Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FAD44BF2C33311EFA1765065762E951A.roa
File: FAD44BF2C33311EFA1765065762E951A.roa (raw, json)
Hash identifier: mvQVGkq+MJuSzSyfQ426QY8jShCiK2MqhOOt82RkO+c=
Subject key identifier: 94:4F:A5:7D:D2:CA:65:7C:73:02:17:83:30:37:4F:08:DF:06:14:06
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EB31
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FAD44BF2C33311EFA1765065762E951A.roa
Signing time: Thu 26 Dec 2024 02:49:09 +0000
ROA not before: Thu 26 Dec 2024 02:49:06 +0000
ROA not after: Wed 10 Dec 2025 02:49:06 +0000
asID: 984
IP address blocks: 156.244.148.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60209 (0xeb31)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 02:49:06 2024 GMT
Not After : Dec 10 02:49:06 2025 GMT
Subject: CN=676cc425-a064
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:9f:07:c1:9d:27:74:ca:fa:d9:ae:c9:74:de:
b2:da:71:28:22:15:1e:31:fe:1b:32:79:b5:5e:85:
8c:10:51:c1:7b:a8:a7:ca:61:3e:c7:24:32:8e:10:
1f:61:fd:28:d1:97:04:a1:f4:57:b1:58:07:64:60:
37:d5:f5:48:14:d6:ec:24:1b:74:0b:f7:e3:8c:64:
4a:41:2a:5b:f1:cb:79:e1:06:25:00:0b:3b:7b:e7:
a9:71:6d:f8:5f:b6:4a:7c:7b:2d:01:65:38:5c:d3:
d9:cc:35:95:2a:80:b4:00:fe:e0:bd:98:6e:eb:6b:
f3:76:cc:d5:53:1a:0d:3b:4e:57:51:2b:b6:49:4a:
17:b0:3f:2e:a2:72:e7:eb:44:fd:48:13:14:c3:1f:
4c:d7:d9:5a:ed:83:a6:be:f0:2d:3b:f7:87:59:c6:
b1:a0:7d:ec:0f:1e:de:9c:d9:b5:59:1e:4f:ff:b4:
d0:0b:40:37:7e:c1:d0:25:00:06:82:79:ec:93:e5:
75:74:81:05:3b:67:49:b4:bb:59:60:10:3e:fd:15:
5f:59:5c:74:42:50:10:5e:dd:d2:8f:ee:c9:16:96:
ae:f8:de:a0:93:24:e4:7d:53:ae:47:1a:83:d4:f4:
8a:5a:01:81:b7:13:30:80:62:5b:b5:9f:ac:4c:67:
25:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:4F:A5:7D:D2:CA:65:7C:73:02:17:83:30:37:4F:08:DF:06:14:06
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FAD44BF2C33311EFA1765065762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.244.148.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:23:d3:86:25:f5:6f:2f:9d:68:df:af:79:61:27:cf:15:69:
d3:cb:ed:d3:3a:6f:de:a0:76:69:fa:32:22:43:1c:8a:58:da:
2d:a1:28:47:4a:37:4e:36:ba:a7:28:3e:91:2c:54:1e:36:2d:
e7:3d:25:68:d7:7b:71:bf:3d:70:6d:ee:32:a9:22:8c:ae:65:
95:fe:c8:41:41:59:d9:52:c8:f0:13:80:d8:fe:4f:8c:00:19:
68:a0:0d:f8:13:d5:f9:51:a6:9d:4f:d9:bb:7b:63:dd:ef:f4:
2b:eb:d4:d6:9f:a3:43:b6:a9:9e:1b:ce:96:74:84:47:63:18:
80:60:fc:40:f1:e3:a3:47:15:2b:71:87:9b:5d:7b:91:f9:de:
9c:07:fd:a1:87:f0:82:f4:a3:c1:9c:b0:7d:ce:91:e7:1d:38:
64:bd:ee:54:6a:12:d5:f9:12:be:dc:91:0c:d4:b3:c2:cf:1c:
8e:69:91:59:67:bd:40:cd:ce:e0:b1:c0:41:04:25:fe:9b:84:
cb:a4:56:0b:4a:e8:1a:4c:df:85:37:4a:40:7a:92:98:fb:d1:
d6:5d:ea:19:24:4e:90:00:36:96:3e:14:73:49:30:a9:9e:05:
b8:b0:53:75:d3:6b:e2:bf:96:e4:99:dc:25:ac:d1:e0:19:16:
3f:6a:be:af
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOsxMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDI0OTA2WhcNMjUxMjEwMDI0OTA2WjAYMRYw
FAYDVQQDEw02NzZjYzQyNS1hMDY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2J8HwZ0ndMr62a7JdN6y2nEoIhUeMf4bMnm1XoWMEFHBe6inymE+xyQy
jhAfYf0o0ZcEofRXsVgHZGA31fVIFNbsJBt0C/fjjGRKQSpb8ct54QYlAAs7e+ep
cW34X7ZKfHstAWU4XNPZzDWVKoC0AP7gvZhu62vzdszVUxoNO05XUSu2SUoXsD8u
onLn60T9SBMUwx9M19la7YOmvvAtO/eHWcaxoH3sDx7enNm1WR5P/7TQC0A3fsHQ
JQAGgnnsk+V1dIEFO2dJtLtZYBA+/RVfWVx0QlAQXt3Sj+7JFpau+N6gkyTkfVOu
RxqD1PSKWgGBtxMwgGJbtZ+sTGcl8wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJRP
pX3SymV8cwIXgzA3TwjfBhQGMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GQUQ0NEJGMkMzMzMxMUVGQTE3NjUwNjU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPSUMA0GCSqGSIb3DQEBCwUA
A4IBAQBuI9OGJfVvL51o3695YSfPFWnTy+3TOm/eoHZp+jIiQxyKWNotoShHSjdO
NrqnKD6RLFQeNi3nPSVo13txvz1wbe4yqSKMrmWV/shBQVnZUsjwE4DY/k+MABlo
oA34E9X5UaadT9m7e2Pd7/Qr69TWn6NDtqmeG86WdIRHYxiAYPxA8eOjRxUrcYeb
XXuR+d6cB/2hh/CC9KPBnLB9zpHnHThkve5UahLV+RK+3JEM1LPCzxyOaZFZZ71A
zc7gscBBBCX+m4TLpFYLSugaTN+FN0pAepKY+9HWXeoZJE6QADaWPhRzSTCpngW4
sFN102viv5bkmdwlrNHgGRY/ar6v
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:42:04 2025 by rpki-client