Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CB3C6F92C27E11EFB57E446C762E951A.roa
File: CB3C6F92C27E11EFB57E446C762E951A.roa (raw, json)
Hash identifier: QZY+ZKEUXpcqQV+9daVfYyVx/jbVe1xgzFHYMbSc4pI=
Subject key identifier: 75:13:78:F6:74:76:7D:3F:E3:A9:B5:54:5F:C3:54:33:91:7B:7A:C4
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E8CD
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CB3C6F92C27E11EFB57E446C762E951A.roa
Signing time: Wed 25 Dec 2024 05:12:10 +0000
ROA not before: Wed 25 Dec 2024 05:12:06 +0000
ROA not after: Wed 10 Dec 2025 05:12:06 +0000
asID: 984
IP address blocks: 156.227.184.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59597 (0xe8cd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 25 05:12:06 2024 GMT
Not After : Dec 10 05:12:06 2025 GMT
Subject: CN=676b942a-60d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:24:66:24:08:5e:25:54:a9:81:0d:ad:1d:ba:
47:5a:e1:a4:a2:12:57:bf:fa:5b:35:61:65:2a:02:
af:f7:59:f9:d8:67:22:6f:77:87:b0:d1:a5:3b:71:
1c:c3:32:54:86:66:72:7a:e4:8b:18:28:fa:7d:7d:
83:aa:2a:9b:f0:5c:32:6c:e5:67:a5:94:f5:bc:cd:
2c:ea:ef:2c:a2:0f:27:65:ea:db:7e:27:89:42:14:
83:19:38:15:d7:f8:f6:33:b8:03:bf:02:4b:d5:cc:
9b:bc:e6:ea:13:7a:4b:3e:04:54:ec:9b:69:31:7c:
f4:35:c0:a0:c4:8a:67:0e:cf:08:fe:8a:6a:e7:b6:
cc:11:7e:43:4b:d2:93:69:56:a6:db:d0:04:e8:b6:
e8:d5:3b:1a:e3:54:61:84:27:cc:80:7b:29:11:ee:
da:2b:05:88:98:20:d8:27:b3:90:cc:7d:dd:7c:19:
8a:5e:3f:a4:5e:09:8d:f8:4c:a2:24:dc:fd:37:76:
50:87:28:aa:62:71:ae:ba:c0:a2:45:42:80:56:f3:
37:c3:08:c0:fb:04:b9:22:04:2c:3a:74:18:c8:27:
6f:69:fa:9a:c3:fd:ab:74:9b:07:17:db:ea:b8:5a:
7a:6e:4c:4d:74:90:8a:45:00:c1:8e:50:7f:71:59:
e3:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:13:78:F6:74:76:7D:3F:E3:A9:B5:54:5F:C3:54:33:91:7B:7A:C4
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CB3C6F92C27E11EFB57E446C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.184.0/24
Signature Algorithm: sha256WithRSAEncryption
99:f8:b8:1a:bc:09:84:54:fc:6e:4e:bd:4e:5d:ba:38:c7:e2:
74:58:9d:53:4d:d6:3c:20:92:e7:9a:57:f9:91:08:c5:78:9f:
76:9e:84:ec:3e:9d:3e:2e:a7:e7:31:45:c2:c3:05:a4:da:46:
a6:72:a1:24:8d:bf:03:b7:61:fa:a7:db:c6:b2:36:43:30:b6:
2d:bc:e1:8d:5b:64:ce:3d:5c:58:c5:25:a1:46:b5:6f:5f:3f:
8e:94:da:aa:d8:88:e1:0d:aa:ad:5c:d1:4b:87:f7:b3:07:9b:
23:ba:13:04:63:7d:30:d3:98:bd:cf:9a:5f:00:15:8d:50:f6:
05:5e:67:dc:5f:42:b2:35:4f:9f:c5:ec:8e:83:a6:14:9b:3b:
b0:eb:0b:d5:06:e3:58:b1:e8:b4:d0:b9:5e:f6:72:9e:40:82:
51:a4:c8:18:ed:87:a0:ec:30:6a:17:c1:a3:ff:dd:dc:50:6e:
b7:a6:e1:b3:f4:c2:29:40:b2:36:bf:1e:1c:92:87:ae:39:53:
8d:e9:b9:7c:98:fc:52:72:27:10:24:b0:17:a7:05:43:c8:01:
b0:ee:af:33:c1:26:14:c9:8f:d5:58:a4:3b:45:e2:86:fd:62:
57:ab:cd:53:6d:d2:6c:c6:76:9f:86:16:f2:9f:cc:10:d9:40:
33:01:a2:22
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOjNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI1MDUxMjA2WhcNMjUxMjEwMDUxMjA2WjAYMRYw
FAYDVQQDEw02NzZiOTQyYS02MGQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApCRmJAheJVSpgQ2tHbpHWuGkohJXv/pbNWFlKgKv91n52Gcib3eHsNGl
O3EcwzJUhmZyeuSLGCj6fX2Dqiqb8FwybOVnpZT1vM0s6u8sog8nZerbfieJQhSD
GTgV1/j2M7gDvwJL1cybvObqE3pLPgRU7JtpMXz0NcCgxIpnDs8I/opq57bMEX5D
S9KTaVam29AE6Lbo1Tsa41RhhCfMgHspEe7aKwWImCDYJ7OQzH3dfBmKXj+kXgmN
+EyiJNz9N3ZQhyiqYnGuusCiRUKAVvM3wwjA+wS5IgQsOnQYyCdvafqaw/2rdJsH
F9vquFp6bkxNdJCKRQDBjlB/cVnj1QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHUT
ePZ0dn0/46m1VF/DVDORe3rEMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DQjNDNkY5MkMyN0UxMUVGQjU3RTQ0NkM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOO4MA0GCSqGSIb3DQEBCwUA
A4IBAQCZ+LgavAmEVPxuTr1OXbo4x+J0WJ1TTdY8IJLnmlf5kQjFeJ92noTsPp0+
LqfnMUXCwwWk2kamcqEkjb8Dt2H6p9vGsjZDMLYtvOGNW2TOPVxYxSWhRrVvXz+O
lNqq2IjhDaqtXNFLh/ezB5sjuhMEY30w05i9z5pfABWNUPYFXmfcX0KyNU+fxeyO
g6YUmzuw6wvVBuNYsei00Lle9nKeQIJRpMgY7Yeg7DBqF8Gj/93cUG63puGz9MIp
QLI2vx4ckoeuOVON6bl8mPxScicQJLAXpwVDyAGw7q8zwSYUyY/VWKQ7ReKG/WJX
q81TbdJsxnafhhbyn8wQ2UAzAaIi
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:56:54 2025 by rpki-client