Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1E0D40C8CD2B11EF9FE2E0B7762E951A.roa
File: 1E0D40C8CD2B11EF9FE2E0B7762E951A.roa (raw, json)
Hash identifier: afEUOUQi9YhMCQKwmsw4zY9p2c2HkgNV4iSQqo65saQ=
Subject key identifier: BA:11:93:36:5F:B6:51:E2:EC:0F:26:02:E3:24:26:9C:7A:7A:D0:6F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FDC3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1E0D40C8CD2B11EF9FE2E0B7762E951A.roa
Signing time: Tue 07 Jan 2025 19:10:54 +0000
ROA not before: Tue 07 Jan 2025 19:10:51 +0000
ROA not after: Mon 13 Dec 2027 19:10:51 +0000
asID: 17561
IP address blocks: 156.241.238.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64963 (0xfdc3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 19:10:51 2025 GMT
Not After : Dec 13 19:10:51 2027 GMT
Subject: CN=677d7c3e-cb3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:fd:c7:ec:5c:ab:ff:c3:2f:dc:94:ca:56:6f:
4a:98:de:02:4a:69:d8:1c:28:3d:e2:95:ed:a2:b3:
50:5d:ec:7c:cf:f1:75:65:b0:40:09:de:66:49:de:
71:dd:8c:96:15:b4:d1:b1:81:e6:b4:98:cb:d2:fe:
c1:8a:69:ed:fc:2c:7a:40:fe:06:3d:0e:c0:79:16:
40:4f:19:40:9c:1e:4b:84:96:e7:de:a4:12:27:c6:
11:e7:8b:0d:33:e2:d8:c8:47:d4:2d:b8:e4:c9:c2:
75:67:94:b6:c0:07:c2:32:17:16:dd:44:4b:8a:05:
ad:85:8f:c9:6a:ec:86:9b:a1:bd:e4:a2:b0:f3:6d:
8b:c8:f2:88:4c:86:25:d2:53:97:72:88:ce:ba:cc:
7f:60:48:d5:f1:fd:10:6a:35:d4:42:7c:5d:3d:ac:
53:bb:eb:40:5a:96:16:e7:ff:b4:b4:05:e6:79:f8:
d3:47:43:37:88:cf:eb:2c:ad:8d:cf:45:d6:e2:3b:
69:23:89:18:40:d9:de:6f:48:77:98:5d:ee:3a:f8:
30:ec:15:22:e1:92:90:fc:43:cb:c2:06:53:4f:7d:
f6:b6:3c:58:60:37:c2:1e:cd:ba:d4:f8:21:03:ad:
d3:15:cc:4e:7d:f8:94:3b:db:7c:6b:de:3f:83:7d:
76:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:11:93:36:5F:B6:51:E2:EC:0F:26:02:E3:24:26:9C:7A:7A:D0:6F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1E0D40C8CD2B11EF9FE2E0B7762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.241.238.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:95:b0:12:d9:bd:2a:65:0b:7f:84:a7:22:78:a5:d3:88:4f:
83:df:5d:1e:7a:3a:5f:30:1b:89:3d:25:88:df:69:9b:64:d0:
92:ed:74:22:1c:ce:90:12:d6:27:93:73:73:4f:6c:3f:bd:b7:
3c:fe:b8:c4:4a:c8:1d:45:ce:a3:80:3f:cf:65:8c:5f:d6:ce:
dc:02:fe:bc:74:3d:bd:dd:15:17:73:9a:c6:c4:47:26:33:a3:
a6:b1:9d:45:85:bc:55:ac:30:92:e0:c9:b1:75:e2:35:51:d0:
52:e1:ff:65:f5:92:85:77:92:9d:ba:7a:4f:4d:07:46:7e:63:
2b:85:0d:38:1e:c4:aa:25:57:e3:02:7b:99:9a:fa:20:71:eb:
31:16:5b:89:93:4b:0d:63:6d:47:e3:51:0e:ca:fd:db:dd:61:
08:b7:a9:99:1b:8a:a4:5e:18:19:b4:95:99:50:ac:ae:b1:ea:
72:5a:d7:3c:9c:40:71:b8:f1:1f:52:00:cb:d4:55:5e:cd:86:
88:05:5c:77:04:98:16:25:4a:38:4f:d2:7b:06:62:5a:54:93:
ec:7f:d3:31:9d:79:2d:94:2d:ea:66:32:01:0c:97:ae:a3:e3:
56:50:fb:c9:2d:ea:00:88:8f:44:96:e5:bf:e8:4c:a0:79:58:
2b:ac:15:fe
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP3DMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTkxMDUxWhcNMjcxMjEzMTkxMDUxWjAYMRYw
FAYDVQQDEw02NzdkN2MzZS1jYjNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0P3H7Fyr/8Mv3JTKVm9KmN4CSmnYHCg94pXtorNQXex8z/F1ZbBACd5m
Sd5x3YyWFbTRsYHmtJjL0v7Bimnt/Cx6QP4GPQ7AeRZATxlAnB5LhJbn3qQSJ8YR
54sNM+LYyEfULbjkycJ1Z5S2wAfCMhcW3URLigWthY/JauyGm6G95KKw822LyPKI
TIYl0lOXcojOusx/YEjV8f0QajXUQnxdPaxTu+tAWpYW5/+0tAXmefjTR0M3iM/r
LK2Nz0XW4jtpI4kYQNneb0h3mF3uOvgw7BUi4ZKQ/EPLwgZTT332tjxYYDfCHs26
1PghA63TFcxOffiUO9t8a94/g312WwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLoR
kzZftlHi7A8mAuMkJpx6etBvMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xRTBENDBDOENEMkIxMUVGOUZFMkUwQjc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPHuMA0GCSqGSIb3DQEBCwUA
A4IBAQCnlbAS2b0qZQt/hKcieKXTiE+D310eejpfMBuJPSWI32mbZNCS7XQiHM6Q
EtYnk3NzT2w/vbc8/rjESsgdRc6jgD/PZYxf1s7cAv68dD293RUXc5rGxEcmM6Om
sZ1FhbxVrDCS4MmxdeI1UdBS4f9l9ZKFd5KdunpPTQdGfmMrhQ04HsSqJVfjAnuZ
mvogcesxFluJk0sNY21H41EOyv3b3WEIt6mZG4qkXhgZtJWZUKyusepyWtc8nEBx
uPEfUgDL1FVezYaIBVx3BJgWJUo4T9J7BmJaVJPsf9MxnXktlC3qZjIBDJeuo+NW
UPvJLeoAiI9EluW/6EygeVgrrBX+
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:45:38 2025 by rpki-client