Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F44480BAB3E111EFB0FFAF56762E951A.roa
File: F44480BAB3E111EFB0FFAF56762E951A.roa (raw, json)
Hash identifier: goxnWlYQ0GxHh7ZHBNhqT26efDFKsfRj1fZXxXhf/Qg=
Subject key identifier: 89:EA:59:3E:25:20:74:EA:EB:3B:FA:77:AF:9E:84:47:B3:56:AA:F4
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E07F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F44480BAB3E111EFB0FFAF56762E951A.roa
Signing time: Fri 06 Dec 2024 14:54:12 +0000
ROA not before: Fri 06 Dec 2024 14:54:08 +0000
ROA not after: Mon 28 Apr 2025 14:54:08 +0000
asID: 9009
IP address blocks: 156.225.76.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 28 Dec 2024 00:21:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57471 (0xe07f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Dec 6 14:54:08 2024 GMT
Not After : Apr 28 14:54:08 2025 GMT
Subject: CN=67531014-5828
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:2c:1c:d6:6d:b8:74:22:20:cc:78:f7:b1:ef:
5a:4a:11:98:88:68:cf:99:7e:bc:6d:e5:db:21:c0:
1e:27:2b:76:ce:7c:c1:65:5d:ec:39:c1:50:03:fe:
a9:0d:03:16:e6:b6:6e:09:90:a3:51:6b:63:a4:f8:
51:df:a6:02:17:d6:09:1c:a1:67:ce:28:cc:a7:fb:
ad:a3:b3:b0:47:76:d2:96:05:21:5d:15:a1:44:b0:
a6:81:26:f0:2a:20:d9:07:87:b4:86:13:94:b7:b3:
3d:5c:fc:7f:ae:60:d3:f9:9f:18:89:d6:c4:45:29:
6c:fb:03:a8:33:1e:f4:16:e7:cd:5a:3b:75:89:4d:
29:e1:fc:6d:2b:18:5d:a8:c0:d5:19:bf:56:33:62:
86:2a:40:6e:19:5d:7c:f2:8f:d4:7b:df:8b:e6:d9:
97:80:89:7c:47:73:a8:ae:c3:29:7a:8d:ad:9d:cb:
89:d8:65:2f:ed:71:f8:c9:11:3b:d5:1f:f1:ff:cf:
f5:00:c8:b2:ea:6e:26:f8:b0:54:82:1a:2c:7b:ab:
44:cf:e8:51:d7:f9:e8:68:e5:62:9a:b1:22:f0:dc:
23:eb:28:da:e2:bb:24:3d:26:0b:9b:b1:70:9f:91:
13:e3:76:65:2c:09:7c:aa:df:ad:1e:3b:5e:c2:a4:
43:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:EA:59:3E:25:20:74:EA:EB:3B:FA:77:AF:9E:84:47:B3:56:AA:F4
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F44480BAB3E111EFB0FFAF56762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.76.0/22
Signature Algorithm: sha256WithRSAEncryption
4e:34:ff:50:ea:c5:2a:ae:9d:47:51:ff:7d:e5:7c:bf:91:b3:
85:77:f2:d3:02:56:d1:5a:04:7a:74:c3:da:eb:c9:6f:a3:1c:
37:14:45:9c:87:d8:46:92:4a:cf:41:cf:f8:df:b4:39:46:95:
54:fa:3a:6a:e3:22:93:bb:1b:23:18:52:31:55:d5:6d:41:47:
b9:e9:d3:74:4c:e1:e1:52:a3:ab:ae:26:d0:6a:a4:1a:6a:06:
09:b5:60:62:8e:9c:5a:9d:94:e0:f6:34:35:7f:e2:9d:d2:37:
5f:a5:30:f2:d9:ae:6d:1f:b3:e4:5e:6e:80:27:75:31:17:94:
f8:c4:e0:68:06:63:95:b1:3b:b1:2d:a2:0c:13:6f:18:a8:aa:
c2:02:59:45:44:a5:b1:99:6d:b0:eb:99:54:3b:2b:70:1a:f0:
43:0b:cb:d4:29:47:03:72:84:5b:e9:ef:18:c3:b7:6b:78:73:
8b:f8:15:78:8d:fa:c0:fa:05:d4:f8:37:af:25:26:62:6f:06:
55:6f:ce:8d:c6:81:82:fe:b4:1c:e0:fd:41:b7:2c:ba:12:52:
9d:70:c7:df:2e:fd:bf:ba:43:27:b7:01:79:8c:0b:00:63:54:
c9:d3:fd:ca:f5:56:5c:19:c0:4f:e4:8f:26:19:79:f7:c3:b9:
2b:b9:f1:16
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOB/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjA2MTQ1NDA4WhcNMjUwNDI4MTQ1NDA4WjAYMRYw
FAYDVQQDEw02NzUzMTAxNC01ODI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvSwc1m24dCIgzHj3se9aShGYiGjPmX68beXbIcAeJyt2znzBZV3sOcFQ
A/6pDQMW5rZuCZCjUWtjpPhR36YCF9YJHKFnzijMp/uto7OwR3bSlgUhXRWhRLCm
gSbwKiDZB4e0hhOUt7M9XPx/rmDT+Z8YidbERSls+wOoMx70FufNWjt1iU0p4fxt
KxhdqMDVGb9WM2KGKkBuGV188o/Ue9+L5tmXgIl8R3OorsMpeo2tncuJ2GUv7XH4
yRE71R/x/8/1AMiy6m4m+LBUghose6tEz+hR1/noaOVimrEi8Nwj6yja4rskPSYL
m7Fwn5ET43ZlLAl8qt+tHjtewqRDgwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFInq
WT4lIHTq6zv6d6+ehEezVqr0MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GNDQ0ODBCQUIzRTExMUVGQjBGRkFGNTY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnOFMMA0GCSqGSIb3DQEBCwUA
A4IBAQBONP9Q6sUqrp1HUf995Xy/kbOFd/LTAlbRWgR6dMPa68lvoxw3FEWch9hG
kkrPQc/437Q5RpVU+jpq4yKTuxsjGFIxVdVtQUe56dN0TOHhUqOrribQaqQaagYJ
tWBijpxanZTg9jQ1f+Kd0jdfpTDy2a5tH7PkXm6AJ3UxF5T4xOBoBmOVsTuxLaIM
E28YqKrCAllFRKWxmW2w65lUOytwGvBDC8vUKUcDcoRb6e8Yw7dreHOL+BV4jfrA
+gXU+DevJSZibwZVb86NxoGC/rQc4P1Btyy6ElKdcMffLv2/ukMntwF5jAsAY1TJ
0/3K9VZcGcBP5I8mGXn3w7krufEW
-----END CERTIFICATE-----
Generated at Thu Dec 26 14:48:10 2024 by rpki-client on console-fra.rpki-client.org