Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1EFABBB6CCD911EFB59E94B3762E951A.roa
File: 1EFABBB6CCD911EFB59E94B3762E951A.roa (raw, json)
Hash identifier: 92MjXJdRUNFtsmflT4Ura+NaW94Kme+riO3Me3kDqrY=
Subject key identifier: 38:24:AC:09:C8:FD:47:20:FC:8C:17:3D:27:2C:31:14:67:AE:9A:BD
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FB34
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1EFABBB6CCD911EFB59E94B3762E951A.roa
Signing time: Tue 07 Jan 2025 09:23:57 +0000
ROA not before: Tue 07 Jan 2025 09:23:53 +0000
ROA not after: Mon 13 Dec 2027 09:23:53 +0000
asID: 17561
IP address blocks: 156.233.190.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64308 (0xfb34)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 09:23:53 2025 GMT
Not After : Dec 13 09:23:53 2027 GMT
Subject: CN=677cf2ad-53d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:31:d2:40:39:d4:3d:62:ef:28:7c:90:24:2d:
c8:14:c2:f2:4d:f2:7d:61:a1:f6:46:73:5c:c0:68:
db:e0:3a:c9:ae:49:d1:c3:a4:07:00:90:78:db:d0:
e9:b2:df:87:20:84:64:b9:20:6f:1f:ba:c4:67:53:
c2:8b:06:18:b5:a5:af:3e:a9:88:52:3c:f9:3b:23:
da:b1:30:d7:2a:98:76:b3:6c:c8:29:88:f7:74:1a:
6f:c6:f5:69:af:77:1c:53:3c:88:8f:b8:2d:40:be:
18:7c:e3:bc:2c:df:24:2a:80:9e:b8:cf:da:00:86:
19:01:ae:d8:63:31:26:7e:3c:55:0f:ba:b1:a3:08:
b9:d8:86:f3:c3:8f:42:87:99:30:bc:c5:4d:cd:80:
0b:4f:9d:57:64:0e:2a:bb:29:7b:86:f7:4c:ba:b5:
c5:b6:db:2f:e5:e2:7b:e2:56:0c:c6:f8:3e:4b:9a:
c3:7a:5c:1b:b9:0f:17:26:c2:44:74:5e:66:22:46:
17:3b:9c:dc:1e:1a:83:63:08:64:fd:90:58:99:89:
e0:dd:e9:dd:7d:d6:04:dc:d5:aa:d3:71:ec:af:e2:
60:b7:0c:36:48:93:92:b5:8e:89:b4:b9:20:93:4e:
9a:c8:07:4c:55:92:16:5c:14:9f:5d:ae:cd:52:67:
27:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:24:AC:09:C8:FD:47:20:FC:8C:17:3D:27:2C:31:14:67:AE:9A:BD
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1EFABBB6CCD911EFB59E94B3762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.190.0/24
Signature Algorithm: sha256WithRSAEncryption
04:ed:55:18:a2:44:81:8a:6f:a9:85:f3:e3:fd:d0:58:a9:2e:
0f:d3:02:a3:98:56:63:8b:fd:b6:21:36:07:74:61:de:40:3c:
3a:32:73:4e:c8:57:53:b4:aa:90:ce:38:10:40:1a:9a:aa:63:
e0:81:ae:e6:19:cf:75:26:7d:09:5e:d4:20:26:ee:68:ce:3a:
9b:39:9d:86:7b:0d:28:2b:9c:3a:95:c0:51:4f:70:f1:05:c6:
0c:09:78:28:16:31:06:1b:85:12:5a:40:6c:1c:4a:c2:c7:50:
38:e4:f9:20:25:65:4e:f6:50:4d:55:b1:fa:bd:97:24:2b:25:
a0:d8:05:a9:9c:f7:cb:3d:95:62:19:81:d3:6a:30:f4:22:c4:
16:7f:32:5f:39:e4:29:ae:f4:79:77:b7:69:bf:82:54:c5:fa:
fe:a9:f8:d5:c1:5e:37:3c:81:b4:51:d7:5b:28:4c:66:32:cd:
27:1d:37:f8:44:96:02:20:8b:5b:0d:14:94:23:46:0a:22:1a:
c9:e5:21:e8:60:c8:a2:ea:67:10:88:e0:bf:9b:aa:f7:75:8b:
72:e7:9f:de:1d:1d:a2:71:7b:be:1e:ad:58:8c:b6:fe:b8:43:
13:d6:30:12:1c:8b:03:bd:39:55:ff:60:7e:b9:8c:07:d4:65:
6e:cb:2c:47
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPs0MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDkyMzUzWhcNMjcxMjEzMDkyMzUzWjAYMRYw
FAYDVQQDEw02NzdjZjJhZC01M2Q3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsTHSQDnUPWLvKHyQJC3IFMLyTfJ9YaH2RnNcwGjb4DrJrknRw6QHAJB4
29Dpst+HIIRkuSBvH7rEZ1PCiwYYtaWvPqmIUjz5OyPasTDXKph2s2zIKYj3dBpv
xvVpr3ccUzyIj7gtQL4YfOO8LN8kKoCeuM/aAIYZAa7YYzEmfjxVD7qxowi52Ibz
w49Ch5kwvMVNzYALT51XZA4quyl7hvdMurXFttsv5eJ74lYMxvg+S5rDelwbuQ8X
JsJEdF5mIkYXO5zcHhqDYwhk/ZBYmYng3endfdYE3NWq03Hsr+Jgtww2SJOStY6J
tLkgk06ayAdMVZIWXBSfXa7NUmcnmQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDgk
rAnI/Ucg/IwXPScsMRRnrpq9MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xRUZBQkJCNkNDRDkxMUVGQjU5RTk0QjM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOm+MA0GCSqGSIb3DQEBCwUA
A4IBAQAE7VUYokSBim+phfPj/dBYqS4P0wKjmFZji/22ITYHdGHeQDw6MnNOyFdT
tKqQzjgQQBqaqmPgga7mGc91Jn0JXtQgJu5ozjqbOZ2Gew0oK5w6lcBRT3DxBcYM
CXgoFjEGG4USWkBsHErCx1A45PkgJWVO9lBNVbH6vZckKyWg2AWpnPfLPZViGYHT
ajD0IsQWfzJfOeQprvR5d7dpv4JUxfr+qfjVwV43PIG0UddbKExmMs0nHTf4RJYC
IItbDRSUI0YKIhrJ5SHoYMii6mcQiOC/m6r3dYty55/eHR2icXu+Hq1YjLb+uEMT
1jASHIsDvTlV/2B+uYwH1GVuyyxH
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:42:52 2025 by rpki-client