Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2A72D4D8CD5111EFB547ABA7762E951A.roa
File: 2A72D4D8CD5111EFB547ABA7762E951A.roa (raw, json)
Hash identifier: swswDEl886mrgmd1r0mSgKQsMXh/ZTyfpxgSOcmf6hg=
Subject key identifier: 89:31:6A:A2:DD:D1:76:6D:CB:73:D5:78:2E:6A:C9:D8:3C:60:D9:55
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FEED
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2A72D4D8CD5111EFB547ABA7762E951A.roa
Signing time: Tue 07 Jan 2025 23:43:16 +0000
ROA not before: Tue 07 Jan 2025 23:43:12 +0000
ROA not after: Mon 13 Dec 2027 23:43:12 +0000
asID: 17561
IP address blocks: 156.247.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65261 (0xfeed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 23:43:12 2025 GMT
Not After : Dec 13 23:43:12 2027 GMT
Subject: CN=677dbc14-f0bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:50:3a:af:f0:62:5a:4c:85:41:8c:8e:41:e5:
a0:54:a9:d5:81:36:47:b8:5f:94:d4:46:06:f3:39:
f4:4b:c6:39:a8:29:8b:d9:f7:2b:0e:49:a1:56:ae:
6e:8a:a3:db:87:5a:42:8f:46:cb:30:51:f9:73:fb:
03:c6:da:4d:2f:09:91:65:2f:53:bd:13:5a:38:81:
c9:94:ac:82:ad:51:26:3b:14:56:32:af:74:3a:29:
48:37:6d:3e:c4:05:e2:ec:b1:b8:29:ea:37:1c:79:
55:2a:ec:9e:d8:fa:81:c6:f9:83:34:c0:35:09:ed:
46:40:d5:94:9d:cb:8f:22:42:72:b5:06:75:1a:4c:
5b:5e:63:1c:52:46:4b:f6:1e:bd:b8:8d:65:ff:64:
a0:b3:38:22:c3:49:07:55:2a:14:17:f6:96:b1:2c:
1f:1b:9b:6e:94:99:d5:20:37:c5:b0:d6:36:59:50:
0b:d2:c0:f6:8b:d3:3b:40:01:69:84:0b:83:88:b5:
cc:b0:8d:ab:8f:33:dc:2f:91:2c:12:3e:39:28:0c:
d1:80:94:78:be:fc:4f:0a:82:d3:a0:b8:7e:ea:cb:
59:e2:f3:d0:dd:f5:77:25:82:45:6d:f8:f6:3e:75:
d4:40:fb:ba:b3:f7:25:53:23:78:d4:48:bb:68:ec:
4a:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:31:6A:A2:DD:D1:76:6D:CB:73:D5:78:2E:6A:C9:D8:3C:60:D9:55
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2A72D4D8CD5111EFB547ABA7762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.247.31.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:59:f7:eb:1d:f2:09:df:f1:00:77:19:ea:d6:06:bd:da:19:
cf:4e:38:ae:52:e2:68:46:1a:03:39:a3:08:fb:2e:8b:37:46:
38:5a:dc:78:0d:7d:f1:30:6e:10:f9:2b:7b:37:a0:ff:1b:90:
2f:6d:4b:74:43:b6:9e:e8:12:ba:99:dc:1b:7f:be:ab:9b:89:
52:e8:86:b8:e5:72:af:17:66:c7:2e:47:0a:e9:53:b6:6b:42:
37:21:e9:ef:c1:ff:5d:a9:80:84:1b:78:80:8f:06:66:c2:b1:
69:d2:73:b9:4d:a9:9d:43:dc:df:b9:90:a7:b6:8b:af:33:f5:
c0:f9:a9:ee:65:be:ad:9e:22:77:21:7c:5f:a8:36:81:0f:eb:
21:29:c9:7c:0f:27:f2:3b:0d:c6:51:84:a3:84:f1:03:fb:58:
fe:bf:c8:8f:ff:07:f0:4b:22:6f:d6:2e:68:3e:42:55:0a:0e:
9f:0c:ed:b9:fe:c1:e6:da:79:52:fa:99:15:c7:52:98:c5:a9:
9a:5d:ac:ea:cd:ce:3b:12:88:2e:30:45:5e:51:5a:22:bd:fe:
17:78:f3:6c:72:57:c0:2f:27:90:4e:cf:47:51:ab:e7:e9:a7:
05:87:e4:0c:43:23:2d:59:44:c9:23:78:98:8f:0a:56:df:b2:
46:75:cb:8b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP7tMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MjM0MzEyWhcNMjcxMjEzMjM0MzEyWjAYMRYw
FAYDVQQDEw02NzdkYmMxNC1mMGJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvlA6r/BiWkyFQYyOQeWgVKnVgTZHuF+U1EYG8zn0S8Y5qCmL2fcrDkmh
Vq5uiqPbh1pCj0bLMFH5c/sDxtpNLwmRZS9TvRNaOIHJlKyCrVEmOxRWMq90OilI
N20+xAXi7LG4Keo3HHlVKuye2PqBxvmDNMA1Ce1GQNWUncuPIkJytQZ1GkxbXmMc
UkZL9h69uI1l/2Sgszgiw0kHVSoUF/aWsSwfG5tulJnVIDfFsNY2WVAL0sD2i9M7
QAFphAuDiLXMsI2rjzPcL5EsEj45KAzRgJR4vvxPCoLToLh+6stZ4vPQ3fV3JYJF
bfj2PnXUQPu6s/clUyN41Ei7aOxK3wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIkx
aqLd0XZty3PVeC5qydg8YNlVMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yQTcyRDREOENENTExMUVGQjU0N0FCQTc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPcfMA0GCSqGSIb3DQEBCwUA
A4IBAQCmWffrHfIJ3/EAdxnq1ga92hnPTjiuUuJoRhoDOaMI+y6LN0Y4Wtx4DX3x
MG4Q+St7N6D/G5AvbUt0Q7ae6BK6mdwbf76rm4lS6Ia45XKvF2bHLkcK6VO2a0I3
Ienvwf9dqYCEG3iAjwZmwrFp0nO5TamdQ9zfuZCntouvM/XA+anuZb6tniJ3IXxf
qDaBD+shKcl8DyfyOw3GUYSjhPED+1j+v8iP/wfwSyJv1i5oPkJVCg6fDO25/sHm
2nlS+pkVx1KYxamaXazqzc47EoguMEVeUVoivf4XePNsclfALyeQTs9HUavn6acF
h+QMQyMtWUTJI3iYjwpW37JGdcuL
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:55:13 2025 by rpki-client