Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1F33D92AD30311EFBE2FE55E762E951A.roa
File: 1F33D92AD30311EFBE2FE55E762E951A.roa (raw, json)
Hash identifier: w+WtzIj9Tlf1FbMeuQPfu+VJ0qz1eO5Fv2Yq0Xo7qXE=
Subject key identifier: D0:7D:AE:6B:2F:ED:0F:88:40:A7:92:5D:6A:7C:B2:31:36:A1:F9:6E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0107FB
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1F33D92AD30311EFBE2FE55E762E951A.roa
Signing time: Wed 15 Jan 2025 05:39:43 +0000
ROA not before: Wed 15 Jan 2025 05:39:40 +0000
ROA not after: Mon 03 Jan 2028 05:39:40 +0000
asID: 17561
IP address blocks: 156.254.40.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67579 (0x107fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 15 05:39:40 2025 GMT
Not After : Jan 3 05:39:40 2028 GMT
Subject: CN=67874a1f-6814
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:8c:cc:2f:ed:2d:97:75:0f:c6:a8:8a:be:0a:
ee:0b:15:19:d4:dd:ff:7f:be:3a:e5:60:9c:c9:5b:
5d:a9:85:ae:59:fe:2c:fe:38:0c:2a:ad:1f:90:0a:
5a:6c:24:74:a0:d5:45:30:92:f6:71:b9:26:de:c9:
0e:8f:d4:af:9f:02:91:c0:4f:f6:e7:c3:bd:24:68:
25:bd:5c:ed:08:13:9a:94:f4:f6:05:5c:0d:1f:ed:
7c:02:4a:02:70:ad:ec:4f:0b:fb:f3:99:e0:ba:2b:
8f:86:3b:51:6c:c2:96:c1:4e:3e:ec:89:8c:46:6c:
ec:1e:a7:14:a9:c7:49:b4:e8:f9:2e:5d:e9:14:d8:
49:89:ad:1e:0c:9f:ac:96:80:d8:76:09:b3:b6:e8:
2f:8e:56:5a:28:a6:72:4e:8d:aa:25:c7:90:7d:6d:
44:c4:f7:10:e1:9e:c1:38:5c:20:ea:ba:c8:99:68:
1e:8e:23:f0:3a:d7:8c:37:2e:3f:20:f3:ff:95:40:
06:c5:c1:50:3f:40:32:c0:71:c9:6c:1e:c3:ea:4f:
f5:2c:84:34:8c:70:21:c5:1e:c2:72:19:84:7e:37:
b3:06:09:2b:ac:da:f6:88:59:c0:84:46:f5:7a:7c:
fe:f5:17:04:73:ba:f0:68:c5:04:4a:55:a1:93:2c:
aa:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:7D:AE:6B:2F:ED:0F:88:40:A7:92:5D:6A:7C:B2:31:36:A1:F9:6E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1F33D92AD30311EFBE2FE55E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.254.40.0/24
Signature Algorithm: sha256WithRSAEncryption
68:59:9f:d7:a0:b4:2b:4f:e3:ff:76:ba:54:a5:d9:a1:40:a1:
bd:b5:b1:6d:67:35:ff:95:5f:7a:51:9e:53:79:22:36:68:cd:
74:dc:ad:b0:99:f3:c5:12:9f:c6:e4:d3:06:6e:7b:f2:a0:13:
35:f8:9a:b3:48:a4:c4:3e:f6:e7:57:30:dc:ef:8f:9b:7b:3b:
64:57:7d:01:ef:29:ba:37:7d:67:b6:3e:69:32:c7:92:09:92:
6b:15:ef:82:ac:8d:3a:77:00:88:75:ee:6b:94:cc:5e:e4:1c:
54:85:9e:cf:ce:a0:ed:c5:89:be:ae:1b:7a:33:96:a0:b6:54:
5e:e0:33:22:f1:61:6f:ca:7c:0e:29:51:98:2f:35:75:84:82:
e7:46:03:23:a6:e9:3c:dc:2b:1c:87:11:3e:68:93:47:19:bb:
ad:08:6e:26:7d:61:76:14:c9:98:7f:61:11:3d:16:1d:4b:e3:
f7:95:28:5f:ff:63:c6:a8:d2:4c:b6:73:5f:02:1c:58:6c:bb:
07:e0:9b:dc:1d:b0:83:8c:4d:3d:26:45:28:da:f7:b3:aa:23:
80:da:37:e7:2f:04:cf:29:e9:e8:b7:14:58:f2:04:c8:4e:28:
38:42:68:57:05:1f:52:a7:3a:97:be:cf:23:9e:b1:81:68:f1:
02:1b:79:6e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQf7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE1MDUzOTQwWhcNMjgwMTAzMDUzOTQwWjAYMRYw
FAYDVQQDEw02Nzg3NGExZi02ODE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtozML+0tl3UPxqiKvgruCxUZ1N3/f7465WCcyVtdqYWuWf4s/jgMKq0f
kApabCR0oNVFMJL2cbkm3skOj9SvnwKRwE/258O9JGglvVztCBOalPT2BVwNH+18
AkoCcK3sTwv785nguiuPhjtRbMKWwU4+7ImMRmzsHqcUqcdJtOj5Ll3pFNhJia0e
DJ+sloDYdgmztugvjlZaKKZyTo2qJceQfW1ExPcQ4Z7BOFwg6rrImWgejiPwOteM
Ny4/IPP/lUAGxcFQP0AywHHJbB7D6k/1LIQ0jHAhxR7CchmEfjezBgkrrNr2iFnA
hEb1enz+9RcEc7rwaMUESlWhkyyqbwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNB9
rmsv7Q+IQKeSXWp8sjE2ofluMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xRjMzRDkyQUQzMDMxMUVGQkUyRkU1NUU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP4oMA0GCSqGSIb3DQEBCwUA
A4IBAQBoWZ/XoLQrT+P/drpUpdmhQKG9tbFtZzX/lV96UZ5TeSI2aM103K2wmfPF
Ep/G5NMGbnvyoBM1+JqzSKTEPvbnVzDc74+beztkV30B7ym6N31ntj5pMseSCZJr
Fe+CrI06dwCIde5rlMxe5BxUhZ7PzqDtxYm+rht6M5agtlRe4DMi8WFvynwOKVGY
LzV1hILnRgMjpuk83CschxE+aJNHGbutCG4mfWF2FMmYf2ERPRYdS+P3lShf/2PG
qNJMtnNfAhxYbLsH4JvcHbCDjE09JkUo2vezqiOA2jfnLwTPKenotxRY8gTITig4
QmhXBR9SpzqXvs8jnrGBaPECG3lu
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:53:59 2025 by rpki-client