Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1BC376F6CCE611EFBB78A485762E951A.roa
File: 1BC376F6CCE611EFBB78A485762E951A.roa (raw, json)
Hash identifier: QN6yDIR7W6mlB3TENjiBuIEydbJbi6Oqil/71qjxeio=
Subject key identifier: B2:E0:90:49:70:34:3F:ED:6A:23:70:C4:AE:57:90:DA:D0:A2:73:5B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FBCF
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1BC376F6CCE611EFBB78A485762E951A.roa
Signing time: Tue 07 Jan 2025 10:56:55 +0000
ROA not before: Tue 07 Jan 2025 10:56:51 +0000
ROA not after: Mon 13 Dec 2027 10:56:51 +0000
asID: 17561
IP address blocks: 156.233.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64463 (0xfbcf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 10:56:51 2025 GMT
Not After : Dec 13 10:56:51 2027 GMT
Subject: CN=677d0877-6537
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:62:74:ec:76:cf:fb:6b:96:ed:12:06:20:b1:
cf:63:94:bb:91:88:02:a2:dc:48:ab:b3:e7:b0:3c:
6f:05:50:ef:98:77:60:92:e3:34:d0:27:e0:04:77:
d9:7a:fd:7e:70:dd:1a:98:4f:88:09:2d:8f:e8:2d:
6c:24:3b:71:9e:10:8f:72:e2:91:0e:9e:ed:76:08:
2d:4f:45:4b:4d:e3:14:82:3e:f9:01:fa:cb:a1:b9:
07:b0:36:d3:2c:2d:ec:13:b0:a3:97:81:05:98:32:
ce:bb:ec:2c:01:31:de:a1:8b:07:27:09:e0:cf:b6:
87:9a:1d:3d:5f:d1:34:dc:1c:5b:06:a1:bd:2c:c9:
2f:fe:4d:c1:98:76:32:21:93:57:8d:b8:6a:2a:d1:
9d:25:45:77:56:c0:bc:22:48:3e:11:1b:d1:3e:85:
e9:7c:99:9e:a5:3f:53:2e:ad:81:a9:85:a4:e6:24:
3f:d7:0e:99:6c:cd:41:d0:c2:09:94:a8:ce:51:38:
78:0d:a1:1c:fb:2b:2c:89:33:99:5c:14:81:f9:96:
12:26:b5:92:1a:ef:a1:87:c5:a0:1f:e9:0f:ce:61:
97:f9:c8:9a:11:99:b5:32:3a:89:f3:5a:9d:ce:27:
72:ad:c0:3d:07:94:f8:ef:c0:56:25:e3:e0:f7:38:
f3:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:E0:90:49:70:34:3F:ED:6A:23:70:C4:AE:57:90:DA:D0:A2:73:5B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1BC376F6CCE611EFBB78A485762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.254.0/24
Signature Algorithm: sha256WithRSAEncryption
97:67:86:e9:20:39:b2:8b:fc:0c:7e:f4:4a:20:91:f6:fc:af:
a0:54:39:20:ef:e8:6b:c2:85:fb:f5:13:e9:1c:26:07:e6:86:
bb:b0:dc:c0:92:69:4f:02:3e:54:c8:1f:de:39:c1:72:42:a1:
42:4f:28:95:0f:c9:06:c1:7f:cb:d3:61:7b:27:6f:44:fe:1e:
b7:80:13:ea:e2:bb:4d:08:ff:17:95:63:e1:f9:86:ab:37:67:
c8:00:38:de:08:63:14:7f:16:f9:fa:6f:95:a3:70:b9:ab:30:
fa:d2:f8:9e:9f:0c:d8:de:87:21:fe:8e:4b:39:fb:30:60:1d:
b2:5e:38:c1:17:52:e6:23:68:08:ff:79:c8:74:42:4d:36:a8:
bc:b3:8a:00:a6:01:11:08:8f:b8:bc:40:da:2e:94:38:13:f2:
06:63:19:e2:be:6e:a2:3b:fe:18:d8:71:fc:5b:40:97:11:f9:
eb:0a:df:52:99:c8:10:59:e4:4f:03:00:b0:69:c2:77:40:87:
d0:4b:27:20:6c:1c:3f:e3:75:6d:fb:a9:35:bf:d6:ee:f0:58:
0d:4d:1f:f6:4c:6e:83:2d:19:c7:b5:4c:b2:ac:12:ae:07:9f:
56:e7:d9:f7:70:56:28:a2:bc:e0:f4:a4:2b:74:55:67:e4:9c:
1c:e6:82:72
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPvPMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTA1NjUxWhcNMjcxMjEzMTA1NjUxWjAYMRYw
FAYDVQQDEw02NzdkMDg3Ny02NTM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtGJ07HbP+2uW7RIGILHPY5S7kYgCotxIq7PnsDxvBVDvmHdgkuM00Cfg
BHfZev1+cN0amE+ICS2P6C1sJDtxnhCPcuKRDp7tdggtT0VLTeMUgj75AfrLobkH
sDbTLC3sE7Cjl4EFmDLOu+wsATHeoYsHJwngz7aHmh09X9E03BxbBqG9LMkv/k3B
mHYyIZNXjbhqKtGdJUV3VsC8Ikg+ERvRPoXpfJmepT9TLq2BqYWk5iQ/1w6ZbM1B
0MIJlKjOUTh4DaEc+yssiTOZXBSB+ZYSJrWSGu+hh8WgH+kPzmGX+ciaEZm1MjqJ
81qdzidyrcA9B5T478BWJePg9zjz8wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLLg
kElwND/taiNwxK5XkNrQonNbMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xQkMzNzZGNkNDRTYxMUVGQkI3OEE0ODU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOn+MA0GCSqGSIb3DQEBCwUA
A4IBAQCXZ4bpIDmyi/wMfvRKIJH2/K+gVDkg7+hrwoX79RPpHCYH5oa7sNzAkmlP
Aj5UyB/eOcFyQqFCTyiVD8kGwX/L02F7J29E/h63gBPq4rtNCP8XlWPh+YarN2fI
ADjeCGMUfxb5+m+Vo3C5qzD60vienwzY3och/o5LOfswYB2yXjjBF1LmI2gI/3nI
dEJNNqi8s4oApgERCI+4vEDaLpQ4E/IGYxnivm6iO/4Y2HH8W0CXEfnrCt9SmcgQ
WeRPAwCwacJ3QIfQSycgbBw/43Vt+6k1v9bu8FgNTR/2TG6DLRnHtUyyrBKuB59W
59n3cFYoorzg9KQrdFVn5Jwc5oJy
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:59:27 2025 by rpki-client