Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D99806F6C28211EFAF11C585762E951A.roa
File: D99806F6C28211EFAF11C585762E951A.roa (raw, json)
Hash identifier: WX12HIH+XVeQqcRiKqRvKdt955/LsSs2qfXA3ERfMuM=
Subject key identifier: 30:F2:17:1F:5F:0D:EB:5A:12:3E:86:E8:AF:F3:99:3A:8D:AC:F2:CD
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E8FF
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D99806F6C28211EFAF11C585762E951A.roa
Signing time: Wed 25 Dec 2024 05:41:12 +0000
ROA not before: Wed 25 Dec 2024 05:41:09 +0000
ROA not after: Wed 10 Dec 2025 05:41:09 +0000
asID: 984
IP address blocks: 156.228.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59647 (0xe8ff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 25 05:41:09 2024 GMT
Not After : Dec 10 05:41:09 2025 GMT
Subject: CN=676b9af8-3760
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ff:1b:40:ed:e4:2c:e6:72:14:db:a7:6e:4a:
5d:2a:26:ae:7f:f2:72:8e:83:a2:36:cd:98:26:89:
3f:53:b3:53:01:15:f3:41:fb:f4:75:14:95:83:47:
96:cf:de:d2:b5:19:2c:84:3e:15:ef:47:66:d9:68:
8b:6b:d6:76:e5:86:c2:c0:46:32:44:fb:64:40:9a:
d0:e2:4b:53:06:bc:76:b9:e6:a9:1c:9d:f6:12:df:
d9:b8:71:87:69:9c:68:77:bc:b4:ab:f6:ed:5d:bd:
1b:1a:81:f7:bc:b6:c2:87:a5:14:f2:31:f5:10:69:
18:75:48:11:bc:1c:a4:6f:91:1f:42:91:3a:0f:56:
9c:ee:8e:b3:f5:3b:d0:8f:36:ff:1d:fa:2c:43:80:
d3:49:e0:5c:9f:86:a2:1d:59:cf:6d:c0:9f:5a:ae:
48:09:78:ef:1f:49:b6:35:27:0c:9e:5b:08:6a:c7:
23:67:75:e4:c8:4d:bd:71:7c:0f:62:ed:94:6f:40:
27:fb:42:76:83:a4:04:da:d2:17:ca:55:c7:12:84:
f7:02:7d:cb:f0:5e:82:59:f4:5b:94:3d:46:32:4c:
7d:2e:30:32:27:1c:49:b1:98:a4:77:7a:0a:f6:73:
ad:53:83:b3:c5:97:9e:aa:65:7b:3e:7a:dc:f8:40:
5c:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:F2:17:1F:5F:0D:EB:5A:12:3E:86:E8:AF:F3:99:3A:8D:AC:F2:CD
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D99806F6C28211EFAF11C585762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.31.0/24
Signature Algorithm: sha256WithRSAEncryption
64:19:6d:3e:67:5f:95:4f:b6:5f:b1:1e:49:12:5f:97:51:11:
2b:09:e7:cf:66:e8:6e:3f:29:1f:42:fc:b3:34:86:1f:30:9c:
3f:4d:00:91:99:86:43:78:db:49:31:e5:e8:a1:80:c3:a7:a4:
66:38:35:04:87:c7:29:46:d6:bc:7a:d9:ed:c5:73:45:af:65:
ff:da:d5:71:f9:2e:78:88:4d:4b:52:3f:38:6a:a5:e1:fa:f1:
fb:2d:03:f9:1a:1a:ba:bd:e8:1d:af:d4:89:79:1b:b1:a1:6e:
b1:13:39:aa:78:c9:55:a8:16:de:bc:83:09:08:48:19:b1:2a:
dd:19:a8:03:1a:eb:0e:27:23:fd:7e:18:25:0c:3f:4b:28:f7:
ac:f5:23:3a:22:8b:6d:4c:39:f1:86:fc:b9:e3:22:be:fa:0b:
53:77:ec:aa:e3:76:6b:8b:5f:1c:44:0a:db:a8:80:65:23:15:
72:f3:9a:1a:e7:b1:5a:df:23:ae:df:16:95:0e:8d:1b:28:8a:
80:9b:ee:03:d3:39:81:ff:65:70:a5:29:84:68:55:94:00:6e:
5c:18:a3:8d:a5:ec:b5:75:95:54:1e:79:95:c8:df:47:a0:ae:
89:8b:bb:3a:be:6d:d3:7e:92:8f:00:08:44:68:c2:d2:e0:46:
a9:59:7d:34
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOj/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI1MDU0MTA5WhcNMjUxMjEwMDU0MTA5WjAYMRYw
FAYDVQQDEw02NzZiOWFmOC0zNzYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApP8bQO3kLOZyFNunbkpdKiauf/JyjoOiNs2YJok/U7NTARXzQfv0dRSV
g0eWz97StRkshD4V70dm2WiLa9Z25YbCwEYyRPtkQJrQ4ktTBrx2ueapHJ32Et/Z
uHGHaZxod7y0q/btXb0bGoH3vLbCh6UU8jH1EGkYdUgRvBykb5EfQpE6D1ac7o6z
9TvQjzb/HfosQ4DTSeBcn4aiHVnPbcCfWq5ICXjvH0m2NScMnlsIascjZ3XkyE29
cXwPYu2Ub0An+0J2g6QE2tIXylXHEoT3An3L8F6CWfRblD1GMkx9LjAyJxxJsZik
d3oK9nOtU4OzxZeeqmV7Pnrc+EBcCQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDDy
Fx9fDetaEj6G6K/zmTqNrPLNMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EOTk4MDZGNkMyODIxMUVGQUYxMUM1ODU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOQfMA0GCSqGSIb3DQEBCwUA
A4IBAQBkGW0+Z1+VT7ZfsR5JEl+XURErCefPZuhuPykfQvyzNIYfMJw/TQCRmYZD
eNtJMeXooYDDp6RmODUEh8cpRta8etntxXNFr2X/2tVx+S54iE1LUj84aqXh+vH7
LQP5Ghq6vegdr9SJeRuxoW6xEzmqeMlVqBbevIMJCEgZsSrdGagDGusOJyP9fhgl
DD9LKPes9SM6IottTDnxhvy54yK++gtTd+yq43Zri18cRArbqIBlIxVy85oa57Fa
3yOu3xaVDo0bKIqAm+4D0zmB/2VwpSmEaFWUAG5cGKONpey1dZVUHnmVyN9HoK6J
i7s6vm3TfpKPAAhEaMLS4EapWX00
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:43:51 2025 by rpki-client