Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2B876360CC9911EFA276A291762E951A.roa
File: 2B876360CC9911EFA276A291762E951A.roa (raw, json)
Hash identifier: 7iQcPaPRd5qhngs4L89CirVFKKxHyTvLxv1jETXMhdk=
Subject key identifier: B8:A3:A6:27:F5:9F:36:0E:35:CA:7F:D9:ED:86:09:54:6D:1B:43:CF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F952
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2B876360CC9911EFA276A291762E951A.roa
Signing time: Tue 07 Jan 2025 01:46:10 +0000
ROA not before: Tue 07 Jan 2025 01:46:07 +0000
ROA not after: Mon 13 Dec 2027 01:46:07 +0000
asID: 17561
IP address blocks: 156.227.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63826 (0xf952)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 01:46:07 2025 GMT
Not After : Dec 13 01:46:07 2027 GMT
Subject: CN=677c8762-e0ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:fa:f1:0e:f5:1f:c3:a6:ac:ec:2d:dc:14:89:
2d:21:8c:ef:e3:02:68:84:66:52:29:a8:cd:e9:d6:
08:f0:29:40:84:17:88:bb:f7:5f:84:17:66:c8:d9:
58:b1:f8:f5:bf:8d:88:9c:f3:3c:34:4f:7d:78:30:
4c:a2:7e:46:77:62:ee:e4:76:00:d3:de:1f:ef:1b:
c3:25:2c:ca:03:ab:b3:35:86:f6:53:52:d9:fc:f3:
1a:2a:9f:27:46:36:06:1e:9d:a7:aa:0e:67:98:d7:
6a:23:d9:d1:ea:f8:1e:df:50:a0:cb:62:81:94:bf:
3b:be:7d:18:07:6b:a4:7f:6f:8f:2d:27:d1:cb:ff:
10:f7:d6:36:e6:96:3a:d1:f5:a7:c5:8f:1e:80:3a:
93:2f:b7:d7:83:83:60:68:a8:8a:6f:2f:73:a3:56:
c2:3f:75:c6:3c:85:36:ae:ca:b1:d7:64:c6:5d:0d:
99:89:75:68:72:e6:d5:28:a7:19:fa:f6:ee:47:a7:
5f:04:31:e9:e9:b6:8d:b5:9a:89:45:c0:f1:d6:0e:
9c:58:02:7b:56:75:e6:51:14:b4:29:54:5f:bd:94:
cb:1f:f6:d5:5d:36:3a:49:6a:a7:05:75:0f:23:3c:
6f:ab:7e:74:fd:9b:d0:9b:76:31:c3:fc:42:ab:71:
aa:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:A3:A6:27:F5:9F:36:0E:35:CA:7F:D9:ED:86:09:54:6D:1B:43:CF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2B876360CC9911EFA276A291762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.95.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:61:3b:6f:27:4f:2f:1f:5d:43:e5:35:64:88:9e:18:d6:b0:
bc:6e:a0:f6:bc:59:ae:56:f0:63:30:de:64:ec:99:b1:d3:6c:
5b:9e:e2:f0:05:ae:9e:75:0f:cf:4d:67:9e:49:4f:42:06:fd:
4a:ee:25:ab:98:fe:d2:35:48:1e:d0:dd:0d:02:64:a2:6c:2f:
b7:49:21:7d:12:fe:f9:cf:c2:00:e9:0a:7c:2f:68:31:6e:31:
4d:3b:ef:65:b2:55:8e:43:2c:53:89:eb:0b:59:16:8f:b2:9c:
ec:f4:a4:0a:d7:15:57:a8:23:72:4e:76:a0:a6:6b:c0:b8:24:
ee:ac:cf:f0:11:06:ca:71:26:93:ba:ee:65:a0:a5:86:9c:62:
d0:70:68:09:6d:f9:6a:37:5e:ec:f0:6b:35:19:a0:d2:1e:84:
00:a6:ec:d7:a6:71:60:15:18:09:57:64:7c:7a:2f:1f:d2:2a:
53:08:41:b4:9f:d0:91:36:00:9e:c3:fb:20:d0:d0:02:cb:11:
32:dc:7d:6a:96:b8:7e:38:71:20:a0:7c:26:ea:50:70:6e:e3:
18:ff:6c:67:f6:8d:fe:2e:dc:4c:81:ba:24:8b:86:2f:95:f1:
aa:13:19:36:23:4d:10:f4:49:fd:b7:d6:cc:13:c8:3d:4b:eb:
40:17:b5:ab
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPlSMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDE0NjA3WhcNMjcxMjEzMDE0NjA3WjAYMRYw
FAYDVQQDEw02NzdjODc2Mi1lMGVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtfrxDvUfw6as7C3cFIktIYzv4wJohGZSKajN6dYI8ClAhBeIu/dfhBdm
yNlYsfj1v42InPM8NE99eDBMon5Gd2Lu5HYA094f7xvDJSzKA6uzNYb2U1LZ/PMa
Kp8nRjYGHp2nqg5nmNdqI9nR6vge31Cgy2KBlL87vn0YB2ukf2+PLSfRy/8Q99Y2
5pY60fWnxY8egDqTL7fXg4NgaKiKby9zo1bCP3XGPIU2rsqx12TGXQ2ZiXVocubV
KKcZ+vbuR6dfBDHp6baNtZqJRcDx1g6cWAJ7VnXmURS0KVRfvZTLH/bVXTY6SWqn
BXUPIzxvq350/ZvQm3Yxw/xCq3GqoQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLij
pif1nzYONcp/2e2GCVRtG0PPMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yQjg3NjM2MENDOTkxMUVGQTI3NkEyOTE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnONfMA0GCSqGSIb3DQEBCwUA
A4IBAQB+YTtvJ08vH11D5TVkiJ4Y1rC8bqD2vFmuVvBjMN5k7Jmx02xbnuLwBa6e
dQ/PTWeeSU9CBv1K7iWrmP7SNUge0N0NAmSibC+3SSF9Ev75z8IA6Qp8L2gxbjFN
O+9lslWOQyxTiesLWRaPspzs9KQK1xVXqCNyTnagpmvAuCTurM/wEQbKcSaTuu5l
oKWGnGLQcGgJbflqN17s8Gs1GaDSHoQApuzXpnFgFRgJV2R8ei8f0ipTCEG0n9CR
NgCew/sg0NACyxEy3H1qlrh+OHEgoHwm6lBwbuMY/2xn9o3+LtxMgboki4YvlfGq
Exk2I00Q9En9t9bME8g9S+tAF7Wr
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:59:11 2025 by rpki-client