Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/09A82ACECD1911EF8B002247762E951A.roa
File: 09A82ACECD1911EF8B002247762E951A.roa (raw, json)
Hash identifier: 9zlvZq3kNtAyj272f4u3l872xLpom4or6HRb1AY70UA=
Subject key identifier: DD:F0:EE:BF:20:7C:AC:16:56:75:5A:49:9F:77:0B:FC:A8:97:3B:A7
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FD33
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/09A82ACECD1911EF8B002247762E951A.roa
Signing time: Tue 07 Jan 2025 17:01:29 +0000
ROA not before: Tue 07 Jan 2025 17:01:25 +0000
ROA not after: Mon 13 Dec 2027 17:01:25 +0000
asID: 17561
IP address blocks: 156.241.29.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64819 (0xfd33)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 17:01:25 2025 GMT
Not After : Dec 13 17:01:25 2027 GMT
Subject: CN=677d5de9-71fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:f0:d0:e1:87:1b:74:a3:33:88:65:17:cb:6d:
11:22:9f:1c:1c:c9:61:23:99:73:d2:bf:90:29:88:
32:eb:1b:4f:88:41:e0:72:0f:83:8f:72:25:22:c9:
a9:72:88:8d:85:6a:17:4d:4e:2f:66:ed:69:21:70:
1a:0d:59:b5:1a:3b:99:db:72:e6:b9:ff:aa:2f:37:
14:75:2b:99:85:bd:92:94:0c:85:a4:39:7c:0b:7e:
4f:3f:f2:5f:04:a6:35:65:02:08:d8:5a:6c:73:04:
47:0f:d7:bc:9e:99:24:a3:da:87:2e:4b:15:91:83:
82:38:4e:60:49:b9:59:da:71:c5:18:3f:09:ab:cc:
bd:e1:5c:ec:ad:c6:b2:87:be:39:ab:73:6e:91:51:
cf:03:28:a7:e5:c5:08:ef:89:f6:ca:80:38:a3:48:
b4:8f:82:6c:4d:f4:23:1b:92:df:38:a7:36:bb:21:
a1:3b:e0:33:1d:08:e2:45:3c:9e:c8:a5:87:73:d6:
c4:fb:f2:e4:63:df:81:27:39:f4:32:13:1f:c9:7f:
a8:28:b9:fc:eb:54:0d:6c:b8:79:8c:9f:c4:38:d2:
f3:ed:55:87:72:1d:74:3d:b1:25:d6:28:21:b9:24:
ee:42:8b:ae:3c:9a:9b:23:f5:f0:20:7b:f7:ba:61:
97:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:F0:EE:BF:20:7C:AC:16:56:75:5A:49:9F:77:0B:FC:A8:97:3B:A7
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/09A82ACECD1911EF8B002247762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.241.29.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:6d:a8:b9:50:e5:56:2b:93:85:2a:84:bf:e1:b1:c6:2e:54:
17:67:7c:94:0e:74:e3:e1:56:1f:9d:12:d9:37:5f:44:74:ba:
4a:5a:49:27:ba:45:bb:e5:bb:21:cc:54:d6:3c:48:e7:1b:b5:
94:1f:aa:5f:4f:ae:f7:ac:9f:ed:39:fc:02:eb:2e:d5:1c:94:
43:c7:02:04:71:06:97:52:65:73:4c:53:df:c8:ec:53:dc:35:
31:35:c0:53:88:87:4c:59:d5:b2:5b:00:6c:5f:0c:91:38:56:
81:25:7c:50:00:e9:79:8b:7b:f0:8c:c9:cb:eb:df:34:16:c8:
33:af:ad:4e:bc:c1:99:c2:fa:49:8c:f3:45:f9:7c:02:6f:48:
6e:11:64:cd:57:68:98:9d:87:0c:49:da:6b:99:a9:98:6b:28:
98:b6:71:f2:01:3a:ba:8a:e5:93:b3:dc:22:53:5d:61:f7:c3:
c7:fd:e6:3f:7b:c2:3b:5b:ae:02:3e:23:f6:bb:8a:ab:60:5d:
14:f3:fc:6d:74:d3:7f:83:8f:93:b2:42:0a:b3:e3:d8:b0:bb:
59:50:6a:99:20:20:65:9a:44:cd:5e:5e:7b:d1:9a:2e:42:99:
b1:2e:53:1c:5b:2e:e2:0b:88:8c:d9:a0:27:92:7d:75:70:db:
8f:a4:b4:65
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP0zMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTcwMTI1WhcNMjcxMjEzMTcwMTI1WjAYMRYw
FAYDVQQDEw02NzdkNWRlOS03MWZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyfDQ4YcbdKMziGUXy20RIp8cHMlhI5lz0r+QKYgy6xtPiEHgcg+Dj3Il
IsmpcoiNhWoXTU4vZu1pIXAaDVm1GjuZ23Lmuf+qLzcUdSuZhb2SlAyFpDl8C35P
P/JfBKY1ZQII2FpscwRHD9e8npkko9qHLksVkYOCOE5gSblZ2nHFGD8Jq8y94Vzs
rcayh745q3NukVHPAyin5cUI74n2yoA4o0i0j4JsTfQjG5LfOKc2uyGhO+AzHQji
RTyeyKWHc9bE+/LkY9+BJzn0MhMfyX+oKLn861QNbLh5jJ/EONLz7VWHch10PbEl
1ighuSTuQouuPJqbI/XwIHv3umGXIwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFN3w
7r8gfKwWVnVaSZ93C/yolzunMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wOUE4MkFDRUNEMTkxMUVGOEIwMDIyNDc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPEdMA0GCSqGSIb3DQEBCwUA
A4IBAQCmbai5UOVWK5OFKoS/4bHGLlQXZ3yUDnTj4VYfnRLZN19EdLpKWkknukW7
5bshzFTWPEjnG7WUH6pfT673rJ/tOfwC6y7VHJRDxwIEcQaXUmVzTFPfyOxT3DUx
NcBTiIdMWdWyWwBsXwyROFaBJXxQAOl5i3vwjMnL6980Fsgzr61OvMGZwvpJjPNF
+XwCb0huEWTNV2iYnYcMSdprmamYayiYtnHyATq6iuWTs9wiU11h98PH/eY/e8I7
W64CPiP2u4qrYF0U8/xtdNN/g4+TskIKs+PYsLtZUGqZICBlmkTNXl570ZouQpmx
LlMcWy7iC4iM2aAnkn11cNuPpLRl
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:48:47 2025 by rpki-client