:7f:62:6d:40:58:ad:50:63:4a:9b:d2:09:
8c:00:69:96:3d:c4:22:69:ae:d2:04:57:f3:c4:e5:
51:f0:06:30:5c:b8:f2:cc:b7:8f:37:de:9a:fd:bf:
1f:c3:c8:78:8c:b5:84:f9:ee:e6:5a:86:e3:2b:e7:
6b:5e:f1:8f:3b:77:24:f4:0d:95:c5:c1:2e:67:42:
52:97:af:46:26:f9:01:ea:b4:f0:03:de:b8:bc:3d:
0b:96:b7:4b:0d:7e:c1:17:59:07:3a:0b:9c:07:b4:
a7:b0:39:2b:da:53:c6:35:1c:2d:b0:f3:96:a5:fb:
4b:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:A0:F2:04:88:B8:26:4B:08:A3:99:C3:17:2A:42:2C:5E:58:FB:8F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C5EA8D1AAD5E11EF801A864E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.176.0/22
Signature Algorithm: sha256WithRSAEncryption
40:77:15:0b:83:be:27:c2:8c:38:a1:e9:00:98:bc:39:d4:90:
d1:20:96:d2:21:16:10:56:15:73:62:ae:0b:bf:1d:cd:d4:23:
d3:9f:7c:72:10:90:ba:01:dd:c3:2a:c7:7f:10:81:fa:ee:ee:
57:a1:31:39:b4:e0:5c:12:9b:bc:b0:6e:9c:10:9c:f7:99:9b:
f0:4c:1f:e9:76:c9:51:09:68:f6:e2:3f:8d:b1:7e:60:e3:82:
68:2e:a6:96:f1:86:d8:14:4d:d5:e9:bb:60:b5:07:83:16:16:
b2:e6:89:6e:bc:97:30:e4:d3:be:20:dd:25:1a:f9:78:db:5b:
1e:8a:eb:f3:e4:09:3d:ac:ef:b2:2f:0e:e1:83:2f:9c:bc:a5:
a5:5d:05:ec:62:fe:c9:4e:17:1d:3d:84:f4:f4:7e:4b:2e:91:
cb:f8:a3:39:c0:94:4c:42:9f:3b:a1:ae:e8:a7:e2:fc:f5:1d:
92:21:cf:90:27:86:48:53:36:41:bb:06:56:4f:fc:2a:78:73:
97:f6:5a:12:d8:7f:75:39:a9:c8:26:18:3a:db:95:6d:c8:68:
c5:d8:d4:43:12:88:c5:41:33:24:b7:c9:a8:76:fa:39:49:96:
d3:10:06:2b:31:58:43:9f:41:3a:6c:61:54:e2:56:35:c9:66:
3f:bb:6f:a5
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANxhMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTI4MDc1OTU5WhcNMjUwMjExMDc1OTU5WjAYMRYw
FAYDVQQDEw02NzQ4MjMwMy0yOGU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA8B99bZ3nF1N+iHVqwptTDw8IYFZR4Vs6RQ0aZ7M/wrbAOs5+1b2JsKSL
URhaDlOrZLoUeCQtsV0zIudP4RwLauQPUaBV93PzlmHA1CXxOPK6ACQYvI6lOBgJ
Bw7ZD6mDeFhs+98jR+TQ9FsO84vwFGGbccDqRtHyeQNw8AtyDOAmqM6JXf1/+xN/
Ym1AWK1QY0qb0gmMAGmWPcQiaa7SBFfzxOVR8AYwXLjyzLePN96a/b8fw8h4jLWE
+e7mWobjK+drXvGPO3ck9A2VxcEuZ0JSl69GJvkB6rTwA964vD0LlrdLDX7BF1kH
OgucB7SnsDkr2lPGNRwtsPOWpftLEwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFqg
8gSIuCZLCKOZwxcqQixeWPuPMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DNUVBOEQxQUFENUUxMUVGODAxQTg2NEU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnO6wMA0GCSqGSIb3DQEBCwUA
A4IBAQBAdxULg74nwow4oekAmLw51JDRIJbSIRYQVhVzYq4Lvx3N1CPTn3xyEJC6
Ad3DKsd/EIH67u5XoTE5tOBcEpu8sG6cEJz3mZvwTB/pdslRCWj24j+NsX5g44Jo
LqaW8YbYFE3V6btgtQeDFhay5oluvJcw5NO+IN0lGvl421seiuvz5Ak9rO+yLw7h
gy+cvKWlXQXsYv7JThcdPYT09H5LLpHL+KM5wJRMQp87oa7op+L89R2SIc+QJ4ZI
UzZBuwZWT/wqeHOX9loS2H91OanIJhg625VtyGjF2NRDEojFQTMkt8modvo5SZbT
EAYrMVhDn0E6bGFU4lY1yWY/u2+l
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:55:08 2025 by rpki-client