Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2275BB2CCD8511EF85717186762E951A.roa
File: 2275BB2CCD8511EF85717186762E951A.roa (raw, json)
Hash identifier: 3ZnPnBpFv9TUyiAJHSePQ8M/teUyxbqbYdJtPw9LkyQ=
Subject key identifier: E7:40:EF:4E:55:97:21:16:55:91:CE:45:6F:51:FD:11:02:ED:DA:00
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010023
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2275BB2CCD8511EF85717186762E951A.roa
Signing time: Wed 08 Jan 2025 05:55:16 +0000
ROA not before: Wed 08 Jan 2025 05:55:13 +0000
ROA not after: Sat 13 Dec 2025 05:55:13 +0000
asID: 984
IP address blocks: 156.252.29.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65571 (0x10023)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 05:55:13 2025 GMT
Not After : Dec 13 05:55:13 2025 GMT
Subject: CN=677e1344-e8a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:23:ba:05:3f:48:d4:7d:87:f3:1a:70:46:b6:
87:b0:40:05:66:53:5c:cb:ff:6f:e1:dc:f1:f7:56:
c5:ff:b6:5b:aa:e5:d7:a6:55:27:44:17:88:ce:a2:
cf:52:05:50:65:2a:69:63:e6:b4:11:e3:64:15:e8:
33:fc:fa:5a:07:05:c7:36:fd:41:13:0d:e9:f5:07:
c1:d7:ab:78:85:3b:40:c5:82:1f:e0:09:e8:4f:81:
b8:e8:c8:54:45:57:20:34:5e:cc:5f:f9:9f:bd:f3:
35:40:82:3f:fa:a8:a2:cf:c0:d2:24:47:f7:e5:db:
20:29:81:84:41:4f:70:8f:c1:c3:1f:cf:04:98:39:
b4:77:89:8c:6a:37:2b:f8:7c:64:0e:93:48:ca:75:
9a:ac:e7:b6:03:b2:2e:ec:c7:1e:b5:8a:a3:d8:40:
de:79:25:c8:41:f3:d3:c5:39:e3:e4:65:fa:0f:9e:
99:2f:f0:c3:b6:a0:a8:a5:de:b8:cb:e2:1c:ef:ec:
87:3d:d4:83:57:ac:2b:55:be:4d:93:83:cd:a9:54:
f0:a8:e2:9a:e5:aa:a5:b0:4c:b7:4c:78:78:86:a0:
43:d4:a6:f1:aa:e0:d7:60:aa:67:36:25:03:7a:8b:
c5:c0:e5:19:12:fa:8c:a1:21:54:de:c9:d9:8e:c4:
a0:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:40:EF:4E:55:97:21:16:55:91:CE:45:6F:51:FD:11:02:ED:DA:00
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2275BB2CCD8511EF85717186762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.29.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:46:70:cc:5f:8d:6a:0b:8b:9b:42:4f:70:0f:50:48:d6:db:
09:94:57:36:69:a2:29:7d:fd:f5:f1:45:a8:ac:ec:7a:22:c4:
18:f5:97:cd:0f:5a:d7:be:12:33:5d:a2:f0:40:bb:67:ef:a6:
ff:ff:01:d4:38:ef:ca:51:40:29:db:b4:8c:f7:38:27:12:3d:
0c:a6:bc:e4:c5:92:b2:b4:51:cf:c5:c4:7a:50:e8:a0:6f:8d:
6e:2f:d1:61:ba:13:86:86:6c:09:69:77:e3:86:d1:fb:8e:77:
d4:9e:79:2b:f4:04:3e:f0:1d:7a:7d:0d:32:d2:89:14:04:6f:
89:07:1d:07:df:a9:bb:26:5b:67:23:18:f7:ef:75:8d:7d:d6:
b1:9b:df:5a:56:7a:a7:d7:78:42:40:9e:36:21:f1:b1:78:1d:
90:a6:2b:67:68:f7:fa:e7:12:97:4c:ac:96:46:3b:80:78:e1:
51:d2:e1:28:67:27:62:ba:05:17:d4:db:c0:4a:71:b0:19:52:
52:7f:58:00:ee:3e:c1:20:53:0f:51:49:4a:36:a1:1d:a1:0b:
ff:4e:29:86:21:f0:79:81:a1:66:4c:7c:26:81:55:a5:83:d6:
ca:cc:9c:a8:a1:c3:29:cb:ab:7d:d1:65:19:86:d3:44:e1:bf:
a8:9a:b4:71
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQAjMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDU1NTEzWhcNMjUxMjEzMDU1NTEzWjAYMRYw
FAYDVQQDEw02NzdlMTM0NC1lOGE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA9SO6BT9I1H2H8xpwRraHsEAFZlNcy/9v4dzx91bF/7ZbquXXplUnRBeI
zqLPUgVQZSppY+a0EeNkFegz/PpaBwXHNv1BEw3p9QfB16t4hTtAxYIf4AnoT4G4
6MhURVcgNF7MX/mfvfM1QII/+qiiz8DSJEf35dsgKYGEQU9wj8HDH88EmDm0d4mM
ajcr+HxkDpNIynWarOe2A7Iu7McetYqj2EDeeSXIQfPTxTnj5GX6D56ZL/DDtqCo
pd64y+Ic7+yHPdSDV6wrVb5Nk4PNqVTwqOKa5aqlsEy3THh4hqBD1KbxquDXYKpn
NiUDeovFwOUZEvqMoSFU3snZjsSgcwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOdA
705VlyEWVZHORW9R/REC7doAMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yMjc1QkIyQ0NEODUxMUVGODU3MTcxODY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPwdMA0GCSqGSIb3DQEBCwUA
A4IBAQAbRnDMX41qC4ubQk9wD1BI1tsJlFc2aaIpff318UWorOx6IsQY9ZfND1rX
vhIzXaLwQLtn76b//wHUOO/KUUAp27SM9zgnEj0MprzkxZKytFHPxcR6UOigb41u
L9FhuhOGhmwJaXfjhtH7jnfUnnkr9AQ+8B16fQ0y0okUBG+JBx0H36m7JltnIxj3
73WNfdaxm99aVnqn13hCQJ42IfGxeB2QpitnaPf65xKXTKyWRjuAeOFR0uEoZydi
ugUX1NvASnGwGVJSf1gA7j7BIFMPUUlKNqEdoQv/TimGIfB5gaFmTHwmgVWlg9bK
zJyoocMpy6t90WUZhtNE4b+omrRx
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:45:58 2025 by rpki-client