Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FD596B78C99611EF94249E8B762E951A.roa
File: FD596B78C99611EF94249E8B762E951A.roa (raw, json)
Hash identifier: 4+E1F8+KklUJjRdNEGYxbaASswo1fd2ze9POz1A2gU8=
Subject key identifier: 67:54:CE:9E:70:42:39:48:D0:7B:89:78:35:84:43:F0:BC:A0:BC:AA
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F61B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FD596B78C99611EF94249E8B762E951A.roa
Signing time: Fri 03 Jan 2025 05:53:00 +0000
ROA not before: Fri 03 Jan 2025 05:52:57 +0000
ROA not after: Mon 13 Dec 2027 05:52:57 +0000
asID: 17561
IP address blocks: 156.233.146.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63003 (0xf61b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 05:52:57 2025 GMT
Not After : Dec 13 05:52:57 2027 GMT
Subject: CN=67777b3c-5c37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:18:fb:28:ca:f6:a9:e8:97:dd:ae:10:0b:08:
bb:f3:e0:ea:01:19:bf:81:69:f6:fe:ce:b0:11:5e:
8c:bb:e6:33:36:c8:88:a5:d7:e3:13:c8:ba:6f:a2:
73:6c:7b:94:e0:8c:ce:80:75:c0:44:c2:4b:73:52:
4c:06:f7:a6:30:9b:da:ec:f1:38:90:c9:ae:2a:cd:
f3:61:2d:bd:5a:31:87:4f:44:b9:56:9b:ef:a5:1f:
bd:fb:f6:4f:12:c7:21:20:27:ca:86:41:95:a5:5f:
0d:53:08:79:9e:b2:71:10:49:15:a2:45:b2:b7:d5:
1e:dd:a8:7d:c8:bd:d9:ff:fb:83:05:7c:a4:f9:97:
c3:7d:e7:fc:29:71:08:49:23:22:a9:75:9f:0d:a9:
64:45:1e:90:19:ee:39:66:83:51:45:dc:9f:44:64:
23:53:ef:e2:1f:01:81:54:e2:fb:c7:7c:14:cd:c4:
80:e4:60:92:8e:0b:cc:c4:2a:11:ae:55:40:04:d9:
bf:00:d9:8e:77:d4:7c:a1:4d:45:39:eb:83:1b:f1:
c5:8e:53:f5:c0:0b:94:88:ab:90:a8:60:fd:8e:79:
4d:81:48:17:39:d5:f3:c7:15:0b:a2:b1:f5:9e:c9:
b7:c4:71:0b:15:1c:ea:c7:c1:d1:91:4a:c9:6d:16:
79:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:54:CE:9E:70:42:39:48:D0:7B:89:78:35:84:43:F0:BC:A0:BC:AA
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FD596B78C99611EF94249E8B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.146.0/24
Signature Algorithm: sha256WithRSAEncryption
24:49:16:c8:20:a4:4d:6d:71:bf:2a:9b:13:3e:ce:04:cc:5c:
74:c5:e1:6d:53:0d:c0:1b:a0:34:74:18:a1:24:30:e4:95:09:
69:cf:f4:74:ce:cb:08:b3:f3:81:74:f8:54:8c:93:15:af:a0:
a4:d3:a8:4e:d9:2d:57:ce:ec:ad:0d:9b:6b:41:07:87:6e:09:
ff:e3:d7:b6:b3:31:91:5d:cd:c8:90:79:4a:b4:67:b2:b2:e3:
c7:5c:df:11:14:98:98:a5:b4:38:9f:60:00:91:b1:3d:5e:da:
2c:b3:6e:4b:3f:36:5e:db:1f:5e:4f:c1:48:ec:57:53:34:69:
74:22:f5:69:9f:a3:af:03:40:13:2f:5a:bb:0b:1d:78:52:b7:
4a:0f:dc:56:f1:c7:4e:e6:25:55:cc:37:e5:aa:e2:85:9b:81:
4a:68:a9:a1:ce:8e:ca:68:2f:20:e8:54:a0:1c:20:05:af:67:
0c:b0:c5:ba:50:9a:01:3b:67:9e:d0:79:fa:c1:a9:e3:7b:13:
15:58:f3:da:d0:c0:08:85:b5:08:aa:9a:49:89:c5:c3:85:e9:
19:72:3d:9a:7d:c4:7e:f8:4d:d5:69:49:55:6b:b5:f5:40:94:
7f:61:7c:1d:4b:82:00:c8:ab:4c:1e:e0:a3:69:16:45:05:d3:
36:b2:9c:4d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPYbMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDU1MjU3WhcNMjcxMjEzMDU1MjU3WjAYMRYw
FAYDVQQDEw02Nzc3N2IzYy01YzM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1xj7KMr2qeiX3a4QCwi78+DqARm/gWn2/s6wEV6Mu+YzNsiIpdfjE8i6
b6JzbHuU4IzOgHXARMJLc1JMBvemMJva7PE4kMmuKs3zYS29WjGHT0S5VpvvpR+9
+/ZPEschICfKhkGVpV8NUwh5nrJxEEkVokWyt9Ue3ah9yL3Z//uDBXyk+ZfDfef8
KXEISSMiqXWfDalkRR6QGe45ZoNRRdyfRGQjU+/iHwGBVOL7x3wUzcSA5GCSjgvM
xCoRrlVABNm/ANmOd9R8oU1FOeuDG/HFjlP1wAuUiKuQqGD9jnlNgUgXOdXzxxUL
orH1nsm3xHELFRzqx8HRkUrJbRZ52wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGdU
zp5wQjlI0HuJeDWEQ/C8oLyqMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GRDU5NkI3OEM5OTYxMUVGOTQyNDlFOEI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOmSMA0GCSqGSIb3DQEBCwUA
A4IBAQAkSRbIIKRNbXG/KpsTPs4EzFx0xeFtUw3AG6A0dBihJDDklQlpz/R0zssI
s/OBdPhUjJMVr6Ck06hO2S1XzuytDZtrQQeHbgn/49e2szGRXc3IkHlKtGeysuPH
XN8RFJiYpbQ4n2AAkbE9Xtoss25LPzZe2x9eT8FI7FdTNGl0IvVpn6OvA0ATL1q7
Cx14UrdKD9xW8cdO5iVVzDflquKFm4FKaKmhzo7KaC8g6FSgHCAFr2cMsMW6UJoB
O2ee0Hn6wanjexMVWPPa0MAIhbUIqppJicXDhekZcj2afcR++E3VaUlVa7X1QJR/
YXwdS4IAyKtMHuCjaRZFBdM2spxN
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:56:43 2025 by rpki-client