Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/00F941C0CCDC11EF95B3DF46762E951A.roa
File: 00F941C0CCDC11EF95B3DF46762E951A.roa (raw, json)
Hash identifier: l1e2URUB22csBrmFMaf/h/REYV0W98cC0seTukDqOJA=
Subject key identifier: 7B:FE:39:A4:DA:81:A9:19:DA:5D:3E:92:84:B6:8D:67:2C:B1:7A:88
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FB69
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/00F941C0CCDC11EF95B3DF46762E951A.roa
Signing time: Tue 07 Jan 2025 09:44:35 +0000
ROA not before: Tue 07 Jan 2025 09:44:31 +0000
ROA not after: Mon 13 Dec 2027 09:44:31 +0000
asID: 17561
IP address blocks: 156.233.204.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64361 (0xfb69)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 09:44:31 2025 GMT
Not After : Dec 13 09:44:31 2027 GMT
Subject: CN=677cf783-21f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:8e:34:6e:83:e1:14:a7:0d:60:11:95:73:40:
6a:f1:fe:fc:d2:9a:4e:01:e0:4c:51:55:68:07:d6:
ea:3e:55:b1:20:fa:f1:df:10:67:5c:84:0d:26:14:
6c:02:08:96:94:bf:67:95:aa:8a:03:06:10:68:67:
09:2a:8a:fc:d3:05:26:68:c0:f0:25:a2:5d:b8:f4:
e2:03:6f:fe:72:62:e9:15:f0:65:0d:26:dc:bb:0f:
16:cd:79:a9:8e:93:28:5e:a7:c7:72:93:b4:5d:80:
9e:f5:9a:aa:c2:5b:27:8f:f8:da:08:3f:f7:5a:53:
c5:c5:aa:7b:9b:43:c9:ef:24:09:7f:3f:ae:a3:05:
89:c5:44:59:ae:c3:c1:12:fb:de:6d:07:7e:99:68:
44:b7:90:0f:2d:33:38:aa:11:7c:75:90:74:87:65:
26:fd:22:95:da:87:4e:3e:0e:d6:a3:32:5e:73:3d:
ae:33:06:ea:c6:41:83:61:2f:7a:7e:41:e7:f6:f5:
42:9b:8d:f3:47:08:ad:6e:bd:a0:87:42:08:7d:68:
b4:c4:e5:66:02:15:16:e9:2b:3a:c2:c3:9c:5c:4f:
10:9a:ea:07:61:db:41:0b:b4:e4:89:99:83:18:a0:
6d:25:59:a9:12:26:6f:2b:a4:d7:85:6c:74:a6:5a:
66:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:FE:39:A4:DA:81:A9:19:DA:5D:3E:92:84:B6:8D:67:2C:B1:7A:88
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/00F941C0CCDC11EF95B3DF46762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.204.0/24
Signature Algorithm: sha256WithRSAEncryption
68:66:a5:e8:ef:88:2f:3a:e0:6f:f5:58:8d:c4:2e:b0:bd:35:
4f:de:fe:66:eb:79:5e:4e:fc:62:d9:c1:22:b2:27:1e:6d:1a:
75:8a:84:93:c8:bc:e8:ef:c2:03:0c:cb:29:85:53:05:78:da:
1f:e1:82:62:12:c3:89:b5:9f:41:46:1d:ef:d8:bb:11:4c:af:
d3:fd:f4:84:52:b8:f0:0b:49:47:ed:dc:9c:b5:6e:87:d5:50:
2a:b4:1c:13:dd:7b:ce:22:5d:b5:46:c5:50:16:4a:8b:d7:87:
2b:3b:dc:ce:47:a4:40:32:d8:63:d6:81:9a:9a:ca:d9:ca:2d:
f9:01:17:56:81:a9:2d:13:28:8b:35:e9:66:45:66:40:36:f0:
ba:f4:99:7a:09:c0:e7:58:25:90:49:c9:9a:00:52:93:fa:51:
db:64:9c:0b:aa:37:ed:d4:e4:ea:b2:0c:88:e8:26:d9:64:f6:
9c:56:9f:b9:e2:d0:21:c7:42:7c:e1:9c:4a:1c:f0:d0:be:b2:
18:e6:4d:c1:60:96:b0:9e:77:25:46:96:4d:5f:93:32:57:1e:
ee:a9:10:8c:8c:66:19:e2:9e:03:5a:43:31:cc:6b:57:d1:8a:
e4:c4:0f:88:0b:bd:0d:a7:82:c5:02:09:ee:a8:49:57:9a:98:
dd:13:09:e6
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPtpMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDk0NDMxWhcNMjcxMjEzMDk0NDMxWjAYMRYw
FAYDVQQDEw02NzdjZjc4My0yMWY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1o40boPhFKcNYBGVc0Bq8f780ppOAeBMUVVoB9bqPlWxIPrx3xBnXIQN
JhRsAgiWlL9nlaqKAwYQaGcJKor80wUmaMDwJaJduPTiA2/+cmLpFfBlDSbcuw8W
zXmpjpMoXqfHcpO0XYCe9Zqqwlsnj/jaCD/3WlPFxap7m0PJ7yQJfz+uowWJxURZ
rsPBEvvebQd+mWhEt5APLTM4qhF8dZB0h2Um/SKV2odOPg7WozJecz2uMwbqxkGD
YS96fkHn9vVCm43zRwitbr2gh0IIfWi0xOVmAhUW6Ss6wsOcXE8QmuoHYdtBC7Tk
iZmDGKBtJVmpEiZvK6TXhWx0plpmawIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHv+
OaTagakZ2l0+koS2jWcssXqIMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wMEY5NDFDMENDREMxMUVGOTVCM0RGNDY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOnMMA0GCSqGSIb3DQEBCwUA
A4IBAQBoZqXo74gvOuBv9ViNxC6wvTVP3v5m63leTvxi2cEisicebRp1ioSTyLzo
78IDDMsphVMFeNof4YJiEsOJtZ9BRh3v2LsRTK/T/fSEUrjwC0lH7dyctW6H1VAq
tBwT3XvOIl21RsVQFkqL14crO9zOR6RAMthj1oGamsrZyi35ARdWgaktEyiLNelm
RWZANvC69Jl6CcDnWCWQScmaAFKT+lHbZJwLqjft1OTqsgyI6CbZZPacVp+54tAh
x0J84ZxKHPDQvrIY5k3BYJawnnclRpZNX5MyVx7uqRCMjGYZ4p4DWkMxzGtX0Yrk
xA+IC70Np4LFAgnuqElXmpjdEwnm
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:44:25 2025 by rpki-client