Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0CC5C8ECCCD811EFBE6321AD762E951A.roa
File: 0CC5C8ECCCD811EFBE6321AD762E951A.roa (raw, json)
Hash identifier: D6kLssp7Wx0pjz7AGhX+bxbcQsQbOts/sp7KqDD9/rg=
Subject key identifier: ED:87:07:78:B6:96:68:48:3A:C9:AB:4B:D2:46:4B:8D:A3:3D:CF:40
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FB22
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0CC5C8ECCCD811EFBE6321AD762E951A.roa
Signing time: Tue 07 Jan 2025 09:16:17 +0000
ROA not before: Tue 07 Jan 2025 09:16:13 +0000
ROA not after: Mon 13 Dec 2027 09:16:13 +0000
asID: 17561
IP address blocks: 156.233.185.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64290 (0xfb22)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 09:16:13 2025 GMT
Not After : Dec 13 09:16:13 2027 GMT
Subject: CN=677cf0e1-e3d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c3:c9:01:14:da:75:bb:0e:e4:e3:57:ed:e5:
51:4c:7b:48:9d:d7:b9:d0:2c:9d:a2:15:3f:5c:eb:
2a:3a:b8:ae:3f:02:52:a9:0f:63:00:c9:01:01:16:
8a:6d:1d:a9:4b:03:09:2f:4d:92:25:72:37:85:ce:
77:ec:2f:e3:3d:54:2c:f9:c9:f2:67:14:99:c3:32:
77:55:8d:dc:48:0e:db:99:93:d3:80:b6:ee:62:50:
97:47:5a:05:26:a4:2e:43:12:f5:64:96:1d:e5:9f:
d2:e9:ef:46:82:51:2a:c0:f0:f7:e4:74:65:6e:26:
46:c5:e9:55:d2:7b:ff:d7:4d:f1:6c:89:ea:98:e0:
92:10:3a:04:4e:cb:f4:0b:45:e1:2f:49:bd:5d:ef:
56:78:71:8b:b2:2c:0c:1b:df:11:fd:41:0f:e0:20:
6d:da:ec:0d:b6:9a:e4:34:7f:d7:8c:c1:10:e9:9f:
f5:06:4d:eb:5a:c2:7e:4c:5e:65:ac:e5:b2:80:5a:
e7:1a:07:cc:25:5f:e6:6b:96:72:40:76:b6:cb:f3:
33:6b:63:fd:12:85:6d:e2:5b:66:5c:a4:b1:a0:76:
70:c9:e9:26:8b:02:d0:91:c0:39:c8:b0:c5:34:0c:
e9:8b:25:62:c2:c6:56:70:8f:65:66:4d:39:3e:49:
98:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:87:07:78:B6:96:68:48:3A:C9:AB:4B:D2:46:4B:8D:A3:3D:CF:40
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0CC5C8ECCCD811EFBE6321AD762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.185.0/24
Signature Algorithm: sha256WithRSAEncryption
11:71:be:5c:d5:15:c0:d1:0b:a6:0b:a1:7a:fc:c9:2e:b4:f2:
7b:0b:33:7e:85:45:85:09:67:dd:a1:d0:01:c9:d8:3a:f7:93:
6f:ba:4a:f9:f7:70:24:ed:6b:77:02:d9:e0:3d:76:ef:d0:64:
3e:ac:42:46:e3:a1:92:c1:c1:22:da:f2:d4:dd:ec:99:c8:32:
29:0b:f2:2d:ef:22:62:a7:7c:10:a7:60:27:0d:d1:2b:a2:08:
6f:d9:ae:e9:cf:c7:6c:de:99:8d:ab:5e:76:f6:8b:e7:05:a6:
bc:a8:0c:18:f1:0d:d7:47:24:4a:76:c1:31:ae:02:a8:72:6b:
a0:38:b0:e0:a5:f2:52:65:00:fd:56:28:51:f9:f6:57:db:57:
31:7c:6b:17:6d:12:3a:16:72:51:79:c0:17:92:09:e4:82:33:
49:53:bb:ba:4a:0d:5b:ed:40:c8:76:4d:4e:8c:2e:50:42:18:
f2:8c:cf:3d:03:c8:f8:11:6e:e8:1b:fc:d5:bd:f4:8b:bc:4e:
b5:03:ff:66:cb:1f:ca:9c:69:53:c5:49:8e:74:9d:a3:e6:4a:
d5:67:3b:e1:b5:73:4b:70:aa:35:73:28:ad:2f:d8:a1:27:c8:
db:3d:53:78:27:1c:f9:4d:ff:9a:a4:83:bb:99:70:45:e4:c1:
89:90:98:17
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPsiMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDkxNjEzWhcNMjcxMjEzMDkxNjEzWjAYMRYw
FAYDVQQDEw02NzdjZjBlMS1lM2Q1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv8PJARTadbsO5ONX7eVRTHtInde50CydohU/XOsqOriuPwJSqQ9jAMkB
ARaKbR2pSwMJL02SJXI3hc537C/jPVQs+cnyZxSZwzJ3VY3cSA7bmZPTgLbuYlCX
R1oFJqQuQxL1ZJYd5Z/S6e9GglEqwPD35HRlbiZGxelV0nv/103xbInqmOCSEDoE
Tsv0C0XhL0m9Xe9WeHGLsiwMG98R/UEP4CBt2uwNtprkNH/XjMEQ6Z/1Bk3rWsJ+
TF5lrOWygFrnGgfMJV/ma5ZyQHa2y/Mza2P9EoVt4ltmXKSxoHZwyekmiwLQkcA5
yLDFNAzpiyViwsZWcI9lZk05PkmYywIDAQABo4ICojCCAp4wHQYDVR0OBBYEFO2H
B3i2lmhIOsmrS9JGS42jPc9AMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wQ0M1QzhFQ0NDRDgxMUVGQkU2MzIxQUQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOm5MA0GCSqGSIb3DQEBCwUA
A4IBAQARcb5c1RXA0QumC6F6/MkutPJ7CzN+hUWFCWfdodABydg695Nvukr593Ak
7Wt3AtngPXbv0GQ+rEJG46GSwcEi2vLU3eyZyDIpC/It7yJip3wQp2AnDdEroghv
2a7pz8ds3pmNq1529ovnBaa8qAwY8Q3XRyRKdsExrgKocmugOLDgpfJSZQD9VihR
+fZX21cxfGsXbRI6FnJRecAXkgnkgjNJU7u6Sg1b7UDIdk1OjC5QQhjyjM89A8j4
EW7oG/zVvfSLvE61A/9myx/KnGlTxUmOdJ2j5krVZzvhtXNLcKo1cyitL9ihJ8jb
PVN4Jxz5Tf+apIO7mXBF5MGJkJgX
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:38:13 2025 by rpki-client