Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/276E7A54CCFB11EF9B2F908A762E951A.roa
File: 276E7A54CCFB11EF9B2F908A762E951A.roa (raw, json)
Hash identifier: 0mDq11ld0d3T1n4vg/88XjFbMv/4Tk6t3cmSjY8Pt1U=
Subject key identifier: 12:29:72:8F:97:AF:3C:F9:16:F3:F0:C6:29:81:0C:F5:93:E9:77:FF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FC41
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/276E7A54CCFB11EF9B2F908A762E951A.roa
Signing time: Tue 07 Jan 2025 13:27:34 +0000
ROA not before: Tue 07 Jan 2025 13:27:31 +0000
ROA not after: Mon 13 Dec 2027 13:27:31 +0000
asID: 17561
IP address blocks: 156.238.26.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64577 (0xfc41)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 13:27:31 2025 GMT
Not After : Dec 13 13:27:31 2027 GMT
Subject: CN=677d2bc6-e746
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:15:32:b1:a9:59:a3:b0:e4:8a:55:80:3f:51:
08:90:59:16:fa:41:e7:67:cf:d3:9a:6e:54:ef:84:
7a:c3:44:28:05:e6:1d:31:a7:a3:35:df:48:f9:2d:
22:1c:62:bd:53:ef:02:65:59:a6:d2:a3:0c:e8:12:
2a:af:be:57:f1:09:bb:20:b9:c4:b7:50:f4:6a:82:
f5:ac:11:fe:52:90:3a:60:0e:34:aa:bb:00:0b:05:
66:c0:08:64:a7:c6:49:13:66:33:ff:46:b3:80:45:
c1:b3:fd:f0:cf:85:ae:bc:a4:fa:ab:fa:43:5d:e9:
bd:9d:4f:62:b1:92:30:68:78:30:8f:da:b8:60:90:
83:76:1f:b1:d9:dd:ea:67:1f:28:a0:b2:f5:7a:36:
ea:3a:f1:05:5f:06:7b:8d:d8:d2:36:94:ac:bf:82:
75:f3:05:c0:50:7b:a3:27:e5:78:f5:c3:52:c7:92:
1b:63:37:6b:bb:1d:c1:b3:16:3e:6c:bb:56:ce:6c:
53:57:e9:bb:eb:82:aa:5c:4c:ee:22:86:76:5f:de:
e7:be:0b:c7:d4:48:cc:16:e2:0f:fa:e2:24:a9:4b:
6b:3f:a8:ad:de:e4:35:92:5a:4a:d9:d8:bf:39:83:
ba:4e:b4:0e:2f:5c:99:1f:cc:66:10:33:13:de:1e:
7a:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:29:72:8F:97:AF:3C:F9:16:F3:F0:C6:29:81:0C:F5:93:E9:77:FF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/276E7A54CCFB11EF9B2F908A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.26.0/24
Signature Algorithm: sha256WithRSAEncryption
92:f4:5b:26:3d:57:ef:a3:4f:66:bf:73:7f:96:cc:b1:93:b3:
31:a7:3e:2e:91:9c:7c:39:f3:bb:09:43:e5:46:c1:df:6e:12:
07:0c:84:86:98:d6:bd:3c:2d:9d:f8:28:e4:fe:0b:e1:19:2e:
a9:c9:59:e4:6f:a9:cd:e1:20:f1:8c:c1:0a:cf:00:27:62:b1:
ad:9c:3b:c7:4d:53:c4:e5:6b:37:23:49:80:92:5a:1d:22:b1:
54:e2:43:fa:7e:c7:d3:85:a4:ca:93:5d:59:a2:0c:b4:12:26:
8f:ba:53:5d:46:76:93:6b:40:5f:da:dd:8f:4d:96:c4:b9:4c:
8d:ac:70:d8:6d:a7:d5:c2:99:2e:a4:6d:6e:aa:28:37:3f:a0:
14:89:21:58:a9:74:c3:28:cb:85:58:77:53:b7:5c:00:82:2d:
cc:8a:67:58:1c:89:f2:18:40:b1:a6:10:cd:77:42:21:cb:d4:
91:76:b6:16:40:f4:d3:1b:27:8c:c6:4e:98:cf:ec:20:b2:27:
f6:09:22:11:36:5d:09:fc:27:ae:35:6b:cb:25:68:a2:8c:04:
cf:4b:24:ba:d0:da:97:99:d9:7e:e7:4e:c7:af:2c:65:ab:42:
30:c0:a3:01:96:b0:88:f6:d9:37:24:83:2e:68:6b:5f:68:71:
81:24:d6:c8
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPxBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTMyNzMxWhcNMjcxMjEzMTMyNzMxWjAYMRYw
FAYDVQQDEw02NzdkMmJjNi1lNzQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwxUysalZo7DkilWAP1EIkFkW+kHnZ8/Tmm5U74R6w0QoBeYdMaejNd9I
+S0iHGK9U+8CZVmm0qMM6BIqr75X8Qm7ILnEt1D0aoL1rBH+UpA6YA40qrsACwVm
wAhkp8ZJE2Yz/0azgEXBs/3wz4WuvKT6q/pDXem9nU9isZIwaHgwj9q4YJCDdh+x
2d3qZx8ooLL1ejbqOvEFXwZ7jdjSNpSsv4J18wXAUHujJ+V49cNSx5IbYzdrux3B
sxY+bLtWzmxTV+m764KqXEzuIoZ2X97nvgvH1EjMFuIP+uIkqUtrP6it3uQ1klpK
2di/OYO6TrQOL1yZH8xmEDMT3h56NQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBIp
co+Xrzz5FvPwximBDPWT6Xf/MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yNzZFN0E1NENDRkIxMUVGOUIyRjkwOEE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO4aMA0GCSqGSIb3DQEBCwUA
A4IBAQCS9FsmPVfvo09mv3N/lsyxk7Mxpz4ukZx8OfO7CUPlRsHfbhIHDISGmNa9
PC2d+Cjk/gvhGS6pyVnkb6nN4SDxjMEKzwAnYrGtnDvHTVPE5Ws3I0mAklodIrFU
4kP6fsfThaTKk11Zogy0EiaPulNdRnaTa0Bf2t2PTZbEuUyNrHDYbafVwpkupG1u
qig3P6AUiSFYqXTDKMuFWHdTt1wAgi3MimdYHInyGECxphDNd0Ihy9SRdrYWQPTT
GyeMxk6Yz+wgsif2CSIRNl0J/CeuNWvLJWiijATPSyS60NqXmdl+507Hryxlq0Iw
wKMBlrCI9tk3JIMuaGtfaHGBJNbI
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:54:28 2025 by rpki-client