Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D5716244C95211EF9F91A147762E951A.roa
File: D5716244C95211EF9F91A147762E951A.roa (raw, json)
Hash identifier: MuY8myFfTh8C1KWthWfE4z38GsicwmZnx3kQ7k4goTk=
Subject key identifier: 6D:34:5A:0B:6B:A7:34:74:86:DE:29:2B:51:49:10:1D:8C:97:1F:04
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F3D8
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D5716244C95211EF9F91A147762E951A.roa
Signing time: Thu 02 Jan 2025 21:45:08 +0000
ROA not before: Thu 02 Jan 2025 21:45:04 +0000
ROA not after: Mon 13 Dec 2027 21:45:04 +0000
asID: 17561
IP address blocks: 156.226.131.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62424 (0xf3d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 2 21:45:04 2025 GMT
Not After : Dec 13 21:45:04 2027 GMT
Subject: CN=677708e4-0b02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:c6:47:b4:2c:b4:95:0c:50:3a:88:b6:1f:b4:
ee:49:de:92:4e:0d:4e:4f:71:8d:47:aa:72:6b:3d:
33:aa:ed:c5:a4:7c:cc:3b:ac:64:bb:9f:19:7d:19:
5b:8c:f0:8e:d4:df:ab:ab:c8:1b:a3:aa:a3:38:bc:
47:d8:0b:20:34:7c:cd:fb:ed:ca:d9:00:50:43:05:
37:e4:0f:a2:d7:bc:f4:1a:e2:92:a8:68:37:7c:b5:
51:ad:95:a2:81:c6:22:98:61:47:00:7b:c1:0a:48:
46:05:69:c0:be:b6:78:88:2a:13:6d:28:e7:06:ff:
0f:b0:d0:3b:13:9b:2a:61:e5:2f:b8:74:f5:36:ef:
2e:a3:4f:71:ab:84:90:b2:a1:1e:b7:04:20:6a:c1:
44:59:ac:2b:e2:6f:9a:13:b4:63:5c:01:d9:5b:ed:
7b:9e:9e:67:61:e0:8c:23:40:fa:77:9b:2b:3a:f8:
65:7c:9c:84:30:d5:19:77:2c:33:85:c0:98:30:71:
bc:4c:1b:e2:79:ec:83:b9:9c:9d:ea:da:7a:b1:07:
72:e7:46:12:59:04:b4:ec:44:fc:44:db:92:52:8c:
d5:63:7b:38:36:d6:b7:1a:56:c6:1b:e1:41:d2:02:
b5:b7:17:a4:7c:2f:2c:ff:62:54:91:a6:35:8c:dc:
82:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:34:5A:0B:6B:A7:34:74:86:DE:29:2B:51:49:10:1D:8C:97:1F:04
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D5716244C95211EF9F91A147762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.226.131.0/24
Signature Algorithm: sha256WithRSAEncryption
69:af:77:55:68:72:f8:78:54:41:bf:9b:7e:12:4b:ee:11:7b:
11:54:db:63:6c:1e:bf:90:a8:ef:2c:f0:08:d5:e0:37:67:da:
77:c1:f8:7f:57:3b:50:7b:a7:c0:82:74:0b:00:92:70:22:b4:
79:96:77:7a:e2:d5:6e:da:32:52:ce:9e:7d:a7:22:95:f2:85:
76:e7:2f:52:e5:80:29:50:fb:d7:69:08:4d:16:a4:95:65:3f:
97:13:5d:2d:01:1d:53:9d:69:5b:40:9a:06:c3:dc:60:30:75:
da:21:6d:f7:cc:c6:15:87:72:da:86:c8:d4:21:b4:32:46:fb:
43:58:9b:8e:55:f9:c2:e4:8d:ef:e5:27:fd:fe:e4:fd:05:2c:
dc:85:85:aa:79:56:c2:20:8c:6e:31:08:9e:f2:d7:56:81:f4:
62:df:f4:e9:83:a8:68:5f:4d:16:1f:d6:67:04:b5:af:83:c3:
3c:55:f7:1a:e2:ca:5b:37:1a:34:33:e4:0f:a9:48:7a:5c:48:
4e:e8:b6:2d:87:87:1f:07:d3:cc:cb:a5:c2:b6:ee:7e:00:2a:
ac:72:ee:55:96:9c:60:85:af:a5:5f:b3:5d:a2:38:7b:77:ef:
56:5c:da:43:6d:a5:4d:31:a6:ce:5e:e2:68:20:dc:b3:2a:9d:
df:7b:7d:fb
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPPYMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAyMjE0NTA0WhcNMjcxMjEzMjE0NTA0WjAYMRYw
FAYDVQQDEw02Nzc3MDhlNC0wYjAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtMZHtCy0lQxQOoi2H7TuSd6STg1OT3GNR6pyaz0zqu3FpHzMO6xku58Z
fRlbjPCO1N+rq8gbo6qjOLxH2AsgNHzN++3K2QBQQwU35A+i17z0GuKSqGg3fLVR
rZWigcYimGFHAHvBCkhGBWnAvrZ4iCoTbSjnBv8PsNA7E5sqYeUvuHT1Nu8uo09x
q4SQsqEetwQgasFEWawr4m+aE7RjXAHZW+17np5nYeCMI0D6d5srOvhlfJyEMNUZ
dywzhcCYMHG8TBvieeyDuZyd6tp6sQdy50YSWQS07ET8RNuSUozVY3s4Nta3GlbG
G+FB0gK1txekfC8s/2JUkaY1jNyC5QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFG00
WgtrpzR0ht4pK1FJEB2Mlx8EMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9ENTcxNjI0NEM5NTIxMUVGOUY5MUExNDc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOKDMA0GCSqGSIb3DQEBCwUA
A4IBAQBpr3dVaHL4eFRBv5t+EkvuEXsRVNtjbB6/kKjvLPAI1eA3Z9p3wfh/VztQ
e6fAgnQLAJJwIrR5lnd64tVu2jJSzp59pyKV8oV25y9S5YApUPvXaQhNFqSVZT+X
E10tAR1TnWlbQJoGw9xgMHXaIW33zMYVh3LahsjUIbQyRvtDWJuOVfnC5I3v5Sf9
/uT9BSzchYWqeVbCIIxuMQie8tdWgfRi3/Tpg6hoX00WH9ZnBLWvg8M8Vfca4spb
Nxo0M+QPqUh6XEhO6LYth4cfB9PMy6XCtu5+ACqscu5Vlpxgha+lX7Ndojh7d+9W
XNpDbaVNMabOXuJoINyzKp3fe337
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:42:15 2025 by rpki-client