Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0B72D764CCE211EFAA68C16D762E951A.roa
File: 0B72D764CCE211EFAA68C16D762E951A.roa (raw, json)
Hash identifier: rOX+/MSHtXnnc2shLMT6x8E/33S9/ewzS1oNW+qkOVY=
Subject key identifier: FF:97:49:6D:85:7F:95:77:07:B2:12:71:9E:67:05:DA:F5:7B:20:9B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FBAB
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0B72D764CCE211EFAA68C16D762E951A.roa
Signing time: Tue 07 Jan 2025 10:27:50 +0000
ROA not before: Tue 07 Jan 2025 10:27:46 +0000
ROA not after: Mon 13 Dec 2027 10:27:46 +0000
asID: 17561
IP address blocks: 156.233.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64427 (0xfbab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 10:27:46 2025 GMT
Not After : Dec 13 10:27:46 2027 GMT
Subject: CN=677d01a6-d1b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:63:17:cf:ca:e3:6c:6f:9c:2c:77:b3:e5:2b:
e6:8d:1d:d9:98:c5:48:58:38:f0:89:f2:b3:32:91:
c8:b5:f8:8c:3e:2d:3e:5d:83:af:08:7a:b4:0e:0c:
8a:f8:79:56:17:cd:49:bf:38:1c:85:9a:5c:95:b7:
bb:c7:68:63:6c:7c:be:c5:56:35:44:49:5a:eb:c9:
88:cd:8f:53:a8:52:bc:09:94:3a:60:c7:e5:05:2d:
7e:97:f1:6a:36:de:ae:3b:04:0d:cb:1c:32:da:05:
24:3d:6f:91:31:1b:d3:35:26:c6:d1:0a:0a:56:fb:
59:b7:f1:2b:15:71:d0:45:41:ed:0b:bd:20:46:c2:
6c:6f:4a:06:f0:7f:17:4e:2f:24:61:8a:d2:e6:58:
fb:b0:24:66:90:9c:4a:ad:50:2f:61:30:87:bf:3f:
37:dc:47:14:c4:f6:2e:2d:89:04:c1:97:4f:25:d6:
39:69:10:19:b3:78:5e:b3:32:ee:b0:1d:ab:6c:17:
2d:fb:80:c1:b9:6d:b2:04:4f:af:b5:68:af:36:6c:
59:21:cd:78:33:d6:4d:74:a2:2d:3e:3c:67:64:c0:
c7:cf:d1:06:17:bb:b5:75:14:45:8f:35:b6:b0:aa:
2a:07:b8:4a:72:be:ea:63:97:1d:38:0a:e5:04:74:
70:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:97:49:6D:85:7F:95:77:07:B2:12:71:9E:67:05:DA:F5:7B:20:9B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0B72D764CCE211EFAA68C16D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.234.0/24
Signature Algorithm: sha256WithRSAEncryption
88:6e:93:97:fa:0f:5f:79:8e:cd:6a:2e:a7:22:66:d9:74:fd:
63:68:af:95:16:70:ed:0f:4c:e6:17:fa:c7:82:b7:42:5c:a3:
8c:89:7f:62:2e:88:10:24:80:6b:70:42:80:e1:17:fe:9e:6b:
83:f0:26:aa:93:42:44:40:b1:5c:1c:d4:e6:35:ed:16:54:9e:
7a:9c:f0:96:35:19:58:41:e4:5b:de:2c:4f:31:51:0c:d2:fa:
98:91:54:e0:2d:58:e5:68:f8:71:ea:f9:fa:09:0c:d7:e8:49:
fa:69:e7:35:01:35:dc:6f:41:09:8c:5a:25:8f:66:94:3d:6e:
2b:f6:93:ad:ce:8f:21:30:03:37:91:88:1f:0a:7c:cb:fb:c3:
1f:72:66:a0:af:a8:b1:38:d1:e1:32:d5:fb:cb:95:7f:ed:6c:
49:55:fb:3e:ec:ca:44:a9:0a:02:a0:c3:8e:43:71:43:75:91:
e0:66:58:25:54:58:9a:e6:d6:93:92:63:a3:89:5f:98:bd:f4:
d8:e5:18:8f:cd:0e:1c:db:70:2d:a8:31:34:e0:e3:88:72:8d:
63:ff:50:65:df:75:af:4f:b8:85:b0:5b:89:0d:75:a2:61:bb:
5c:52:7c:04:58:0e:04:00:8d:bd:a5:ed:3f:d1:1b:97:5e:24:
fe:d1:82:66
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPurMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTAyNzQ2WhcNMjcxMjEzMTAyNzQ2WjAYMRYw
FAYDVQQDEw02NzdkMDFhNi1kMWIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAlmMXz8rjbG+cLHez5SvmjR3ZmMVIWDjwifKzMpHItfiMPi0+XYOvCHq0
DgyK+HlWF81JvzgchZpclbe7x2hjbHy+xVY1REla68mIzY9TqFK8CZQ6YMflBS1+
l/FqNt6uOwQNyxwy2gUkPW+RMRvTNSbG0QoKVvtZt/ErFXHQRUHtC70gRsJsb0oG
8H8XTi8kYYrS5lj7sCRmkJxKrVAvYTCHvz833EcUxPYuLYkEwZdPJdY5aRAZs3he
szLusB2rbBct+4DBuW2yBE+vtWivNmxZIc14M9ZNdKItPjxnZMDHz9EGF7u1dRRF
jzW2sKoqB7hKcr7qY5cdOArlBHRw4QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFP+X
SW2Ff5V3B7IScZ5nBdr1eyCbMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wQjcyRDc2NENDRTIxMUVGQUE2OEMxNkQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOnqMA0GCSqGSIb3DQEBCwUA
A4IBAQCIbpOX+g9feY7Nai6nImbZdP1jaK+VFnDtD0zmF/rHgrdCXKOMiX9iLogQ
JIBrcEKA4Rf+nmuD8Caqk0JEQLFcHNTmNe0WVJ56nPCWNRlYQeRb3ixPMVEM0vqY
kVTgLVjlaPhx6vn6CQzX6En6aec1ATXcb0EJjFolj2aUPW4r9pOtzo8hMAM3kYgf
CnzL+8Mfcmagr6ixONHhMtX7y5V/7WxJVfs+7MpEqQoCoMOOQ3FDdZHgZlglVFia
5taTkmOjiV+YvfTY5RiPzQ4c23AtqDE04OOIco1j/1Bl33WvT7iFsFuJDXWiYbtc
UnwEWA4EAI29pe0/0RuXXiT+0YJm
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:39:24 2025 by rpki-client