Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E230B6F2C28011EF80771879762E951A.roa
File: E230B6F2C28011EF80771879762E951A.roa (raw, json)
Hash identifier: Mjv7UrUuGs6Qpes0r47ZHgnvZ9uWMcS+Ir2uI4AwUe0=
Subject key identifier: 34:AE:C3:D6:65:D6:53:E3:A0:6D:AD:DD:27:4C:E2:67:0A:C4:A2:BB
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E8E7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E230B6F2C28011EF80771879762E951A.roa
Signing time: Wed 25 Dec 2024 05:27:08 +0000
ROA not before: Wed 25 Dec 2024 05:27:04 +0000
ROA not after: Wed 10 Dec 2025 05:27:04 +0000
asID: 984
IP address blocks: 156.228.17.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59623 (0xe8e7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 25 05:27:04 2024 GMT
Not After : Dec 10 05:27:04 2025 GMT
Subject: CN=676b97ac-fbf4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:f9:3f:0f:b1:7b:e9:dd:09:dc:ef:2b:7d:76:
e6:3d:ee:33:fd:2d:e6:c2:56:f7:f8:e6:9c:17:6e:
64:f2:d7:fc:f9:2a:34:37:fe:f4:01:07:5d:ec:d1:
06:cc:f5:34:80:40:11:70:25:df:db:57:f8:46:b8:
16:3a:b8:db:13:29:08:e4:4a:e3:a5:99:6d:a3:66:
42:3a:c8:23:4d:dd:db:01:15:fa:3d:08:b2:84:5e:
c5:1f:74:5d:a9:c3:1a:cc:86:37:df:d9:fd:a3:bf:
9e:56:44:36:40:29:41:d3:b2:2a:b3:5e:b1:16:76:
fe:77:eb:89:32:34:49:c5:cd:4b:e0:80:9a:c5:e3:
7a:a0:af:72:14:09:5c:51:0e:ff:18:2f:33:12:f1:
6f:6a:8c:2c:88:97:57:8a:00:82:4a:51:c1:1b:67:
62:7a:75:80:00:14:d0:0c:4b:d8:92:ff:11:80:dc:
a0:72:bf:f3:49:22:22:10:06:e4:83:db:80:b4:8f:
bb:b2:13:43:97:86:3d:38:69:dd:60:a4:c8:e5:28:
3f:97:bd:7d:a1:4c:04:64:e8:1e:26:f7:48:90:39:
8a:f4:d9:7a:83:d5:df:84:a1:7a:9c:9d:96:04:65:
5c:27:3f:56:57:bc:d5:87:55:dd:7c:c9:d6:98:7a:
9c:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:AE:C3:D6:65:D6:53:E3:A0:6D:AD:DD:27:4C:E2:67:0A:C4:A2:BB
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E230B6F2C28011EF80771879762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.17.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:b4:a0:22:7f:dd:9c:e6:d9:a6:03:6b:dd:76:a5:d9:4c:c0:
d8:92:56:d6:6c:49:eb:41:7f:94:28:66:62:b0:64:d5:c4:97:
90:cc:b6:f2:3b:3a:c3:55:44:56:32:8b:32:79:cc:fb:40:46:
e3:5e:cf:d8:db:0a:1a:f8:02:b0:e5:de:c0:6e:5e:e5:9e:c5:
72:35:83:99:bf:36:b2:ef:b4:11:94:15:4e:56:13:b2:c8:fe:
91:ed:53:cb:b8:56:95:01:79:21:28:e1:e2:38:73:23:cd:6d:
61:09:58:bc:2b:bb:f6:42:e4:9a:6c:28:dd:fd:84:7b:8e:55:
25:d3:4d:cf:99:2e:bf:15:ba:d3:c4:40:ed:77:3d:11:6c:88:
9f:c9:60:c7:17:98:17:47:a1:21:b3:32:29:c1:ca:cf:28:8c:
6d:ba:2a:48:fe:95:2a:c0:07:61:66:31:a0:6f:6b:82:1d:70:
31:a9:de:eb:46:45:93:f7:78:24:50:5f:86:46:6c:1e:22:3f:
05:1b:fd:c0:ea:9d:89:07:e7:a5:ec:27:ff:2b:e3:1d:61:2a:
99:e5:d4:42:80:3d:6d:f3:ee:3c:7a:c5:ef:f7:17:b0:a6:a8:
ab:d0:9b:83:88:34:cf:bc:dc:0e:22:07:dd:be:64:44:25:6f:
1e:20:49:9e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOjnMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI1MDUyNzA0WhcNMjUxMjEwMDUyNzA0WjAYMRYw
FAYDVQQDEw02NzZiOTdhYy1mYmY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuPk/D7F76d0J3O8rfXbmPe4z/S3mwlb3+OacF25k8tf8+So0N/70AQdd
7NEGzPU0gEARcCXf21f4RrgWOrjbEykI5ErjpZlto2ZCOsgjTd3bARX6PQiyhF7F
H3RdqcMazIY339n9o7+eVkQ2QClB07Iqs16xFnb+d+uJMjRJxc1L4ICaxeN6oK9y
FAlcUQ7/GC8zEvFvaowsiJdXigCCSlHBG2dienWAABTQDEvYkv8RgNygcr/zSSIi
EAbkg9uAtI+7shNDl4Y9OGndYKTI5Sg/l719oUwEZOgeJvdIkDmK9Nl6g9XfhKF6
nJ2WBGVcJz9WV7zVh1XdfMnWmHqcVwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDSu
w9Zl1lPjoG2t3SdM4mcKxKK7MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FMjMwQjZGMkMyODAxMUVGODA3NzE4Nzk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOQRMA0GCSqGSIb3DQEBCwUA
A4IBAQCqtKAif92c5tmmA2vddqXZTMDYklbWbEnrQX+UKGZisGTVxJeQzLbyOzrD
VURWMosyecz7QEbjXs/Y2woa+AKw5d7Abl7lnsVyNYOZvzay77QRlBVOVhOyyP6R
7VPLuFaVAXkhKOHiOHMjzW1hCVi8K7v2QuSabCjd/YR7jlUl003PmS6/FbrTxEDt
dz0RbIifyWDHF5gXR6EhszIpwcrPKIxtuipI/pUqwAdhZjGgb2uCHXAxqd7rRkWT
93gkUF+GRmweIj8FG/3A6p2JB+el7Cf/K+MdYSqZ5dRCgD1t8+48esXv9xewpqir
0JuDiDTPvNwOIgfdvmREJW8eIEme
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:55:43 2025 by rpki-client