Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2C4F9222CCDA11EFB80440BA762E951A.roa
File: 2C4F9222CCDA11EFB80440BA762E951A.roa (raw, json)
Hash identifier: zNHrOxUAjkglCVRbyVIrl6f5sHWBeECzmk2m4zPppmg=
Subject key identifier: 58:64:FE:9E:3F:CE:83:6D:AD:D2:85:CB:39:9B:97:AF:7B:F9:F9:0E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FB48
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2C4F9222CCDA11EFB80440BA762E951A.roa
Signing time: Tue 07 Jan 2025 09:31:29 +0000
ROA not before: Tue 07 Jan 2025 09:31:25 +0000
ROA not after: Mon 13 Dec 2027 09:31:25 +0000
asID: 17561
IP address blocks: 156.233.195.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64328 (0xfb48)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 09:31:25 2025 GMT
Not After : Dec 13 09:31:25 2027 GMT
Subject: CN=677cf471-4096
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:3e:28:36:9b:ec:51:3e:0c:db:74:17:21:7c:
cb:65:f4:de:69:86:58:c7:c1:9e:4b:bc:26:42:a9:
c5:34:02:23:83:19:e2:16:3a:e0:16:e1:31:c6:38:
85:75:7b:c6:ed:8d:ae:37:81:83:1b:55:32:b0:c0:
47:24:5f:66:c7:cb:24:f7:e8:ae:ba:8f:f5:bb:67:
7a:76:5c:2f:cd:0e:2b:f0:cd:65:c6:72:99:e6:d9:
c7:4d:a7:19:7d:d0:0b:36:bf:67:b5:60:c8:ce:58:
57:42:54:31:97:6d:af:aa:8e:2c:f0:47:3a:5f:9a:
4d:53:a1:35:77:31:04:8b:15:fd:63:ab:d3:d8:da:
8e:c9:7a:22:eb:c2:e4:0d:59:a7:6f:a5:b7:14:00:
8f:32:db:9f:9c:7e:a4:07:18:9c:e2:82:84:88:bb:
c1:58:ac:86:6a:82:74:6c:f3:28:cb:c3:77:0f:4a:
4d:16:25:db:26:7e:44:3d:da:ab:b7:78:d5:cb:ac:
09:59:3d:e3:6a:d3:2d:a7:28:ec:89:d7:94:2c:df:
f8:54:17:de:0b:96:ad:f1:a9:38:5c:48:9f:ff:b8:
bb:ed:dc:8d:4d:8a:8e:87:fd:3e:91:a2:fc:88:a5:
c9:9f:e2:29:c2:15:29:11:d2:e0:4d:44:c9:60:8a:
9b:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:64:FE:9E:3F:CE:83:6D:AD:D2:85:CB:39:9B:97:AF:7B:F9:F9:0E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2C4F9222CCDA11EFB80440BA762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.195.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:65:af:e2:5a:74:93:94:d5:61:87:55:d5:f9:e2:0d:73:c2:
39:0f:1c:c5:21:f3:a6:7c:54:4d:44:75:4b:a0:cf:13:b0:ea:
8e:db:8f:9d:95:95:73:eb:4a:0f:9a:30:ce:f8:7f:c4:4a:f5:
80:a7:66:d7:b6:a3:4a:7e:84:10:03:09:92:c8:92:2c:a6:30:
60:9b:1e:21:9c:82:77:63:2a:59:c1:b1:8e:b4:a2:1b:4c:33:
b2:48:4b:36:d1:29:69:bb:41:2f:01:f3:48:4f:cb:b2:e3:20:
5f:d9:aa:34:7a:d1:4f:94:cc:ac:6b:1f:5f:6b:3b:59:3e:b8:
64:19:65:70:20:01:cc:1b:ee:2a:0b:d3:04:3d:89:b3:66:76:
0d:0c:fe:d8:2a:c6:14:2f:0f:a3:8d:f8:80:07:35:7f:ec:d4:
3b:0b:ba:6f:57:9c:20:07:10:63:51:8a:41:7f:2e:07:b5:a9:
5a:7b:78:ad:df:ad:4b:d1:50:92:c2:b9:b4:2b:12:0b:73:80:
65:39:a1:bb:2c:f7:1d:98:25:f7:ec:ff:87:9b:99:6b:e6:41:
7e:09:fa:05:c4:8c:92:5f:0d:95:1e:da:87:3c:f0:c6:ee:8f:
24:f3:a8:66:40:de:3d:12:2c:88:4c:4e:61:b9:96:94:39:2a:
2d:17:db:f3
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPtIMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDkzMTI1WhcNMjcxMjEzMDkzMTI1WjAYMRYw
FAYDVQQDEw02NzdjZjQ3MS00MDk2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyD4oNpvsUT4M23QXIXzLZfTeaYZYx8GeS7wmQqnFNAIjgxniFjrgFuEx
xjiFdXvG7Y2uN4GDG1UysMBHJF9mx8sk9+iuuo/1u2d6dlwvzQ4r8M1lxnKZ5tnH
TacZfdALNr9ntWDIzlhXQlQxl22vqo4s8Ec6X5pNU6E1dzEEixX9Y6vT2NqOyXoi
68LkDVmnb6W3FACPMtufnH6kBxic4oKEiLvBWKyGaoJ0bPMoy8N3D0pNFiXbJn5E
Pdqrt3jVy6wJWT3jatMtpyjsideULN/4VBfeC5at8ak4XEif/7i77dyNTYqOh/0+
kaL8iKXJn+IpwhUpEdLgTUTJYIqbGwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFhk
/p4/zoNtrdKFyzmbl697+fkOMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yQzRGOTIyMkNDREExMUVGQjgwNDQwQkE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOnDMA0GCSqGSIb3DQEBCwUA
A4IBAQB8Za/iWnSTlNVhh1XV+eINc8I5DxzFIfOmfFRNRHVLoM8TsOqO24+dlZVz
60oPmjDO+H/ESvWAp2bXtqNKfoQQAwmSyJIspjBgmx4hnIJ3YypZwbGOtKIbTDOy
SEs20Slpu0EvAfNIT8uy4yBf2ao0etFPlMysax9faztZPrhkGWVwIAHMG+4qC9ME
PYmzZnYNDP7YKsYULw+jjfiABzV/7NQ7C7pvV5wgBxBjUYpBfy4Htalae3it361L
0VCSwrm0KxILc4BlOaG7LPcdmCX37P+Hm5lr5kF+CfoFxIySXw2VHtqHPPDG7o8k
86hmQN49EiyITE5huZaUOSotF9vz
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:54:50 2025 by rpki-client