Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/ED73C1AEC31F11EF9CFB9A53762E951A.roa
File: ED73C1AEC31F11EF9CFB9A53762E951A.roa (raw, json)
Hash identifier: ksXlCirNVNxdSVoDHbXbnmALLoYk0fNkkfUZ2iV+9Fw=
Subject key identifier: 7D:F7:A5:C8:A0:84:9E:10:E1:5C:C1:BC:DB:B5:F5:0E:45:D4:F8:E0
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EA13
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/ED73C1AEC31F11EF9CFB9A53762E951A.roa
Signing time: Thu 26 Dec 2024 00:25:37 +0000
ROA not before: Thu 26 Dec 2024 00:00:33 +0000
ROA not after: Wed 10 Dec 2025 00:00:33 +0000
asID: 984
IP address blocks: 156.228.216.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59923 (0xea13)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 00:00:33 2024 GMT
Not After : Dec 10 00:00:33 2025 GMT
Subject: CN=676ca281-e3d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:99:70:ea:d5:f1:bc:e4:04:8c:61:84:66:40:
42:dd:ed:8b:3d:cd:dc:47:15:72:8c:8c:8d:55:5f:
5f:90:d9:38:ce:2a:18:76:69:5e:85:93:a2:d3:69:
a2:3a:b4:ec:ce:5b:8e:25:04:2b:2c:64:d8:cc:32:
04:9e:c7:c3:6e:6a:c6:d1:f7:4b:80:11:d0:06:1e:
32:ba:0c:47:a7:8b:05:3a:a4:8d:07:e2:7f:cd:0f:
a9:e2:90:c7:9c:52:c6:c9:a8:fc:d7:cd:2b:67:c0:
a6:7e:08:1d:30:30:59:5c:ac:2f:9e:cc:72:43:18:
28:62:f9:5c:49:83:6f:5c:01:86:15:15:60:5e:44:
95:18:14:e7:96:e1:2d:09:27:c6:47:e9:cf:eb:7f:
ac:da:1d:1e:ea:80:a9:a3:4b:7d:a9:39:c2:be:da:
aa:50:4d:da:9d:5d:48:12:05:4a:81:72:95:a0:66:
56:84:1b:fa:5a:67:0b:aa:20:b5:9a:52:52:3e:04:
1a:23:4f:ac:ae:35:a0:a1:f3:2b:05:ed:0e:b0:7e:
32:7a:2c:31:6a:98:97:92:95:6a:cf:2a:44:4b:23:
0b:12:06:eb:80:56:af:da:da:d9:cc:1b:55:d1:68:
e3:fe:2c:1c:8f:c4:ab:89:f5:c1:22:57:9f:65:5e:
8d:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:F7:A5:C8:A0:84:9E:10:E1:5C:C1:BC:DB:B5:F5:0E:45:D4:F8:E0
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/ED73C1AEC31F11EF9CFB9A53762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.216.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:76:15:f2:39:73:20:07:fc:36:01:71:be:ef:6b:10:5d:77:
f1:cf:79:c5:40:b4:15:70:8f:fb:c1:3e:d2:06:af:72:f7:40:
af:0e:29:2c:3e:a6:d4:7b:18:b9:c9:9d:bb:0f:de:3f:8e:ce:
6c:b3:86:68:b7:06:84:68:3d:20:51:0c:fa:70:d7:f3:e8:05:
c1:a1:94:4f:d7:ef:c2:d8:3e:67:fd:4a:ac:20:bf:29:70:64:
2b:20:ee:ff:2e:df:93:8e:1e:2e:92:78:dc:74:2e:43:a4:81:
10:a5:77:88:fb:15:8d:56:c0:f8:70:1e:21:2f:c3:ab:d4:54:
8b:db:38:9d:da:cf:66:28:c7:dd:f7:cc:5a:e1:7b:4c:09:8d:
83:68:f3:34:93:de:fb:74:df:ce:89:eb:a9:22:a7:36:0a:02:
19:67:72:82:53:3e:fb:89:9c:01:d8:82:a6:9d:82:b0:20:9b:
cf:b9:f9:4d:51:dd:90:3a:e1:0a:4d:c6:b2:42:50:8f:3b:d0:
19:2f:a0:f3:cf:e6:73:4b:a7:27:3e:c8:ae:66:39:c3:51:82:
ea:7f:47:ec:89:8b:64:6a:50:b0:0c:e0:79:1e:0b:f2:d9:b4:
0e:27:4b:7c:69:34:86:c7:5f:59:bf:a6:46:b0:d0:f1:5a:cf:
27:e2:08:9a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOoTMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDAwMDMzWhcNMjUxMjEwMDAwMDMzWjAYMRYw
FAYDVQQDEw02NzZjYTI4MS1lM2Q0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA15lw6tXxvOQEjGGEZkBC3e2LPc3cRxVyjIyNVV9fkNk4zioYdmlehZOi
02miOrTszluOJQQrLGTYzDIEnsfDbmrG0fdLgBHQBh4yugxHp4sFOqSNB+J/zQ+p
4pDHnFLGyaj8180rZ8CmfggdMDBZXKwvnsxyQxgoYvlcSYNvXAGGFRVgXkSVGBTn
luEtCSfGR+nP63+s2h0e6oCpo0t9qTnCvtqqUE3anV1IEgVKgXKVoGZWhBv6WmcL
qiC1mlJSPgQaI0+srjWgofMrBe0OsH4yeiwxapiXkpVqzypESyMLEgbrgFav2trZ
zBtV0Wjj/iwcj8SrifXBIlefZV6NSQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFH33
pcighJ4Q4VzBvNu19Q5F1PjgMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FRDczQzFBRUMzMUYxMUVGOUNGQjlBNTM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOTYMA0GCSqGSIb3DQEBCwUA
A4IBAQC1dhXyOXMgB/w2AXG+72sQXXfxz3nFQLQVcI/7wT7SBq9y90CvDiksPqbU
exi5yZ27D94/js5ss4ZotwaEaD0gUQz6cNfz6AXBoZRP1+/C2D5n/UqsIL8pcGQr
IO7/Lt+Tjh4uknjcdC5DpIEQpXeI+xWNVsD4cB4hL8Or1FSL2zid2s9mKMfd98xa
4XtMCY2DaPM0k977dN/OieupIqc2CgIZZ3KCUz77iZwB2IKmnYKwIJvPuflNUd2Q
OuEKTcayQlCPO9AZL6Dzz+ZzS6cnPsiuZjnDUYLqf0fsiYtkalCwDOB5Hgvy2bQO
J0t8aTSGx19Zv6ZGsNDxWs8n4gia
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:38:42 2025 by rpki-client