Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2B4BBC54CDAF11EF9DEB368F762E951A.roa
File: 2B4BBC54CDAF11EF9DEB368F762E951A.roa (raw, json)
Hash identifier: 1CMvlL6PtLe3Vsi2AFtHGQBvePwjNKeJblhgGNEtwgU=
Subject key identifier: B8:11:5C:D7:AE:8A:5D:87:7F:9A:CE:B4:B0:70:F7:E1:C3:61:3C:7B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010171
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2B4BBC54CDAF11EF9DEB368F762E951A.roa
Signing time: Wed 08 Jan 2025 10:56:10 +0000
ROA not before: Wed 08 Jan 2025 10:56:06 +0000
ROA not after: Mon 13 Dec 2027 10:56:06 +0000
asID: 17561
IP address blocks: 156.255.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65905 (0x10171)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 10:56:06 2025 GMT
Not After : Dec 13 10:56:06 2027 GMT
Subject: CN=677e59ca-8ccf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:dd:1c:5f:fd:bd:78:cb:15:04:b5:b1:2f:a1:
de:fb:14:7c:85:fb:76:6e:d5:8f:22:39:09:c1:5c:
3d:90:c5:6d:a2:64:67:00:12:99:2c:72:4e:02:61:
55:41:9d:39:2d:20:53:d1:5b:ac:ba:31:bb:aa:85:
7b:c0:66:f4:03:64:61:03:78:5c:68:64:c1:71:8c:
11:b3:c0:a8:0b:b6:35:61:62:80:03:39:f8:48:ca:
68:68:8a:10:5f:62:c1:b0:0a:2d:59:96:78:5b:d7:
09:d9:b3:9e:5c:28:8d:91:a1:2e:95:99:9c:1e:38:
4e:c8:08:f6:ba:b5:9b:cf:19:12:9a:e2:a5:34:08:
f7:16:eb:e2:de:84:e4:c2:fa:e3:25:9e:c0:63:29:
ce:70:3a:e7:54:91:03:86:75:66:16:02:44:cd:63:
b7:a5:7a:8e:97:18:3f:92:32:e1:62:71:26:72:3f:
e1:13:43:d9:39:d2:36:20:c5:fd:c5:8b:c1:e6:ee:
8a:1b:0b:73:f0:b8:88:d3:2d:bc:5e:60:7e:b9:fe:
d6:ab:2e:ab:b1:9a:8d:b5:cf:f9:ec:48:8a:73:7e:
d7:ff:ff:e9:42:b3:39:9a:ac:ff:c5:46:07:6f:86:
90:af:fb:01:94:4d:3a:95:bf:f8:16:50:9f:9e:da:
98:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:11:5C:D7:AE:8A:5D:87:7F:9A:CE:B4:B0:70:F7:E1:C3:61:3C:7B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2B4BBC54CDAF11EF9DEB368F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.255.60.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:df:aa:ab:c2:97:44:99:53:98:fa:6e:92:e7:e6:76:ea:fb:
6b:67:80:49:d9:f0:4f:fd:78:f7:b7:79:20:a3:65:ef:c6:f2:
02:05:7b:30:ec:09:64:53:44:59:1d:21:95:8d:41:9b:1e:77:
22:d0:1b:8e:2c:67:5a:b8:e6:1d:30:4f:fa:8e:79:b2:9b:eb:
d4:eb:8b:0b:c8:70:6b:89:69:28:8b:73:be:65:f5:b1:48:39:
28:ca:73:6b:10:7b:40:e3:12:d5:8c:74:fb:17:1d:cc:5e:3c:
a5:d6:56:d9:9d:a0:e0:60:e6:db:44:af:34:35:51:d5:b5:6b:
6c:b6:dd:35:d2:e4:24:c2:48:46:91:73:8e:85:d2:94:4a:31:
47:43:31:72:9f:1c:08:00:d3:d7:6c:cb:38:e8:3e:8c:d9:d3:
5e:49:fb:a0:81:0c:ab:62:ed:51:c2:79:ad:49:35:fe:ca:28:
f8:fc:b1:be:d9:b9:fb:9d:be:63:89:b4:21:f7:f3:6b:e5:96:
0c:a5:ca:24:f2:f7:16:2e:a4:e5:46:ff:e7:fe:fa:5b:44:7f:
7f:38:d2:3d:df:e6:ae:17:36:4e:d1:e3:4e:b7:ed:87:9d:01:
80:98:aa:6d:d3:5d:08:8a:ad:16:9d:28:36:d0:80:e9:64:17:
45:a2:15:e4
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQFxMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MTA1NjA2WhcNMjcxMjEzMTA1NjA2WjAYMRYw
FAYDVQQDEw02NzdlNTljYS04Y2NmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA9d0cX/29eMsVBLWxL6He+xR8hft2btWPIjkJwVw9kMVtomRnABKZLHJO
AmFVQZ05LSBT0VusujG7qoV7wGb0A2RhA3hcaGTBcYwRs8CoC7Y1YWKAAzn4SMpo
aIoQX2LBsAotWZZ4W9cJ2bOeXCiNkaEulZmcHjhOyAj2urWbzxkSmuKlNAj3Fuvi
3oTkwvrjJZ7AYynOcDrnVJEDhnVmFgJEzWO3pXqOlxg/kjLhYnEmcj/hE0PZOdI2
IMX9xYvB5u6KGwtz8LiI0y28XmB+uf7Wqy6rsZqNtc/57EiKc37X///pQrM5mqz/
xUYHb4aQr/sBlE06lb/4FlCfntqYZwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLgR
XNeuil2Hf5rOtLBw9+HDYTx7MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yQjRCQkM1NENEQUYxMUVGOURFQjM2OEY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP88MA0GCSqGSIb3DQEBCwUA
A4IBAQAs36qrwpdEmVOY+m6S5+Z26vtrZ4BJ2fBP/Xj3t3kgo2XvxvICBXsw7Alk
U0RZHSGVjUGbHnci0BuOLGdauOYdME/6jnmym+vU64sLyHBriWkoi3O+ZfWxSDko
ynNrEHtA4xLVjHT7Fx3MXjyl1lbZnaDgYObbRK80NVHVtWtstt010uQkwkhGkXOO
hdKUSjFHQzFynxwIANPXbMs46D6M2dNeSfuggQyrYu1RwnmtSTX+yij4/LG+2bn7
nb5jibQh9/Nr5ZYMpcok8vcWLqTlRv/n/vpbRH9/ONI93+auFzZO0eNOt+2HnQGA
mKpt010Iiq0WnSg20IDpZBdFohXk
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:49:55 2025 by rpki-client