Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/080DF9C0CCEA11EF885713A0762E951A.roa
File: 080DF9C0CCEA11EF885713A0762E951A.roa (raw, json)
Hash identifier: rB1CWDa9SFJOgyY8XU92S0SlveoxyfltcuDhB4QTLBA=
Subject key identifier: 99:0C:74:97:3C:47:7B:8D:B7:2E:91:13:89:99:89:61:7C:1E:BF:AB
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FBF1
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/080DF9C0CCEA11EF885713A0762E951A.roa
Signing time: Tue 07 Jan 2025 11:25:00 +0000
ROA not before: Tue 07 Jan 2025 11:24:56 +0000
ROA not after: Mon 13 Dec 2027 11:24:56 +0000
asID: 17561
IP address blocks: 156.235.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64497 (0xfbf1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 11:24:56 2025 GMT
Not After : Dec 13 11:24:56 2027 GMT
Subject: CN=677d0f0c-0dee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:48:6e:95:6f:5d:ef:ea:00:de:b4:af:57:03:
9f:01:9c:72:44:ca:f0:5f:5a:fe:0c:70:68:ee:ba:
82:ff:84:8d:3e:a1:fe:cb:d0:e8:7c:40:f1:28:27:
fe:2c:73:32:5d:91:7d:e8:ad:ab:e9:92:3c:24:a1:
dd:e4:bb:33:27:57:70:51:e8:8d:b1:01:f2:03:1a:
71:dd:8b:48:8e:24:1d:cc:cc:3e:98:1b:ca:ed:67:
0e:03:7e:05:63:dd:d0:9c:ae:2c:c0:5d:59:aa:32:
83:f9:25:f3:05:ff:2e:80:a9:78:60:43:ca:af:fa:
a4:67:36:41:7e:75:e7:e8:b0:08:3c:75:3f:2e:a5:
31:d6:00:c1:d1:62:8c:ee:f7:61:8e:a0:a9:f5:4c:
48:9e:da:b0:1a:a9:b1:0d:96:0d:09:1f:1b:e1:ab:
65:98:0f:3d:19:37:bd:28:7e:16:19:0a:db:5a:40:
e2:63:b6:fb:46:9e:07:78:f2:d2:07:ff:9d:41:37:
69:c0:a1:ea:a2:fe:2b:5d:fe:f5:6d:2a:f7:b9:c8:
a0:82:d7:bf:0c:47:f5:7d:e5:84:46:3a:45:fc:fd:
fb:a1:19:0d:c1:53:9f:ec:87:cb:50:f5:ca:17:67:
75:62:17:c7:60:df:17:0f:a6:65:3e:51:09:3f:11:
bf:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:0C:74:97:3C:47:7B:8D:B7:2E:91:13:89:99:89:61:7C:1E:BF:AB
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/080DF9C0CCEA11EF885713A0762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.235.127.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:f1:ef:ab:6e:f8:ca:df:a1:17:dc:c1:48:e6:c4:2f:65:bd:
23:d6:4f:0e:e3:40:42:85:4b:19:53:99:17:88:a5:17:eb:46:
c6:79:64:e5:70:5f:75:69:3e:3b:3d:32:b5:56:f6:8a:9e:53:
c2:bd:20:d2:82:bd:3b:fc:b8:ba:c9:bd:e2:64:fc:45:80:5b:
85:b7:f6:65:be:9c:c8:e0:bc:12:25:ef:d7:b4:88:79:16:92:
d7:ea:10:56:e5:35:8a:af:97:b2:92:ad:1b:94:94:f4:9a:bc:
4e:af:a6:a0:80:c8:e9:9d:92:5b:4e:b1:f0:f7:83:4b:98:a9:
a2:2a:e7:f7:7f:8d:ba:1a:a8:b1:fd:32:1f:a2:6d:12:76:70:
8e:c1:d2:87:98:ec:9b:80:cf:58:4e:49:a2:69:1d:a0:8b:51:
aa:5f:36:d8:07:6f:1f:bf:30:b8:f2:2a:6f:ba:01:be:05:86:
74:1b:3f:f6:8e:54:20:ed:56:0d:7f:6c:97:50:fd:15:38:fc:
15:3e:2b:6d:36:86:41:bf:eb:fa:55:b0:97:35:ae:bf:54:1c:
2c:5b:3e:1a:d6:fd:90:e9:50:9f:43:c7:33:e3:5f:ee:e4:f6:
e8:fb:6c:e6:21:98:84:8c:eb:e2:04:58:5b:ed:a8:f5:df:48:
de:03:72:7e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPvxMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTEyNDU2WhcNMjcxMjEzMTEyNDU2WjAYMRYw
FAYDVQQDEw02NzdkMGYwYy0wZGVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqEhulW9d7+oA3rSvVwOfAZxyRMrwX1r+DHBo7rqC/4SNPqH+y9DofEDx
KCf+LHMyXZF96K2r6ZI8JKHd5LszJ1dwUeiNsQHyAxpx3YtIjiQdzMw+mBvK7WcO
A34FY93QnK4swF1ZqjKD+SXzBf8ugKl4YEPKr/qkZzZBfnXn6LAIPHU/LqUx1gDB
0WKM7vdhjqCp9UxIntqwGqmxDZYNCR8b4atlmA89GTe9KH4WGQrbWkDiY7b7Rp4H
ePLSB/+dQTdpwKHqov4rXf71bSr3uciggte/DEf1feWERjpF/P37oRkNwVOf7IfL
UPXKF2d1YhfHYN8XD6ZlPlEJPxG/nQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJkM
dJc8R3uNty6RE4mZiWF8Hr+rMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wODBERjlDMENDRUExMUVGODg1NzEzQTA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOt/MA0GCSqGSIb3DQEBCwUA
A4IBAQAf8e+rbvjK36EX3MFI5sQvZb0j1k8O40BChUsZU5kXiKUX60bGeWTlcF91
aT47PTK1VvaKnlPCvSDSgr07/Li6yb3iZPxFgFuFt/ZlvpzI4LwSJe/XtIh5FpLX
6hBW5TWKr5eykq0blJT0mrxOr6aggMjpnZJbTrHw94NLmKmiKuf3f426Gqix/TIf
om0SdnCOwdKHmOybgM9YTkmiaR2gi1GqXzbYB28fvzC48ipvugG+BYZ0Gz/2jlQg
7VYNf2yXUP0VOPwVPittNoZBv+v6VbCXNa6/VBwsWz4a1v2Q6VCfQ8cz41/u5Pbo
+2zmIZiEjOviBFhb7aj130jeA3J+
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:00:04 2025 by rpki-client