Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1FE7330CCCDD11EF97C3924F762E951A.roa
File: 1FE7330CCCDD11EF97C3924F762E951A.roa (raw, json)
Hash identifier: aE1dM3Jwtu8XfaNTCgQVYGe028mCNawxaSEJ0avSn6s=
Subject key identifier: B5:6A:80:D8:D1:89:E1:39:9D:77:7D:33:B1:67:FC:EF:97:70:D3:01
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FB79
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1FE7330CCCDD11EF97C3924F762E951A.roa
Signing time: Tue 07 Jan 2025 09:52:37 +0000
ROA not before: Tue 07 Jan 2025 09:52:33 +0000
ROA not after: Mon 13 Dec 2027 09:52:33 +0000
asID: 17561
IP address blocks: 156.233.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64377 (0xfb79)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 09:52:33 2025 GMT
Not After : Dec 13 09:52:33 2027 GMT
Subject: CN=677cf965-f2b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:19:e3:65:42:06:ed:a1:09:ec:71:d4:5e:00:
86:3e:36:f4:6f:c6:87:7e:b0:bf:b1:9e:92:a1:05:
88:8c:d3:16:b6:72:15:70:3e:88:7d:83:7e:28:cd:
a0:dc:3a:66:24:d3:57:b3:f4:32:7d:33:75:76:20:
27:58:c2:87:42:3b:41:ed:1c:de:15:60:5d:50:fd:
25:22:77:b8:ae:ef:43:3a:6c:cb:e4:ec:ef:1c:8a:
5f:7c:51:bf:d4:0b:b6:20:82:ee:31:13:0f:51:56:
2a:c2:87:cb:98:7f:db:1c:3c:66:f5:c3:a0:25:66:
3a:bf:bb:1d:13:ef:e7:d4:e9:cf:b9:34:59:d3:7a:
4f:9a:bc:76:d3:34:07:7c:1a:43:c0:ad:ea:e8:f9:
78:bd:ac:f7:21:6a:b1:c3:45:2c:f0:1c:b8:54:f7:
bf:4a:69:49:f8:f7:32:3d:24:3a:7c:aa:ae:95:28:
02:50:90:03:11:f6:e9:b0:62:fd:62:73:61:6a:94:
3b:e7:60:98:6e:b7:b3:3b:fe:f3:40:ba:30:d5:33:
c5:ac:24:bf:76:5c:a4:e4:6c:f4:9d:18:e5:57:26:
74:40:4d:ca:8c:02:25:bb:c4:fd:8b:85:4c:4d:45:
96:e2:60:92:16:09:72:93:1b:53:5f:37:a7:4a:53:
a2:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:6A:80:D8:D1:89:E1:39:9D:77:7D:33:B1:67:FC:EF:97:70:D3:01
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1FE7330CCCDD11EF97C3924F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.211.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:29:55:cf:92:da:3b:8e:2e:15:45:e6:5b:f5:72:96:6a:cf:
d6:6d:8b:36:bb:28:56:2f:92:4a:e1:c5:34:6c:ae:0e:5d:6c:
59:d8:57:7e:46:74:b3:1d:da:0e:b2:bd:3e:94:6f:1e:16:cd:
30:d7:f6:2d:0f:79:76:4a:55:18:0a:77:7d:f2:a1:7d:58:32:
a0:d0:10:1f:30:9e:3b:f6:fe:23:a8:ed:21:70:29:eb:eb:04:
3c:e2:25:15:a4:86:81:8e:52:3a:ad:10:34:72:dc:db:24:38:
4f:36:d0:0b:d9:96:a8:cc:bf:ab:5f:0f:ea:e2:2d:b2:35:42:
fa:1d:d7:e6:63:eb:0f:ae:f3:03:41:a7:be:5d:ad:90:9e:0d:
9e:4d:15:6a:16:ef:6a:9d:37:f1:23:96:37:a7:ed:63:b6:7f:
72:dd:1b:41:ff:47:b8:9b:a6:bd:14:0e:8a:50:c1:e8:3e:2e:
8d:93:dd:32:6a:40:9a:f7:26:4b:d1:c7:84:43:b7:c8:6d:df:
fd:4a:5a:94:05:aa:ef:ba:b5:78:cc:fd:07:5a:5b:39:b4:57:
b3:60:01:8d:38:e7:45:4a:b7:4e:d5:c7:e9:7f:0d:4e:0c:47:
2b:e7:53:94:21:48:e7:e2:55:42:94:78:6f:1e:10:d7:d7:fb:
08:1e:a0:63
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPt5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDk1MjMzWhcNMjcxMjEzMDk1MjMzWjAYMRYw
FAYDVQQDEw02NzdjZjk2NS1mMmI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxxnjZUIG7aEJ7HHUXgCGPjb0b8aHfrC/sZ6SoQWIjNMWtnIVcD6IfYN+
KM2g3DpmJNNXs/QyfTN1diAnWMKHQjtB7RzeFWBdUP0lIne4ru9DOmzL5OzvHIpf
fFG/1Au2IILuMRMPUVYqwofLmH/bHDxm9cOgJWY6v7sdE+/n1OnPuTRZ03pPmrx2
0zQHfBpDwK3q6Pl4vaz3IWqxw0Us8By4VPe/SmlJ+PcyPSQ6fKqulSgCUJADEfbp
sGL9YnNhapQ752CYbrezO/7zQLow1TPFrCS/dlyk5Gz0nRjlVyZ0QE3KjAIlu8T9
i4VMTUWW4mCSFglykxtTXzenSlOizQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLVq
gNjRieE5nXd9M7Fn/O+XcNMBMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xRkU3MzMwQ0NDREQxMUVGOTdDMzkyNEY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOnTMA0GCSqGSIb3DQEBCwUA
A4IBAQAuKVXPkto7ji4VReZb9XKWas/WbYs2uyhWL5JK4cU0bK4OXWxZ2Fd+RnSz
HdoOsr0+lG8eFs0w1/YtD3l2SlUYCnd98qF9WDKg0BAfMJ479v4jqO0hcCnr6wQ8
4iUVpIaBjlI6rRA0ctzbJDhPNtAL2ZaozL+rXw/q4i2yNUL6HdfmY+sPrvMDQae+
Xa2Qng2eTRVqFu9qnTfxI5Y3p+1jtn9y3RtB/0e4m6a9FA6KUMHoPi6Nk90yakCa
9yZL0ceEQ7fIbd/9SlqUBarvurV4zP0HWls5tFezYAGNOOdFSrdO1cfpfw1ODEcr
51OUIUjn4lVClHhvHhDX1/sIHqBj
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:58:41 2025 by rpki-client