Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2A9DCC94C33611EFA00A5376762E951A.roa
File: 2A9DCC94C33611EFA00A5376762E951A.roa (raw, json)
Hash identifier: zr3Gi9Ir55ejnVcNsOdPOSvKLLJ43dpaj8YqkCIHG5E=
Subject key identifier: B8:8A:71:15:F2:DF:0B:CA:A8:A3:43:0D:41:D2:83:7C:FD:D3:B5:79
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EB4B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2A9DCC94C33611EFA00A5376762E951A.roa
Signing time: Thu 26 Dec 2024 03:04:48 +0000
ROA not before: Thu 26 Dec 2024 03:04:45 +0000
ROA not after: Fri 10 Dec 2027 03:04:45 +0000
asID: 17561
IP address blocks: 156.244.161.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60235 (0xeb4b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 03:04:45 2024 GMT
Not After : Dec 10 03:04:45 2027 GMT
Subject: CN=676cc7d0-2333
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:2e:15:30:6b:27:d5:f4:12:c1:93:d4:6d:33:
3c:59:aa:45:ba:5a:96:c2:54:f9:d3:81:0e:d3:58:
41:ab:5f:51:43:62:e1:f7:84:0a:67:77:63:d4:fd:
66:33:cb:c2:9a:48:d7:46:e4:4d:7b:32:22:62:16:
cb:07:10:83:55:e6:3d:a4:98:28:94:fc:b9:96:1d:
59:3c:68:4b:f6:33:6c:98:c7:f8:18:dc:4c:a4:f2:
2c:cf:f2:59:6a:21:f3:2f:8a:93:45:9b:e4:54:e9:
ab:00:91:0a:e0:2f:87:2d:55:8f:e9:f9:c9:51:36:
1b:77:b1:88:a9:f3:50:76:79:2a:c3:01:89:23:b1:
e3:97:9e:9e:a9:77:3f:4f:60:a5:dc:a0:16:0f:67:
b3:88:bb:2a:a3:b6:9c:e0:a7:36:79:08:4f:8e:74:
65:41:15:e7:89:7c:20:0e:76:d8:20:d6:50:db:36:
d4:29:02:d3:47:51:ed:8d:55:4f:71:ce:14:c7:6e:
30:9d:8c:75:2d:9d:75:71:31:23:34:6d:38:96:16:
e1:ef:f1:00:92:35:a9:fb:89:e7:46:e7:e6:1f:ae:
5c:d9:7c:35:bf:1c:23:06:1c:83:2d:ac:3b:c9:e3:
f3:5c:92:f7:94:67:c3:a3:a9:99:a8:d9:b7:56:eb:
ed:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:8A:71:15:F2:DF:0B:CA:A8:A3:43:0D:41:D2:83:7C:FD:D3:B5:79
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2A9DCC94C33611EFA00A5376762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.244.161.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:a1:6d:c9:a8:69:60:a4:f8:3c:f3:1a:1a:5f:20:79:b8:77:
bd:24:d3:27:b5:8a:cd:75:48:63:f7:ca:b0:3e:6d:8d:8e:cf:
48:89:43:8f:04:05:88:e6:3e:ad:42:37:5e:47:fd:2d:ee:b0:
78:92:28:cc:a0:d9:de:d7:d9:47:78:7c:15:fc:b3:ca:e6:72:
6d:7e:33:d6:61:ea:88:0b:78:e6:53:df:f6:38:9e:cd:b5:fb:
de:af:1e:ad:19:3e:d1:f2:eb:5b:0a:ae:b8:84:45:0f:28:f1:
fe:36:a5:c0:94:86:46:66:74:3a:81:6f:9a:3e:4f:1c:0c:65:
c0:b1:6d:0a:32:10:5b:ec:56:e1:ae:e3:cb:e1:cf:7e:9f:37:
01:df:dd:ce:74:4b:9e:83:bb:3a:cf:cd:60:3a:ea:d0:95:b3:
ed:fb:6a:d5:7b:b1:f0:2c:2d:5c:5c:8b:5e:37:7b:3a:90:68:
83:c5:dd:d3:c5:25:41:88:37:3b:88:19:f6:4f:22:a3:7c:fe:
be:ed:8f:a5:1c:79:bd:c0:6d:f0:8f:56:4d:f3:e6:0d:b5:80:
61:34:bf:6f:61:1e:7a:28:7a:60:3d:d1:e6:f2:b0:34:58:31:
66:71:98:65:4c:a5:63:c6:e5:45:5e:4f:45:d6:56:0e:95:98:
6e:7b:f9:e8
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOtLMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDMwNDQ1WhcNMjcxMjEwMDMwNDQ1WjAYMRYw
FAYDVQQDEw02NzZjYzdkMC0yMzMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArS4VMGsn1fQSwZPUbTM8WapFulqWwlT504EO01hBq19RQ2Lh94QKZ3dj
1P1mM8vCmkjXRuRNezIiYhbLBxCDVeY9pJgolPy5lh1ZPGhL9jNsmMf4GNxMpPIs
z/JZaiHzL4qTRZvkVOmrAJEK4C+HLVWP6fnJUTYbd7GIqfNQdnkqwwGJI7Hjl56e
qXc/T2Cl3KAWD2eziLsqo7ac4Kc2eQhPjnRlQRXniXwgDnbYINZQ2zbUKQLTR1Ht
jVVPcc4Ux24wnYx1LZ11cTEjNG04lhbh7/EAkjWp+4nnRufmH65c2Xw1vxwjBhyD
Law7yePzXJL3lGfDo6mZqNm3VuvtaQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLiK
cRXy3wvKqKNDDUHSg3z907V5MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yQTlEQ0M5NEMzMzYxMUVGQTAwQTUzNzY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPShMA0GCSqGSIb3DQEBCwUA
A4IBAQBboW3JqGlgpPg88xoaXyB5uHe9JNMntYrNdUhj98qwPm2Njs9IiUOPBAWI
5j6tQjdeR/0t7rB4kijMoNne19lHeHwV/LPK5nJtfjPWYeqIC3jmU9/2OJ7Ntfve
rx6tGT7R8utbCq64hEUPKPH+NqXAlIZGZnQ6gW+aPk8cDGXAsW0KMhBb7FbhruPL
4c9+nzcB393OdEueg7s6z81gOurQlbPt+2rVe7HwLC1cXIteN3s6kGiDxd3TxSVB
iDc7iBn2TyKjfP6+7Y+lHHm9wG3wj1ZN8+YNtYBhNL9vYR56KHpgPdHm8rA0WDFm
cZhlTKVjxuVFXk9F1lYOlZhue/no
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:47:03 2025 by rpki-client