Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2263B05AC32E11EFB05070B8762E951A.roa
File: 2263B05AC32E11EFB05070B8762E951A.roa (raw, json)
Hash identifier: zs0WaxFPnUbW1bjho4z+MC7nquFc8AVVaObOJegbkMc=
Subject key identifier: 2E:6C:D1:1C:D3:A9:A6:A4:4E:24:AB:B7:C4:D7:87:F2:CD:B7:06:E1
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EAEB
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2263B05AC32E11EFB05070B8762E951A.roa
Signing time: Thu 26 Dec 2024 02:07:19 +0000
ROA not before: Thu 26 Dec 2024 02:07:15 +0000
ROA not after: Wed 10 Dec 2025 02:07:15 +0000
asID: 984
IP address blocks: 156.243.214.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60139 (0xeaeb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 02:07:15 2024 GMT
Not After : Dec 10 02:07:15 2025 GMT
Subject: CN=676cba56-6165
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:7e:91:94:e6:2d:c1:a4:0c:da:fd:1f:71:a0:
df:65:b2:0f:70:47:49:89:f9:89:e1:27:6e:ad:75:
dd:64:98:68:71:aa:4e:98:f5:99:5d:e2:70:e5:26:
62:cc:4a:26:df:df:90:a8:8c:99:34:28:6a:75:f3:
6e:90:10:00:cd:6e:10:c8:d6:f1:ab:35:7e:42:5c:
84:cf:3e:e0:e2:66:66:5e:77:78:d2:a9:1d:b0:4a:
3b:a7:51:d8:c4:ec:f7:43:5c:62:eb:52:10:ef:48:
ae:e3:93:c3:ce:8b:d2:e9:ec:1c:72:49:49:62:81:
5c:a1:9b:19:1b:8a:ad:58:9d:67:e1:7f:29:75:9a:
e5:91:d7:1d:3e:81:29:2d:2d:21:bb:1c:bc:de:e7:
8b:cc:bb:45:12:d2:af:13:92:34:57:cb:16:e2:c9:
0a:d1:a1:45:71:80:24:f2:a8:4c:2b:66:ce:65:48:
18:83:86:90:3e:0c:b6:7c:bb:ec:b3:7d:15:74:a7:
b3:8a:a9:08:68:28:e1:09:e1:01:ce:8a:5f:fd:9a:
b6:06:fb:35:6e:87:df:50:b3:64:22:92:44:df:e8:
39:8c:a2:f6:41:45:fa:09:ed:14:b8:65:86:75:3a:
85:25:65:8f:8a:3e:ce:9b:d0:45:2a:70:e5:72:64:
11:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:6C:D1:1C:D3:A9:A6:A4:4E:24:AB:B7:C4:D7:87:F2:CD:B7:06:E1
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2263B05AC32E11EFB05070B8762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.214.0/24
Signature Algorithm: sha256WithRSAEncryption
51:10:7c:81:b1:fd:9f:a4:d6:4b:00:7c:7d:36:15:ab:56:b9:
df:d5:a8:8d:2a:9b:7b:75:51:29:f6:1c:8c:89:75:70:62:e5:
f6:07:11:18:4c:19:3f:c2:5d:fe:3b:12:42:19:9c:32:2f:f1:
04:36:6f:24:f9:e8:99:73:ba:cc:d8:55:9d:89:7c:bb:18:4b:
f1:8d:b9:a5:16:a2:ae:37:09:53:a8:8e:cd:d0:bd:75:a1:2a:
af:a4:9d:af:34:71:7b:61:1a:62:a7:77:5c:23:21:75:67:d0:
3c:e5:3e:66:dd:61:0b:a0:12:48:92:b4:77:fe:db:6d:19:7d:
c3:b2:a1:93:57:ec:4b:09:47:da:32:18:e7:24:72:7f:b1:6e:
e4:5f:d2:fe:9d:5a:0f:2f:71:ce:d8:6f:02:21:8f:25:0b:cc:
91:86:c0:4b:6e:82:3d:cb:98:c9:c1:8c:16:29:7a:b2:0d:95:
55:0e:ce:4e:cb:d4:1a:b8:38:6b:57:52:80:de:27:e0:b6:9c:
a3:e2:9f:68:7e:01:9c:ee:7f:d3:93:a6:ad:9b:71:6f:52:52:
c1:df:e2:ba:02:99:cf:39:bd:9b:0c:70:a1:6b:40:02:a5:b6:
39:7f:df:02:ad:4b:bd:95:a8:59:32:a7:33:eb:70:5d:38:16:
6f:04:75:25
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOrrMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDIwNzE1WhcNMjUxMjEwMDIwNzE1WjAYMRYw
FAYDVQQDEw02NzZjYmE1Ni02MTY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA036RlOYtwaQM2v0fcaDfZbIPcEdJifmJ4SdurXXdZJhocapOmPWZXeJw
5SZizEom39+QqIyZNChqdfNukBAAzW4QyNbxqzV+QlyEzz7g4mZmXnd40qkdsEo7
p1HYxOz3Q1xi61IQ70iu45PDzovS6ewccklJYoFcoZsZG4qtWJ1n4X8pdZrlkdcd
PoEpLS0huxy83ueLzLtFEtKvE5I0V8sW4skK0aFFcYAk8qhMK2bOZUgYg4aQPgy2
fLvss30VdKeziqkIaCjhCeEBzopf/Zq2Bvs1boffULNkIpJE3+g5jKL2QUX6Ce0U
uGWGdTqFJWWPij7Om9BFKnDlcmQRRQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFC5s
0RzTqaakTiSrt8TXh/LNtwbhMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yMjYzQjA1QUMzMkUxMUVGQjA1MDcwQjg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPPWMA0GCSqGSIb3DQEBCwUA
A4IBAQBREHyBsf2fpNZLAHx9NhWrVrnf1aiNKpt7dVEp9hyMiXVwYuX2BxEYTBk/
wl3+OxJCGZwyL/EENm8k+eiZc7rM2FWdiXy7GEvxjbmlFqKuNwlTqI7N0L11oSqv
pJ2vNHF7YRpip3dcIyF1Z9A85T5m3WELoBJIkrR3/tttGX3DsqGTV+xLCUfaMhjn
JHJ/sW7kX9L+nVoPL3HO2G8CIY8lC8yRhsBLboI9y5jJwYwWKXqyDZVVDs5Oy9Qa
uDhrV1KA3ifgtpyj4p9ofgGc7n/Tk6atm3FvUlLB3+K6ApnPOb2bDHCha0ACpbY5
f98CrUu9lahZMqcz63BdOBZvBHUl
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:56:42 2025 by rpki-client