Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2BADCFC8CC9411EF8302156D762E951A.roa
File: 2BADCFC8CC9411EF8302156D762E951A.roa (raw, json)
Hash identifier: HTeS5VTDhqXHvqKiKevsHhSJibPm8SXMOhtjIauSEPg=
Subject key identifier: 75:82:69:C6:80:7E:77:B3:D0:26:EF:9C:A5:91:E0:F5:14:D2:C1:81
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F926
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2BADCFC8CC9411EF8302156D762E951A.roa
Signing time: Tue 07 Jan 2025 01:10:23 +0000
ROA not before: Tue 07 Jan 2025 01:10:20 +0000
ROA not after: Mon 13 Dec 2027 01:10:20 +0000
asID: 17561
IP address blocks: 156.227.71.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63782 (0xf926)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 01:10:20 2025 GMT
Not After : Dec 13 01:10:20 2027 GMT
Subject: CN=677c7eff-4692
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:d0:37:42:14:52:30:d4:43:4a:dd:6a:97:25:
1f:36:22:2b:57:5a:df:bf:46:ca:8e:5d:5a:16:d0:
4c:e4:e2:00:56:10:95:e5:b3:25:a3:77:52:d9:82:
82:07:b4:f1:f1:d4:da:70:ae:58:01:7b:9b:6b:a3:
ea:9f:ce:37:cc:40:21:0e:e3:13:ce:68:b0:44:a7:
3a:06:97:91:a2:13:39:45:3c:b6:d4:6e:8c:cb:70:
c1:b4:02:62:01:6c:88:1f:a4:1d:d7:b4:17:62:f0:
04:8c:ce:68:76:77:94:63:f2:fa:dd:49:cd:9f:5b:
d1:00:59:f5:a9:9a:d9:c2:62:6d:b6:1e:94:84:7d:
ca:c0:42:81:8c:af:70:cc:eb:be:63:57:39:37:21:
c7:b5:b0:b7:d9:fa:10:77:28:94:cf:32:b7:6a:e4:
31:e5:95:57:2f:1b:e0:a9:02:2d:8f:7c:83:00:62:
83:20:3b:df:e8:7e:19:64:65:34:e0:57:4e:ce:62:
95:ab:4e:78:40:4a:59:09:b8:07:63:e0:17:92:17:
09:8c:03:08:1f:fd:e7:49:c3:96:52:10:4a:57:25:
94:d7:1a:2a:38:1e:c1:c5:c2:a7:ac:09:e6:1c:80:
8b:2a:fa:8e:8a:8c:62:7d:66:3e:c4:3d:39:31:6e:
fd:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:82:69:C6:80:7E:77:B3:D0:26:EF:9C:A5:91:E0:F5:14:D2:C1:81
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2BADCFC8CC9411EF8302156D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.71.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:88:8b:1a:a8:6b:75:af:40:1d:78:12:84:51:5d:c9:95:34:
35:09:1f:2a:c0:b6:48:69:ed:68:cc:cc:32:c2:02:a4:b3:55:
dc:c4:45:38:9d:0c:f8:30:58:06:24:1c:c7:7e:dc:a6:6a:8a:
01:5a:3c:1d:cd:fe:aa:67:d4:cc:08:21:a1:20:be:85:4f:6e:
59:d2:c8:39:e6:37:20:12:eb:f9:37:20:53:a7:3f:f3:67:b8:
e6:ba:54:2b:94:04:39:5c:79:8e:1f:c7:91:42:c1:c8:f5:68:
09:1a:c7:e4:be:ad:db:4b:36:6b:d4:d6:56:fa:70:fb:26:a4:
88:05:77:0c:38:38:64:85:35:e1:5d:ca:9f:81:f8:22:ae:4b:
8e:e6:22:be:ea:1c:ce:50:96:b1:9e:50:c0:b3:88:8d:2c:4f:
7f:78:7a:8f:58:32:ba:b4:84:92:9d:77:e0:fa:e6:b0:66:3b:
15:d4:f1:3b:e9:d8:6e:33:da:1a:08:78:5d:e7:51:9d:6b:f2:
63:80:66:0a:15:69:66:99:f4:e9:29:7b:17:c8:58:e6:18:9f:
1e:18:46:73:53:94:6e:f9:42:0d:2e:9b:af:e3:21:a4:bd:e6:
86:e3:d4:80:0d:8c:d2:57:60:15:fe:6f:1a:ff:6b:0a:c3:e0:
a6:26:1b:a5
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPkmMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDExMDIwWhcNMjcxMjEzMDExMDIwWjAYMRYw
FAYDVQQDEw02NzdjN2VmZi00NjkyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAytA3QhRSMNRDSt1qlyUfNiIrV1rfv0bKjl1aFtBM5OIAVhCV5bMlo3dS
2YKCB7Tx8dTacK5YAXuba6Pqn843zEAhDuMTzmiwRKc6BpeRohM5RTy21G6My3DB
tAJiAWyIH6Qd17QXYvAEjM5odneUY/L63UnNn1vRAFn1qZrZwmJtth6UhH3KwEKB
jK9wzOu+Y1c5NyHHtbC32foQdyiUzzK3auQx5ZVXLxvgqQItj3yDAGKDIDvf6H4Z
ZGU04FdOzmKVq054QEpZCbgHY+AXkhcJjAMIH/3nScOWUhBKVyWU1xoqOB7BxcKn
rAnmHICLKvqOioxifWY+xD05MW79gwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHWC
acaAfnez0CbvnKWR4PUU0sGBMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yQkFEQ0ZDOENDOTQxMUVGODMwMjE1NkQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnONHMA0GCSqGSIb3DQEBCwUA
A4IBAQC3iIsaqGt1r0AdeBKEUV3JlTQ1CR8qwLZIae1ozMwywgKks1XcxEU4nQz4
MFgGJBzHftymaooBWjwdzf6qZ9TMCCGhIL6FT25Z0sg55jcgEuv5NyBTpz/zZ7jm
ulQrlAQ5XHmOH8eRQsHI9WgJGsfkvq3bSzZr1NZW+nD7JqSIBXcMODhkhTXhXcqf
gfgirkuO5iK+6hzOUJaxnlDAs4iNLE9/eHqPWDK6tISSnXfg+uawZjsV1PE76dhu
M9oaCHhd51Gda/JjgGYKFWlmmfTpKXsXyFjmGJ8eGEZzU5Ru+UINLpuv4yGkveaG
49SADYzSV2AV/m8a/2sKw+CmJhul
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:59:13 2025 by rpki-client