Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/22EABD1ACDAC11EFA8B4EA7A762E951A.roa
File: 22EABD1ACDAC11EFA8B4EA7A762E951A.roa (raw, json)
Hash identifier: fcOprGz/OPsTQ1ee9trmGFJIR79IQaIEQluPSSKxwOk=
Subject key identifier: CA:C8:95:3A:ED:9B:E7:FE:38:39:54:CD:25:37:BA:A9:69:65:D8:22
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010159
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/22EABD1ACDAC11EFA8B4EA7A762E951A.roa
Signing time: Wed 08 Jan 2025 10:34:28 +0000
ROA not before: Wed 08 Jan 2025 10:34:23 +0000
ROA not after: Mon 13 Dec 2027 10:34:23 +0000
asID: 17561
IP address blocks: 156.255.47.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65881 (0x10159)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 10:34:23 2025 GMT
Not After : Dec 13 10:34:23 2027 GMT
Subject: CN=677e54b3-ec27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:fc:ad:1d:4c:6d:56:64:60:f8:05:f1:fa:de:
df:df:1a:5f:16:4a:a7:bc:25:46:dc:cd:94:6f:a8:
69:b7:de:86:59:c7:51:9c:e0:5d:e4:2e:f7:0c:c0:
e8:ed:a1:57:10:b4:c0:c1:dd:1a:ad:a3:c1:51:5d:
93:4e:e6:58:c5:ce:f6:1c:46:eb:0c:e9:11:d7:63:
80:c2:f7:c5:63:1d:21:b3:1e:e7:a9:8b:40:64:58:
2f:23:a9:0f:cb:e0:09:4e:5b:58:0c:5b:45:42:12:
15:f7:70:72:b7:93:fe:ab:a4:9b:d5:44:7d:5c:65:
36:a6:88:90:88:04:d1:a0:4c:2a:ee:f8:0d:ee:b9:
82:43:b6:bb:40:d3:4a:07:cd:08:6b:50:aa:3e:bc:
ec:8d:47:dc:e5:1b:88:c5:c5:29:13:a5:8b:1f:46:
b8:37:40:d9:6a:64:a0:25:7b:cb:be:b4:b4:32:00:
2e:47:21:28:14:61:1f:54:88:8a:41:1b:16:0d:13:
05:84:3a:f7:2e:5d:e2:96:ab:ca:9e:df:92:ae:b7:
97:f3:00:fa:c0:7d:bf:50:a9:29:20:09:4e:b9:b9:
c3:32:ff:ae:3d:c5:a1:7a:a1:ff:51:de:08:3d:7d:
5c:ec:e3:61:cc:75:da:89:79:82:28:ba:cf:21:f7:
7a:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:C8:95:3A:ED:9B:E7:FE:38:39:54:CD:25:37:BA:A9:69:65:D8:22
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/22EABD1ACDAC11EFA8B4EA7A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.255.47.0/24
Signature Algorithm: sha256WithRSAEncryption
38:fa:ec:a4:a7:40:61:68:13:70:55:54:a8:67:fd:10:50:32:
a6:31:b6:f9:aa:14:02:76:ba:98:b0:d8:22:b0:73:ef:5c:38:
3d:af:3f:85:fa:67:77:65:3a:14:4d:26:c7:8e:fa:c6:6d:69:
95:b9:0e:e9:d2:78:a2:99:0a:86:a1:d2:0d:72:04:0f:b9:36:
23:af:ea:e2:c3:dd:da:7c:e1:62:67:56:63:dd:f3:03:e2:d6:
61:23:d2:0f:34:7e:9d:97:7a:4b:fb:7c:78:8d:b5:2c:90:1d:
a5:58:43:6b:3a:d9:4c:2e:b5:4b:ea:2e:c2:00:b8:c3:d8:7b:
e5:9e:22:ad:02:d3:f4:b4:9c:62:c4:37:81:b9:cc:d9:91:00:
b4:c1:3c:13:15:41:98:02:a3:f2:75:40:7b:43:04:b0:13:8d:
98:6f:3a:91:56:44:05:73:8b:d0:26:2c:16:fe:81:38:8b:f5:
33:eb:a9:c9:49:bb:30:cb:ef:34:92:a2:b6:92:98:b3:09:92:
bc:5e:91:15:e4:9d:42:e2:71:ba:42:eb:d9:aa:7e:9e:d5:91:
60:85:7d:0a:91:da:af:d4:9d:3d:b6:b7:19:9e:db:e7:49:03:
fc:f1:71:0f:3b:46:b4:9a:48:ae:92:44:ff:c6:64:71:06:99:
54:bd:71:ae
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQFZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MTAzNDIzWhcNMjcxMjEzMTAzNDIzWjAYMRYw
FAYDVQQDEw02NzdlNTRiMy1lYzI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtPytHUxtVmRg+AXx+t7f3xpfFkqnvCVG3M2Ub6hpt96GWcdRnOBd5C73
DMDo7aFXELTAwd0araPBUV2TTuZYxc72HEbrDOkR12OAwvfFYx0hsx7nqYtAZFgv
I6kPy+AJTltYDFtFQhIV93Byt5P+q6Sb1UR9XGU2poiQiATRoEwq7vgN7rmCQ7a7
QNNKB80Ia1CqPrzsjUfc5RuIxcUpE6WLH0a4N0DZamSgJXvLvrS0MgAuRyEoFGEf
VIiKQRsWDRMFhDr3Ll3ilqvKnt+SrreX8wD6wH2/UKkpIAlOubnDMv+uPcWheqH/
Ud4IPX1c7ONhzHXaiXmCKLrPIfd6SwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMrI
lTrtm+f+ODlUzSU3uqlpZdgiMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yMkVBQkQxQUNEQUMxMUVGQThCNEVBN0E3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP8vMA0GCSqGSIb3DQEBCwUA
A4IBAQA4+uykp0BhaBNwVVSoZ/0QUDKmMbb5qhQCdrqYsNgisHPvXDg9rz+F+md3
ZToUTSbHjvrGbWmVuQ7p0niimQqGodINcgQPuTYjr+riw93afOFiZ1Zj3fMD4tZh
I9IPNH6dl3pL+3x4jbUskB2lWENrOtlMLrVL6i7CALjD2HvlniKtAtP0tJxixDeB
uczZkQC0wTwTFUGYAqPydUB7QwSwE42YbzqRVkQFc4vQJiwW/oE4i/Uz66nJSbsw
y+80kqK2kpizCZK8XpEV5J1C4nG6QuvZqn6e1ZFghX0Kkdqv1J09trcZntvnSQP8
8XEPO0a0mkiukkT/xmRxBplUvXGu
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:56:41 2025 by rpki-client