Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C68BE74EC33B11EFAD6C0E9B762E951A.roa
File: C68BE74EC33B11EFAD6C0E9B762E951A.roa (raw, json)
Hash identifier: 7WE/Fa5/3L0+bJzBXQ9QgSBKw+I6xE1ujCuxFgSfG7U=
Subject key identifier: 74:F3:0D:63:04:C0:1A:98:78:45:76:FF:52:76:B0:DF:63:CC:2D:9F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EB8D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C68BE74EC33B11EFAD6C0E9B762E951A.roa
Signing time: Thu 26 Dec 2024 03:44:58 +0000
ROA not before: Thu 26 Dec 2024 03:44:54 +0000
ROA not after: Fri 10 Dec 2027 03:44:54 +0000
asID: 17561
IP address blocks: 156.244.194.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 29 Apr 2025 00:26:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60301 (0xeb8d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Dec 26 03:44:54 2024 GMT
Not After : Dec 10 03:44:54 2027 GMT
Subject: CN=676cd139-bc8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:72:03:af:65:43:01:2f:16:e8:db:d8:8e:c0:
4f:59:b2:27:1d:3e:46:8c:cf:e1:a3:c3:ce:75:a5:
e4:db:42:0b:b0:da:d4:68:02:cf:75:93:b6:2d:55:
1a:ed:7b:ad:66:04:79:07:30:e3:2f:9b:94:11:15:
63:b6:ec:ea:ae:b3:12:f9:88:e5:d6:c4:39:c8:61:
7f:1b:b2:96:3d:63:d4:fd:d9:3d:25:1e:39:0c:4a:
25:de:30:ac:90:35:1c:d8:b0:da:96:35:9c:38:fb:
25:7e:2a:a1:c4:b7:9f:00:f1:0c:50:6f:b4:44:f4:
d0:cd:c6:9d:ed:7d:2d:a7:78:39:75:f7:b8:b1:e2:
00:5b:7d:95:ed:24:86:fd:67:2a:d4:1e:00:99:99:
1d:8b:ff:2c:14:51:0e:9a:d5:e5:05:cc:ea:16:14:
38:85:d1:23:79:f1:fb:62:67:31:07:13:61:1d:50:
4a:85:78:af:ce:6c:83:77:e7:30:6e:40:6c:9a:09:
0e:80:db:21:55:de:b2:56:22:4d:9b:0a:e5:98:94:
8d:c6:8d:55:77:ac:2a:d5:de:15:ec:6c:bd:44:63:
5c:cc:bd:66:c4:28:f1:b8:28:fb:59:e3:52:7e:e0:
16:0d:41:f3:23:36:2c:18:22:7d:b0:0d:44:1c:97:
54:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:F3:0D:63:04:C0:1A:98:78:45:76:FF:52:76:B0:DF:63:CC:2D:9F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C68BE74EC33B11EFAD6C0E9B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.244.194.0/24
Signature Algorithm: sha256WithRSAEncryption
61:52:66:1a:e7:ee:3a:b8:2a:d8:5b:59:8c:df:e3:fa:2b:a0:
77:ed:27:58:91:a6:f7:e9:a7:56:cc:bf:eb:fb:0e:01:a2:00:
cd:72:19:0a:de:57:a5:c4:b4:dd:ea:80:3d:95:8d:68:1c:0b:
74:8d:28:4f:41:de:da:99:50:45:e8:68:f3:0d:f4:f9:0b:77:
5f:6a:12:8f:4d:b3:98:48:c3:a2:e5:01:d3:5b:36:5b:07:16:
7c:31:59:70:cf:ab:30:c8:73:9b:bf:1f:b3:cc:9f:23:df:a2:
56:f3:53:97:38:34:af:53:45:43:aa:be:33:82:b0:e5:2c:79:
85:30:2f:67:ea:d4:e9:5f:7d:5f:6d:f2:8f:36:6c:ce:71:b3:
9b:e4:7e:e2:26:e4:8b:0a:19:4f:12:1e:40:38:be:9c:39:0f:
52:dd:b0:6a:df:f7:ab:a3:5f:cb:0f:a1:55:15:01:2a:bb:24:
39:5e:72:40:80:ac:3c:7b:5c:e8:2e:25:8f:5f:9f:7c:d4:47:
69:17:5f:2f:83:06:41:e8:81:99:c6:9e:76:31:b1:0c:4c:97:
22:57:a0:3c:63:f3:4d:1a:91:b3:77:61:9c:d2:dd:cd:9b:b6:
35:6d:85:19:a5:f0:cc:da:66:48:9e:12:21:51:71:a0:33:57:
98:b2:51:3e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOuNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDM0NDU0WhcNMjcxMjEwMDM0NDU0WjAYMRYw
FAYDVQQDEw02NzZjZDEzOS1iYzhiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqnIDr2VDAS8W6NvYjsBPWbInHT5GjM/ho8POdaXk20ILsNrUaALPdZO2
LVUa7XutZgR5BzDjL5uUERVjtuzqrrMS+Yjl1sQ5yGF/G7KWPWPU/dk9JR45DEol
3jCskDUc2LDaljWcOPslfiqhxLefAPEMUG+0RPTQzcad7X0tp3g5dfe4seIAW32V
7SSG/Wcq1B4AmZkdi/8sFFEOmtXlBczqFhQ4hdEjefH7YmcxBxNhHVBKhXivzmyD
d+cwbkBsmgkOgNshVd6yViJNmwrlmJSNxo1Vd6wq1d4V7Gy9RGNczL1mxCjxuCj7
WeNSfuAWDUHzIzYsGCJ9sA1EHJdUOwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHTz
DWMEwBqYeEV2/1J2sN9jzC2fMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DNjhCRTc0RUMzM0IxMUVGQUQ2QzBFOUI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPTCMA0GCSqGSIb3DQEBCwUA
A4IBAQBhUmYa5+46uCrYW1mM3+P6K6B37SdYkab36adWzL/r+w4BogDNchkK3lel
xLTd6oA9lY1oHAt0jShPQd7amVBF6GjzDfT5C3dfahKPTbOYSMOi5QHTWzZbBxZ8
MVlwz6swyHObvx+zzJ8j36JW81OXODSvU0VDqr4zgrDlLHmFMC9n6tTpX31fbfKP
NmzOcbOb5H7iJuSLChlPEh5AOL6cOQ9S3bBq3/ero1/LD6FVFQEquyQ5XnJAgKw8
e1zoLiWPX5981EdpF18vgwZB6IGZxp52MbEMTJciV6A8Y/NNGpGzd2Gc0t3Nm7Y1
bYUZpfDM2mZInhIhUXGgM1eYslE+
-----END CERTIFICATE-----
Generated at Sun Apr 27 14:55:52 2025 by rpki-client on console.sobornost.net