Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1FBB1F04C97411EF9FA1FE9E762E951A.roa
File: 1FBB1F04C97411EF9FA1FE9E762E951A.roa (raw, json)
Hash identifier: rWawp7RCcCc/SidCIEUHROCWTB/DLgoTPc4tgOFkVsc=
Subject key identifier: 22:48:87:85:82:67:54:3A:2C:34:55:26:C9:22:55:DC:41:D1:5B:B6
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F4D3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1FBB1F04C97411EF9FA1FE9E762E951A.roa
Signing time: Fri 03 Jan 2025 01:43:26 +0000
ROA not before: Fri 03 Jan 2025 01:43:22 +0000
ROA not after: Mon 13 Dec 2027 01:43:22 +0000
asID: 17561
IP address blocks: 156.227.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62675 (0xf4d3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 01:43:22 2025 GMT
Not After : Dec 13 01:43:22 2027 GMT
Subject: CN=677740be-1247
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:d5:4b:a1:cc:25:cb:33:ce:cc:20:7d:c7:ff:
3f:5f:0b:27:12:37:e1:00:32:e0:ea:08:43:b1:34:
df:f3:53:b2:85:94:fb:c5:0c:a0:99:c0:35:a3:c6:
ec:12:88:e4:ce:d7:bb:83:8d:2a:fb:29:a5:e3:79:
31:ba:0c:6f:5f:50:30:cf:55:d0:4c:9f:04:d3:24:
bc:f5:50:3e:b2:49:7c:0d:e2:dc:42:ca:db:42:96:
ef:26:cb:70:87:d5:bb:a0:71:66:01:2a:47:2b:a9:
0d:71:f5:4c:31:bc:8f:28:f7:4c:36:6f:8d:a0:07:
f4:f4:26:be:a7:ba:e2:79:23:99:d9:4c:54:f3:9a:
e4:fa:2e:1e:8b:c7:35:bd:a3:02:45:12:01:28:d7:
27:6f:70:40:4e:93:ad:0d:72:51:e3:74:dd:56:88:
58:42:2e:52:70:7b:a0:90:cf:ba:cd:66:bb:3a:20:
c8:af:7b:aa:6b:01:b6:3f:17:7a:c0:2f:17:ef:21:
73:d5:7c:bc:89:71:89:a5:d9:3c:52:ef:2a:3b:b2:
6b:19:7f:33:fa:e1:0e:ed:9c:74:9d:96:e8:4c:5a:
bb:ce:82:13:03:2b:82:a4:28:90:ef:04:7c:ad:9e:
84:a1:05:fa:16:92:e1:2b:40:00:f6:99:05:aa:6f:
57:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:48:87:85:82:67:54:3A:2C:34:55:26:C9:22:55:DC:41:D1:5B:B6
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1FBB1F04C97411EF9FA1FE9E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.91.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:9c:3e:d2:28:36:e0:1f:7c:08:4f:24:56:4e:71:55:11:a6:
0b:49:c3:c5:ac:61:1c:ef:4d:8d:2e:6e:93:c0:06:10:ac:73:
4a:1a:f3:aa:66:15:db:54:20:2a:d5:ce:90:2a:8c:08:e5:69:
d8:fe:9d:c2:82:82:e0:61:a6:ad:82:d2:4c:cd:05:f9:c5:41:
b9:ca:d1:f2:ac:c2:41:74:26:57:18:ec:bf:a3:28:00:22:e3:
12:28:42:8a:cc:fa:62:6b:ff:5a:60:73:6e:92:e0:d4:4b:ec:
de:1c:be:2a:b3:97:c5:a5:65:d7:40:e1:49:2e:ab:36:cc:9c:
a6:b9:f1:ea:53:f5:13:b8:4c:04:2e:9d:15:b7:84:e9:6d:de:
2c:b8:5d:46:48:9c:4b:72:43:a1:6b:23:7c:ce:16:42:7a:2e:
be:33:ec:7c:0b:26:59:bd:e3:67:9a:f2:64:dc:7b:aa:11:1d:
da:04:c7:16:5d:00:e8:ea:97:c3:37:42:1f:20:1f:75:a8:35:
28:1d:13:b8:8b:ee:22:98:0c:e3:b6:19:ac:0f:4b:e0:56:97:
71:8b:f6:f3:98:fc:87:91:74:ff:d9:96:eb:ab:da:40:94:24:
28:b0:fb:58:da:b0:d8:5f:a1:e7:32:c5:49:80:51:63:f1:d5:
df:35:cd:1f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPTTMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDE0MzIyWhcNMjcxMjEzMDE0MzIyWjAYMRYw
FAYDVQQDEw02Nzc3NDBiZS0xMjQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwdVLocwlyzPOzCB9x/8/XwsnEjfhADLg6ghDsTTf81OyhZT7xQygmcA1
o8bsEojkzte7g40q+yml43kxugxvX1Awz1XQTJ8E0yS89VA+skl8DeLcQsrbQpbv
Jstwh9W7oHFmASpHK6kNcfVMMbyPKPdMNm+NoAf09Ca+p7rieSOZ2UxU85rk+i4e
i8c1vaMCRRIBKNcnb3BATpOtDXJR43TdVohYQi5ScHugkM+6zWa7OiDIr3uqawG2
Pxd6wC8X7yFz1Xy8iXGJpdk8Uu8qO7JrGX8z+uEO7Zx0nZboTFq7zoITAyuCpCiQ
7wR8rZ6EoQX6FpLhK0AA9pkFqm9XHwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCJI
h4WCZ1Q6LDRVJskiVdxB0Vu2MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xRkJCMUYwNEM5NzQxMUVGOUZBMUZFOUU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnONbMA0GCSqGSIb3DQEBCwUA
A4IBAQB6nD7SKDbgH3wITyRWTnFVEaYLScPFrGEc702NLm6TwAYQrHNKGvOqZhXb
VCAq1c6QKowI5WnY/p3CgoLgYaatgtJMzQX5xUG5ytHyrMJBdCZXGOy/oygAIuMS
KEKKzPpia/9aYHNukuDUS+zeHL4qs5fFpWXXQOFJLqs2zJymufHqU/UTuEwELp0V
t4Tpbd4suF1GSJxLckOhayN8zhZCei6+M+x8CyZZveNnmvJk3HuqER3aBMcWXQDo
6pfDN0IfIB91qDUoHRO4i+4imAzjthmsD0vgVpdxi/bzmPyHkXT/2Zbrq9pAlCQo
sPtY2rDYX6HnMsVJgFFj8dXfNc0f
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:38:29 2025 by rpki-client