Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2AAE6CB8CDCA11EFBE0928B8762E951A.roa
File: 2AAE6CB8CDCA11EFBE0928B8762E951A.roa (raw, json)
Hash identifier: IMtTU2b28alaxLIMflb+Nk7GaYf+GXBgQbNcqkmP7bo=
Subject key identifier: 34:38:F6:55:17:61:D7:18:FD:04:FE:22:8A:6B:29:F3:F6:22:BD:B2
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0101CA
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2AAE6CB8CDCA11EFBE0928B8762E951A.roa
Signing time: Wed 08 Jan 2025 14:09:25 +0000
ROA not before: Wed 08 Jan 2025 14:09:22 +0000
ROA not after: Sat 25 Dec 2027 14:09:22 +0000
asID: 17561
IP address blocks: 156.243.237.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65994 (0x101ca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 14:09:22 2025 GMT
Not After : Dec 25 14:09:22 2027 GMT
Subject: CN=677e8715-38bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:84:91:e3:ef:c1:d7:28:ab:0a:ae:f9:5d:36:
b3:66:27:d6:76:32:2e:d8:9e:23:78:5d:b5:6b:d7:
bb:b9:63:ea:4d:17:f6:bc:2e:c8:01:de:b2:c9:85:
87:5f:78:5f:8b:a7:ff:e8:99:b9:57:e0:61:27:9e:
a5:7d:8b:f2:02:20:44:6d:f5:5a:ed:73:00:72:93:
9c:95:cc:37:8c:b4:dd:58:8a:09:01:8d:43:fd:ef:
4d:98:18:81:04:cb:63:e3:e6:6a:49:9e:2b:a7:dd:
f7:d7:fc:ed:e2:d5:3c:74:c1:46:b3:71:1c:e1:a1:
55:2f:1b:e1:66:c8:d5:50:65:3c:2e:38:ce:30:38:
97:56:59:7c:94:5e:c8:dc:b4:11:6a:5f:0b:26:a1:
75:65:92:40:61:23:89:df:bf:2c:cf:c4:8c:9c:10:
ce:c2:f2:9d:51:41:3f:fc:03:7b:39:f3:9b:38:ae:
8c:2b:fa:60:73:b8:c4:25:5a:ff:ea:fe:06:d6:b8:
8b:03:dd:89:c0:24:2d:c9:27:70:3f:75:f7:1f:a2:
36:67:cd:82:74:fb:69:be:44:cf:65:69:86:31:28:
2a:9b:0b:3e:a3:18:e2:3c:0d:79:b0:d1:77:bd:cb:
da:41:c3:0e:92:0d:f0:30:f6:a6:cc:59:29:08:cb:
97:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:38:F6:55:17:61:D7:18:FD:04:FE:22:8A:6B:29:F3:F6:22:BD:B2
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2AAE6CB8CDCA11EFBE0928B8762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.237.0/24
Signature Algorithm: sha256WithRSAEncryption
73:79:eb:e2:27:73:95:4f:14:97:ea:22:9b:8c:ab:a8:91:ea:
49:73:bc:54:0a:fb:39:ed:5b:85:4e:6c:62:6a:6a:28:bf:0a:
24:ad:99:f0:d3:0a:9d:17:13:03:f7:d2:ac:a2:57:19:e5:7d:
10:b2:c2:91:a2:d2:00:65:dc:47:bf:32:2b:ce:88:0c:f1:7d:
08:bf:27:60:bc:59:a4:1d:6e:68:33:e9:1d:79:9a:75:6a:db:
de:34:6b:20:6f:c5:7a:ec:2b:be:bd:74:44:4a:a6:1b:a7:2a:
24:04:01:5b:38:ea:6d:c8:0b:dc:34:62:c7:3c:8b:12:a4:93:
bb:ce:79:b2:75:f7:ce:24:98:ee:71:8f:6b:48:41:62:06:a4:
f0:ea:69:be:c0:3c:b7:e2:28:40:3c:59:7a:7f:f3:4f:f8:c6:
a0:16:98:57:c8:fd:3d:a2:72:e1:35:b4:52:f1:3d:53:a9:2b:
01:b4:2f:dd:c3:49:39:1f:d6:db:0c:f1:f9:90:cf:18:51:b0:
e0:00:70:13:8c:d2:bb:6f:88:00:5d:62:41:f8:c4:9f:29:f0:
4c:ea:3e:c4:70:14:84:9b:46:83:3d:c4:e6:61:23:57:50:47:
7a:8d:c5:91:44:e4:d4:0e:3c:1f:68:f9:b0:c9:6f:20:7c:7f:
52:49:fd:e1
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQHKMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MTQwOTIyWhcNMjcxMjI1MTQwOTIyWjAYMRYw
FAYDVQQDEw02NzdlODcxNS0zOGJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuYSR4+/B1yirCq75XTazZifWdjIu2J4jeF21a9e7uWPqTRf2vC7IAd6y
yYWHX3hfi6f/6Jm5V+BhJ56lfYvyAiBEbfVa7XMAcpOclcw3jLTdWIoJAY1D/e9N
mBiBBMtj4+ZqSZ4rp9331/zt4tU8dMFGs3Ec4aFVLxvhZsjVUGU8LjjOMDiXVll8
lF7I3LQRal8LJqF1ZZJAYSOJ378sz8SMnBDOwvKdUUE//AN7OfObOK6MK/pgc7jE
JVr/6v4G1riLA92JwCQtySdwP3X3H6I2Z82CdPtpvkTPZWmGMSgqmws+oxjiPA15
sNF3vcvaQcMOkg3wMPamzFkpCMuXVQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDQ4
9lUXYdcY/QT+IoprKfP2Ir2yMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yQUFFNkNCOENEQ0ExMUVGQkUwOTI4Qjg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPPtMA0GCSqGSIb3DQEBCwUA
A4IBAQBzeeviJ3OVTxSX6iKbjKuokepJc7xUCvs57VuFTmxiamoovwokrZnw0wqd
FxMD99KsolcZ5X0QssKRotIAZdxHvzIrzogM8X0IvydgvFmkHW5oM+kdeZp1atve
NGsgb8V67Cu+vXRESqYbpyokBAFbOOptyAvcNGLHPIsSpJO7znmydffOJJjucY9r
SEFiBqTw6mm+wDy34ihAPFl6f/NP+MagFphXyP09onLhNbRS8T1TqSsBtC/dw0k5
H9bbDPH5kM8YUbDgAHATjNK7b4gAXWJB+MSfKfBM6j7EcBSEm0aDPcTmYSNXUEd6
jcWRROTUDjwfaPmwyW8gfH9SSf3h
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:59:47 2025 by rpki-client