Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1F5C7A98CD1211EFB6FF949A762E951A.roa
File: 1F5C7A98CD1211EFB6FF949A762E951A.roa (raw, json)
Hash identifier: lQmJ4/k/DyvTkjGiTgKtLyrfJpXqcqBPSCRBYi8CS/w=
Subject key identifier: 29:6F:E0:9A:EA:3C:BD:98:DF:DC:DE:1E:C8:A9:DC:B7:35:23:C9:FE
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FCFB
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1F5C7A98CD1211EFB6FF949A762E951A.roa
Signing time: Tue 07 Jan 2025 16:11:59 +0000
ROA not before: Tue 07 Jan 2025 16:11:56 +0000
ROA not after: Mon 13 Dec 2027 16:11:56 +0000
asID: 17561
IP address blocks: 156.240.77.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64763 (0xfcfb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 16:11:56 2025 GMT
Not After : Dec 13 16:11:56 2027 GMT
Subject: CN=677d524f-2737
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:ff:53:09:8a:cc:5d:5b:1b:6d:43:d9:e6:98:
13:60:94:e1:3e:8c:69:0f:fb:35:50:33:5e:09:a5:
59:58:c1:98:51:ce:aa:06:f4:e3:5d:90:3a:f2:84:
e6:1f:44:34:fc:52:b8:b0:aa:d0:e7:ad:ba:38:6b:
8d:5a:86:0b:42:9c:34:7e:8e:b4:03:2e:27:40:b0:
18:c3:70:c9:6f:a8:ed:8c:be:cb:74:8a:c0:96:fb:
45:39:d9:65:8e:e0:a5:a3:af:f6:21:a2:9f:9a:e3:
44:d0:97:30:bb:f1:3d:d2:7a:e7:80:0d:41:69:0b:
d9:83:5a:80:58:1a:73:0a:b8:9c:5b:6d:7b:3c:42:
33:ab:c7:34:24:e2:a0:c8:d2:53:90:0b:4c:8d:e1:
9a:39:b5:3c:e2:ac:70:8a:81:d6:42:c1:11:16:91:
3f:07:38:c6:05:32:79:49:65:c8:f4:e7:1b:c6:7f:
81:90:ba:88:08:49:34:a8:49:a3:0c:0d:70:c3:44:
9d:a0:26:86:9f:cf:57:f5:e8:5e:22:54:55:5d:a0:
89:10:08:85:1a:1a:ed:f9:25:5c:1e:89:c0:5b:b1:
b9:ac:f6:e3:9f:60:ad:07:36:b1:6b:4e:f1:9a:8b:
95:ad:f2:31:bb:1b:ba:a5:51:bc:18:26:70:74:84:
71:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:6F:E0:9A:EA:3C:BD:98:DF:DC:DE:1E:C8:A9:DC:B7:35:23:C9:FE
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1F5C7A98CD1211EFB6FF949A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.240.77.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:05:5e:4b:1d:ca:02:eb:84:97:04:43:82:72:82:8a:6c:f4:
36:fc:cb:1f:ec:35:cd:7a:2f:9c:50:ac:03:3c:43:6b:27:6d:
e4:08:8d:65:12:67:0b:9f:4c:7d:a2:f1:60:ac:a3:f1:94:2b:
40:b3:23:35:73:c6:cb:d9:8e:42:da:74:f4:29:10:82:06:8c:
4d:90:b8:e7:ea:df:cb:84:c2:90:34:71:fb:3b:c0:2c:63:5e:
a9:56:03:c2:1b:15:9b:22:39:d9:b5:77:66:62:78:7a:36:db:
0d:48:b7:5b:08:f0:b9:b5:7a:e6:94:37:87:8c:41:b6:b6:25:
21:f0:24:05:75:bb:f2:e8:91:6c:a0:55:88:ea:46:c9:d1:0f:
c3:f1:b6:bf:d1:22:86:74:ec:e5:47:e7:aa:7b:6c:bf:04:9b:
7b:b8:24:e0:57:6c:69:d5:8d:a1:62:04:10:4a:ed:de:cd:cb:
e2:06:49:5e:c2:26:03:bb:f5:17:bc:7f:94:60:2d:53:ff:64:
95:2c:75:56:d8:3b:7b:28:61:98:42:0f:be:d3:38:55:17:48:
2e:d2:94:31:85:2b:fa:33:88:af:0f:cc:0e:f2:50:f6:1b:82:
0d:35:db:52:c7:50:0e:36:dc:2a:05:e4:2c:03:1f:fb:e7:b4:
d5:c2:bf:d5
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPz7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTYxMTU2WhcNMjcxMjEzMTYxMTU2WjAYMRYw
FAYDVQQDEw02NzdkNTI0Zi0yNzM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAw/9TCYrMXVsbbUPZ5pgTYJThPoxpD/s1UDNeCaVZWMGYUc6qBvTjXZA6
8oTmH0Q0/FK4sKrQ5626OGuNWoYLQpw0fo60Ay4nQLAYw3DJb6jtjL7LdIrAlvtF
OdlljuClo6/2IaKfmuNE0Jcwu/E90nrngA1BaQvZg1qAWBpzCricW217PEIzq8c0
JOKgyNJTkAtMjeGaObU84qxwioHWQsERFpE/BzjGBTJ5SWXI9Ocbxn+BkLqICEk0
qEmjDA1ww0SdoCaGn89X9eheIlRVXaCJEAiFGhrt+SVcHonAW7G5rPbjn2CtBzax
a07xmouVrfIxuxu6pVG8GCZwdIRxkQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFClv
4JrqPL2Y39zeHsip3Lc1I8n+MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xRjVDN0E5OENEMTIxMUVGQjZGRjk0OUE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPBNMA0GCSqGSIb3DQEBCwUA
A4IBAQBNBV5LHcoC64SXBEOCcoKKbPQ2/Msf7DXNei+cUKwDPENrJ23kCI1lEmcL
n0x9ovFgrKPxlCtAsyM1c8bL2Y5C2nT0KRCCBoxNkLjn6t/LhMKQNHH7O8AsY16p
VgPCGxWbIjnZtXdmYnh6NtsNSLdbCPC5tXrmlDeHjEG2tiUh8CQFdbvy6JFsoFWI
6kbJ0Q/D8ba/0SKGdOzlR+eqe2y/BJt7uCTgV2xp1Y2hYgQQSu3ezcviBklewiYD
u/UXvH+UYC1T/2SVLHVW2Dt7KGGYQg++0zhVF0gu0pQxhSv6M4ivD8wO8lD2G4IN
NdtSx1AONtwqBeQsAx/757TVwr/V
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:47:38 2025 by rpki-client