Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2B8ED238CE4911EFA098876B762E951A.roa
File: 2B8ED238CE4911EFA098876B762E951A.roa (raw, json)
Hash identifier: ZOR4NVjt0FE7dHo0SmajckMapE/jW2oYjfkU/g7IVPg=
Subject key identifier: 06:39:D8:BF:B5:C5:5F:F0:04:09:A0:32:7F:91:F8:BC:4E:61:31:F4
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0102AD
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2B8ED238CE4911EFA098876B762E951A.roa
Signing time: Thu 09 Jan 2025 05:18:33 +0000
ROA not before: Thu 09 Jan 2025 05:18:29 +0000
ROA not after: Fri 09 Jan 2026 05:18:29 +0000
asID: 17561
IP address blocks: 156.238.42.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66221 (0x102ad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 9 05:18:29 2025 GMT
Not After : Jan 9 05:18:29 2026 GMT
Subject: CN=677f5c29-4f32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:82:9a:dd:b6:16:b1:51:c9:ca:31:52:03:be:
40:b2:e0:79:3b:a6:63:d4:85:4e:1a:3d:2b:b3:2f:
77:09:da:59:ad:fb:27:99:62:50:72:89:f0:17:69:
0a:6b:d3:96:0a:67:35:3a:6a:a3:16:fb:30:92:26:
8a:93:c9:07:65:df:f9:56:30:16:5d:48:78:ff:35:
10:b1:9e:6d:fd:d3:a4:99:82:f0:02:66:bd:18:d2:
1f:e1:4c:09:98:0a:1f:33:81:96:b4:ae:08:31:d5:
3a:04:d4:20:f6:89:22:52:cc:3c:c7:98:a8:1d:b2:
66:03:f8:bc:41:e7:25:4e:cb:7e:5e:23:b6:5d:b9:
78:99:02:93:e5:7a:95:eb:78:0a:f7:64:5f:05:51:
a2:c2:1d:e8:c2:48:ba:68:7d:e2:22:66:12:5f:fc:
92:45:64:a2:d7:26:ce:9c:c5:c3:86:03:bc:9d:a5:
f9:a3:8b:0c:3a:cb:d0:d3:fc:29:e8:d7:ad:41:44:
38:11:2a:ab:17:dc:57:e4:47:d8:e3:4c:29:67:e9:
7b:3b:fd:fd:3b:cd:48:c7:fd:ea:40:3c:e9:85:dd:
27:19:5b:1f:f2:35:8a:22:9f:c9:16:77:34:c7:76:
ce:d3:fd:77:12:af:76:9f:68:79:76:df:f6:1c:cf:
31:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:39:D8:BF:B5:C5:5F:F0:04:09:A0:32:7F:91:F8:BC:4E:61:31:F4
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2B8ED238CE4911EFA098876B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.42.0/24
Signature Algorithm: sha256WithRSAEncryption
42:4a:35:10:91:16:c5:ea:42:2c:b2:bf:9b:3e:c7:2d:6d:44:
84:f4:69:20:cc:53:38:d2:e3:85:86:02:d8:47:7a:13:5d:61:
4a:1c:f3:de:dd:e0:81:95:eb:bb:8b:bb:a1:f4:5c:7a:d7:d0:
74:0f:4f:6d:d6:f9:18:2c:0c:7a:f3:a7:19:f7:4c:f8:a3:57:
be:32:bd:89:e4:1e:fd:84:4f:b6:59:31:6b:f3:e9:92:a3:ce:
ae:67:e0:e8:94:c1:7a:1c:d1:68:93:6c:9f:90:fd:66:4a:03:
0e:56:5f:3e:17:b2:a8:58:5d:a1:3b:5a:0d:26:da:0a:8d:b6:
8d:ac:ce:4a:a3:cd:35:2b:91:0e:27:fb:15:0f:ce:36:94:f2:
55:3f:35:06:4b:59:55:47:70:cf:5f:29:0c:fd:1c:55:c3:18:
b2:de:47:dc:e0:ed:32:ed:e9:e6:6a:f1:34:79:d5:05:ec:f7:
b0:02:9e:5b:6b:51:3a:3d:85:e4:f3:43:d5:f8:c5:4c:a8:88:
7d:82:a1:22:3a:01:01:ff:05:3b:5d:da:f1:27:ba:cd:25:56:
d8:4a:f4:34:24:5c:cf:1a:c4:ec:d6:39:5d:8f:00:da:4a:1b:
2c:1c:ed:ab:ee:25:a8:49:d7:35:41:b7:ec:bd:d7:7c:d1:ba:
7b:59:06:03
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQKtMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA5MDUxODI5WhcNMjYwMTA5MDUxODI5WjAYMRYw
FAYDVQQDEw02NzdmNWMyOS00ZjMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuYKa3bYWsVHJyjFSA75AsuB5O6Zj1IVOGj0rsy93CdpZrfsnmWJQconw
F2kKa9OWCmc1OmqjFvswkiaKk8kHZd/5VjAWXUh4/zUQsZ5t/dOkmYLwAma9GNIf
4UwJmAofM4GWtK4IMdU6BNQg9okiUsw8x5ioHbJmA/i8QeclTst+XiO2Xbl4mQKT
5XqV63gK92RfBVGiwh3owki6aH3iImYSX/ySRWSi1ybOnMXDhgO8naX5o4sMOsvQ
0/wp6NetQUQ4ESqrF9xX5EfY40wpZ+l7O/39O81Ix/3qQDzphd0nGVsf8jWKIp/J
Fnc0x3bO0/13Eq92n2h5dt/2HM8xxQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAY5
2L+1xV/wBAmgMn+R+LxOYTH0MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yQjhFRDIzOENFNDkxMUVGQTA5ODg3NkI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO4qMA0GCSqGSIb3DQEBCwUA
A4IBAQBCSjUQkRbF6kIssr+bPsctbUSE9GkgzFM40uOFhgLYR3oTXWFKHPPe3eCB
leu7i7uh9Fx619B0D09t1vkYLAx686cZ90z4o1e+Mr2J5B79hE+2WTFr8+mSo86u
Z+DolMF6HNFok2yfkP1mSgMOVl8+F7KoWF2hO1oNJtoKjbaNrM5Ko801K5EOJ/sV
D842lPJVPzUGS1lVR3DPXykM/RxVwxiy3kfc4O0y7enmavE0edUF7PewAp5ba1E6
PYXk80PV+MVMqIh9gqEiOgEB/wU7XdrxJ7rNJVbYSvQ0JFzPGsTs1jldjwDaShss
HO2r7iWoSdc1Qbfsvdd80bp7WQYD
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:00:24 2025 by rpki-client