Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0E1BD016CCAF11EFAF8CA8AB762E951A.roa
File: 0E1BD016CCAF11EFAF8CA8AB762E951A.roa (raw, json)
Hash identifier: wszYckxNzUOxPxC3XaQsJQoM7qtKWC/UbvbZQDh2x58=
Subject key identifier: 3C:8C:02:88:73:37:6B:ED:FF:03:32:10:92:81:28:F9:73:AF:86:37
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F9E8
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0E1BD016CCAF11EFAF8CA8AB762E951A.roa
Signing time: Tue 07 Jan 2025 04:22:50 +0000
ROA not before: Tue 07 Jan 2025 04:22:46 +0000
ROA not after: Mon 13 Dec 2027 04:22:46 +0000
asID: 17561
IP address blocks: 156.232.68.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63976 (0xf9e8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 04:22:46 2025 GMT
Not After : Dec 13 04:22:46 2027 GMT
Subject: CN=677cac1a-fbe2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:8f:ae:a7:ea:ca:f3:d9:8c:88:d3:07:81:34:
c2:c6:77:1f:db:44:b7:8d:17:a9:71:56:9e:83:a9:
b1:25:ab:c4:9f:9e:5d:19:fa:5a:d6:97:67:9f:18:
f8:fc:fc:53:05:81:26:c5:08:21:46:dd:2b:83:18:
64:ee:9c:a4:17:2f:79:54:8e:b7:03:c7:25:cd:14:
88:d7:b2:da:b8:69:ec:7a:af:dc:86:31:1c:12:ba:
e9:fb:8e:a4:97:e0:26:f8:a0:b4:06:ba:62:69:91:
7f:32:4f:7e:53:d6:5a:e3:a4:21:a8:d7:3e:c1:9b:
60:f3:8e:a7:e5:6f:9f:0e:66:e4:9a:b4:c5:72:b9:
20:b5:b1:2f:1c:62:47:49:2b:72:37:6e:49:57:bc:
5f:ac:da:55:7b:22:eb:5a:99:81:6e:2e:03:8b:f1:
b0:8a:12:7a:29:10:07:4b:b0:2e:3f:df:67:ba:1a:
52:79:20:60:aa:de:ba:cd:55:8b:f9:41:79:88:26:
7c:6d:3a:2c:c6:4c:c5:a6:ed:43:ea:88:d6:27:ec:
7b:4b:f2:5f:38:c0:37:d1:af:b1:d7:7c:11:be:fd:
56:71:61:59:8d:52:af:0b:14:b2:ec:18:d4:77:e8:
b6:6b:bd:e1:c5:6b:aa:5c:ca:19:d6:d3:8e:9d:84:
f2:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:8C:02:88:73:37:6B:ED:FF:03:32:10:92:81:28:F9:73:AF:86:37
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0E1BD016CCAF11EFAF8CA8AB762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.232.68.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:1d:92:71:63:80:c7:a6:f3:50:87:82:c8:4e:fd:8e:b6:c8:
22:36:53:80:ef:26:15:dc:86:77:ff:e4:9b:8f:90:a8:d5:be:
67:34:4b:68:aa:ed:07:f0:fb:15:53:2f:dc:23:33:af:bc:5c:
7d:56:86:3c:73:c9:cc:43:56:86:3c:59:0a:2d:20:ba:4a:59:
82:2e:cf:87:c0:34:4b:da:9e:d4:67:ee:b0:a7:de:28:fe:0a:
67:3d:52:76:3e:95:2a:e7:40:89:8a:60:5b:80:30:45:ea:43:
70:01:54:6b:4b:c3:6f:fb:c1:b5:64:08:63:e4:de:0e:9f:4c:
69:4d:56:40:e6:39:2d:e1:a4:3d:e6:3e:84:d5:0b:2b:e0:6b:
e3:49:9c:14:0c:d4:c9:6e:b7:da:1a:d9:ae:24:8b:8c:d4:e1:
67:0f:04:f5:0b:85:a9:35:94:41:82:45:04:84:1f:aa:66:66:
86:3b:84:be:e4:74:80:61:e3:b2:0c:aa:b9:db:2a:f9:e7:d6:
05:8a:ed:a8:1b:49:37:da:0f:ca:3e:4f:86:71:ed:4a:d1:0a:
aa:7b:9b:16:2c:aa:7e:bc:46:f1:c1:65:c5:cf:10:0f:80:3f:
12:09:87:e3:26:a9:c9:4e:d5:21:6d:54:3a:7b:ef:ad:56:e2:
e6:72:ca:05
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPnoMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDQyMjQ2WhcNMjcxMjEzMDQyMjQ2WjAYMRYw
FAYDVQQDEw02NzdjYWMxYS1mYmUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7Y+up+rK89mMiNMHgTTCxncf20S3jRepcVaeg6mxJavEn55dGfpa1pdn
nxj4/PxTBYEmxQghRt0rgxhk7pykFy95VI63A8clzRSI17LauGnseq/chjEcErrp
+46kl+Am+KC0BrpiaZF/Mk9+U9Za46QhqNc+wZtg846n5W+fDmbkmrTFcrkgtbEv
HGJHSStyN25JV7xfrNpVeyLrWpmBbi4Di/GwihJ6KRAHS7AuP99nuhpSeSBgqt66
zVWL+UF5iCZ8bTosxkzFpu1D6ojWJ+x7S/JfOMA30a+x13wRvv1WcWFZjVKvCxSy
7BjUd+i2a73hxWuqXMoZ1tOOnYTyQwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDyM
AohzN2vt/wMyEJKBKPlzr4Y3MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wRTFCRDAxNkNDQUYxMUVGQUY4Q0E4QUI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOhEMA0GCSqGSIb3DQEBCwUA
A4IBAQCuHZJxY4DHpvNQh4LITv2OtsgiNlOA7yYV3IZ3/+Sbj5Co1b5nNEtoqu0H
8PsVUy/cIzOvvFx9VoY8c8nMQ1aGPFkKLSC6SlmCLs+HwDRL2p7UZ+6wp94o/gpn
PVJ2PpUq50CJimBbgDBF6kNwAVRrS8Nv+8G1ZAhj5N4On0xpTVZA5jkt4aQ95j6E
1Qsr4GvjSZwUDNTJbrfaGtmuJIuM1OFnDwT1C4WpNZRBgkUEhB+qZmaGO4S+5HSA
YeOyDKq52yr559YFiu2oG0k32g/KPk+Gce1K0Qqqe5sWLKp+vEbxwWXFzxAPgD8S
CYfjJqnJTtUhbVQ6e++tVuLmcsoF
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:55:29 2025 by rpki-client