Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FDDB05C2CBD811EFAD0A5456762E951A.roa
File: FDDB05C2CBD811EFAD0A5456762E951A.roa (raw, json)
Hash identifier: wBP2FxJDO/GT4qnHOYWFkkXX9sfo5sdsR2JVNzJjX0U=
Subject key identifier: B2:91:2B:DC:C6:EA:DE:F7:2C:E5:5C:29:ED:20:58:D7:BD:7C:63:BA
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F7E2
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FDDB05C2CBD811EFAD0A5456762E951A.roa
Signing time: Mon 06 Jan 2025 02:50:30 +0000
ROA not before: Mon 06 Jan 2025 02:50:27 +0000
ROA not after: Thu 06 Feb 2025 02:50:27 +0000
asID: 49434
IP address blocks: 156.229.228.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 06 Feb 2025 02:50:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63458 (0xf7e2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 6 02:50:27 2025 GMT
Not After : Feb 6 02:50:27 2025 GMT
Subject: CN=677b44f6-4112
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:4e:e1:68:76:69:c8:62:91:1a:fc:94:82:10:
79:87:e0:21:7f:31:cc:0e:02:a3:ff:cc:0c:9a:32:
46:6b:43:0e:43:b1:55:2f:45:5c:96:6e:18:28:8a:
33:ce:88:3d:da:72:6a:d5:a1:f4:ba:66:99:c3:a9:
e3:45:4e:65:53:29:ab:27:c7:95:b9:46:36:bc:0f:
73:43:08:b4:57:33:3f:1f:94:61:1d:a1:b3:fc:9c:
8a:8c:95:ec:5b:52:85:e9:fe:d7:6b:7c:b2:02:f4:
95:fd:f7:5d:ea:e0:a5:fe:6b:5d:2c:10:1f:0d:35:
3c:5f:96:9c:0d:e1:c1:09:11:4c:44:09:24:82:ac:
63:04:a3:54:6c:c1:4f:52:ac:05:ef:4c:20:30:12:
d3:b1:35:6a:e5:8d:5b:2a:a1:47:f2:33:46:0d:ef:
8d:f4:2d:f9:12:b4:8c:fa:b9:5c:1f:30:66:ff:a6:
f4:62:ec:ba:72:26:62:7e:57:0b:bd:9f:48:30:be:
f0:ae:d7:cc:84:35:08:1a:ad:fd:bf:06:53:10:e0:
8d:11:ed:04:9d:1b:96:e1:3e:f9:98:b3:91:bf:2a:
c0:ed:ab:08:34:c8:da:14:1d:fb:dc:ef:b5:d8:b2:
04:1d:c2:7b:55:c4:19:72:72:c0:2d:da:e5:e5:5c:
8a:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:91:2B:DC:C6:EA:DE:F7:2C:E5:5C:29:ED:20:58:D7:BD:7C:63:BA
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FDDB05C2CBD811EFAD0A5456762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.228.0/22
Signature Algorithm: sha256WithRSAEncryption
b7:8f:1f:0d:d4:60:9e:c9:38:d6:df:b0:7a:e9:bb:da:4c:e4:
45:0d:25:b7:4f:ce:f9:a8:39:ed:3f:0c:e2:9a:96:ac:cc:ae:
20:0e:71:96:81:aa:09:ac:e7:2b:42:b7:79:5f:fa:55:26:cb:
3d:6a:e7:08:c5:7d:63:ad:68:2a:04:f5:3a:95:38:b6:87:a1:
e4:a6:57:78:0d:1a:fb:cd:d3:2b:f2:b1:df:58:ed:99:ab:7b:
7f:af:ce:ff:a0:42:d0:75:07:92:88:81:9d:73:71:41:08:94:
34:91:7c:ee:cb:13:de:da:e2:65:3a:6f:7e:f9:6c:0a:5f:23:
09:c7:98:e8:14:76:d4:01:53:6f:1b:0c:35:d5:ac:03:e6:7e:
f4:97:e8:49:5f:82:39:1f:07:17:a6:68:e7:6e:9a:f8:1d:60:
fa:03:72:b1:ff:20:49:01:ce:a9:27:29:fb:86:75:9a:56:b1:
86:4f:d2:f2:b7:63:73:c4:02:6e:31:b1:14:c4:7a:10:ef:31:
a7:c3:f8:34:3c:4d:98:93:b2:b3:90:74:55:0f:31:76:b4:0c:
11:1e:c4:c2:c3:0e:e9:5c:b7:29:7a:ee:0e:8f:ec:a0:a3:d3:
23:d3:75:6c:78:fe:e2:14:2d:e4:84:8b:93:f8:b3:98:ce:b5:
67:50:7b:c8
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPfiMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA2MDI1MDI3WhcNMjUwMjA2MDI1MDI3WjAYMRYw
FAYDVQQDEw02NzdiNDRmNi00MTEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0E7haHZpyGKRGvyUghB5h+AhfzHMDgKj/8wMmjJGa0MOQ7FVL0Vclm4Y
KIozzog92nJq1aH0umaZw6njRU5lUymrJ8eVuUY2vA9zQwi0VzM/H5RhHaGz/JyK
jJXsW1KF6f7Xa3yyAvSV/fdd6uCl/mtdLBAfDTU8X5acDeHBCRFMRAkkgqxjBKNU
bMFPUqwF70wgMBLTsTVq5Y1bKqFH8jNGDe+N9C35ErSM+rlcHzBm/6b0Yuy6ciZi
flcLvZ9IML7wrtfMhDUIGq39vwZTEOCNEe0EnRuW4T75mLORvyrA7asINMjaFB37
3O+12LIEHcJ7VcQZcnLALdrl5VyKWwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLKR
K9zG6t73LOVcKe0gWNe9fGO6MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GRERCMDVDMkNCRDgxMUVGQUQwQTU0NTY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnOXkMA0GCSqGSIb3DQEBCwUA
A4IBAQC3jx8N1GCeyTjW37B66bvaTORFDSW3T875qDntPwzimpaszK4gDnGWgaoJ
rOcrQrd5X/pVJss9aucIxX1jrWgqBPU6lTi2h6Hkpld4DRr7zdMr8rHfWO2Zq3t/
r87/oELQdQeSiIGdc3FBCJQ0kXzuyxPe2uJlOm9++WwKXyMJx5joFHbUAVNvGww1
1awD5n70l+hJX4I5HwcXpmjnbpr4HWD6A3Kx/yBJAc6pJyn7hnWaVrGGT9Lyt2Nz
xAJuMbEUxHoQ7zGnw/g0PE2Yk7KzkHRVDzF2tAwRHsTCww7pXLcpeu4Oj+ygo9Mj
03VseP7iFC3khIuT+LOYzrVnUHvI
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:59:37 2025 by rpki-client