Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E6B57D4CC32111EF85EEA85F762E951A.roa
File: E6B57D4CC32111EF85EEA85F762E951A.roa (raw, json)
Hash identifier: NoEC3S7/gB5TsZbh1dBQrOq4AZO4CXSaKNpkEsKZx3k=
Subject key identifier: AE:4C:CC:DA:BE:47:4A:07:A0:0F:A7:7F:F3:BB:B5:02:8A:5C:A2:D9
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EA2B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E6B57D4CC32111EF85EEA85F762E951A.roa
Signing time: Thu 26 Dec 2024 00:39:44 +0000
ROA not before: Thu 26 Dec 2024 00:00:41 +0000
ROA not after: Wed 10 Dec 2025 00:00:41 +0000
asID: 984
IP address blocks: 156.228.230.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59947 (0xea2b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 00:00:41 2024 GMT
Not After : Dec 10 00:00:41 2025 GMT
Subject: CN=676ca5d0-961e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:33:24:42:c5:08:a1:bf:16:58:aa:05:59:a8:
6e:b4:fb:32:6d:8d:82:65:44:ed:dc:c4:c9:b5:b0:
a8:02:d2:4a:7c:3d:11:d0:0b:ca:ae:53:78:45:b7:
58:dd:c4:30:8e:6a:5c:67:27:c2:b9:da:9e:5b:c2:
ce:fe:1a:53:12:2e:2a:2a:bb:dd:e4:ae:da:94:7c:
16:01:a6:e9:23:7f:90:19:5a:e6:b6:0c:0b:7b:5d:
af:60:a5:5b:e6:de:b1:64:24:9a:5f:c0:54:4d:cb:
95:19:24:f5:4c:8b:06:93:b6:8a:df:08:9c:02:40:
be:9b:df:ab:18:23:e2:52:42:66:c0:29:ce:9b:ad:
84:42:3b:3c:9e:7a:33:c5:71:08:a3:3e:8c:5a:9b:
7c:67:41:04:78:fa:04:70:36:51:5b:b4:db:62:a1:
af:f6:6d:bd:5c:0f:e7:c0:51:a6:13:3a:11:52:de:
77:e7:3e:b7:45:3e:6f:89:38:b3:09:0f:f9:28:c1:
a0:14:10:54:5c:73:2d:c3:ee:2e:52:40:e7:ca:1b:
50:9d:83:10:23:d0:44:8f:11:72:62:38:36:da:96:
68:ba:b0:40:08:44:19:ff:04:ca:df:4a:72:90:9e:
37:97:2f:df:94:82:29:9c:8d:31:3d:94:e6:33:bc:
fd:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:4C:CC:DA:BE:47:4A:07:A0:0F:A7:7F:F3:BB:B5:02:8A:5C:A2:D9
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E6B57D4CC32111EF85EEA85F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.230.0/24
Signature Algorithm: sha256WithRSAEncryption
45:60:e0:1a:bc:a6:21:17:55:7b:62:79:f2:d2:75:57:a7:18:
08:31:f2:f3:c0:b1:6a:6b:85:35:62:1d:8b:15:b1:60:18:d1:
a3:ad:1d:91:12:8c:f7:59:b5:4f:fd:70:45:9f:24:04:5c:1a:
10:1e:b5:00:bc:e0:3a:33:56:d2:ac:30:a0:d5:e6:0a:e7:65:
00:7f:4a:fc:5a:30:d4:b3:57:32:04:8c:6c:4f:35:fa:ca:c0:
3e:27:94:25:eb:d0:27:ab:c0:93:e3:a2:66:a8:38:f7:3b:e4:
96:de:aa:4f:73:b1:ca:29:a9:b8:35:51:54:95:fb:c9:18:c6:
8b:9e:1f:b3:ea:dd:85:3b:64:e3:74:75:ad:6d:1c:3f:86:d2:
32:c5:59:d2:e8:07:ee:d6:90:77:60:f4:a5:43:4d:5e:12:07:
97:3d:f9:be:7b:c0:bd:32:1b:06:39:df:79:46:19:75:0a:9e:
92:58:fb:47:9a:c4:3b:6f:c8:56:65:3a:dc:27:e3:e1:3b:62:
9b:9b:49:9c:14:be:5c:93:10:da:b4:ca:c4:6b:77:99:a7:9d:
17:22:2c:a2:5f:fa:2c:67:bf:43:31:9e:7a:7e:f9:8e:cd:8d:
ac:af:4d:78:20:c3:ca:bd:26:a7:c2:8e:2c:9e:96:8e:34:99:
70:06:0b:d8
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOorMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDAwMDQxWhcNMjUxMjEwMDAwMDQxWjAYMRYw
FAYDVQQDEw02NzZjYTVkMC05NjFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4jMkQsUIob8WWKoFWahutPsybY2CZUTt3MTJtbCoAtJKfD0R0AvKrlN4
RbdY3cQwjmpcZyfCudqeW8LO/hpTEi4qKrvd5K7alHwWAabpI3+QGVrmtgwLe12v
YKVb5t6xZCSaX8BUTcuVGST1TIsGk7aK3wicAkC+m9+rGCPiUkJmwCnOm62EQjs8
nnozxXEIoz6MWpt8Z0EEePoEcDZRW7TbYqGv9m29XA/nwFGmEzoRUt535z63RT5v
iTizCQ/5KMGgFBBUXHMtw+4uUkDnyhtQnYMQI9BEjxFyYjg22pZourBACEQZ/wTK
30pykJ43ly/flIIpnI0xPZTmM7z95wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFK5M
zNq+R0oHoA+nf/O7tQKKXKLZMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FNkI1N0Q0Q0MzMjExMUVGODVFRUE4NUY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOTmMA0GCSqGSIb3DQEBCwUA
A4IBAQBFYOAavKYhF1V7Ynny0nVXpxgIMfLzwLFqa4U1Yh2LFbFgGNGjrR2REoz3
WbVP/XBFnyQEXBoQHrUAvOA6M1bSrDCg1eYK52UAf0r8WjDUs1cyBIxsTzX6ysA+
J5Ql69Anq8CT46JmqDj3O+SW3qpPc7HKKam4NVFUlfvJGMaLnh+z6t2FO2TjdHWt
bRw/htIyxVnS6Afu1pB3YPSlQ01eEgeXPfm+e8C9MhsGOd95Rhl1Cp6SWPtHmsQ7
b8hWZTrcJ+PhO2Kbm0mcFL5ckxDatMrEa3eZp50XIiyiX/osZ79DMZ56fvmOzY2s
r014IMPKvSanwo4snpaONJlwBgvY
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:55:28 2025 by rpki-client