Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2C960B20C97F11EFBBB09571762E951A.roa
File: 2C960B20C97F11EFBBB09571762E951A.roa (raw, json)
Hash identifier: xbkKQkFRGzpczogqZ7lvpTb4C188c00d0xASA4nw8tw=
Subject key identifier: 03:F6:27:EA:17:13:71:F2:3F:AC:C1:72:5B:36:6A:6D:D7:BB:E1:8E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F53D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2C960B20C97F11EFBBB09571762E951A.roa
Signing time: Fri 03 Jan 2025 03:02:32 +0000
ROA not before: Fri 03 Jan 2025 03:02:28 +0000
ROA not after: Sat 13 Dec 2025 03:02:28 +0000
asID: 984
IP address blocks: 156.229.237.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62781 (0xf53d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 03:02:28 2025 GMT
Not After : Dec 13 03:02:28 2025 GMT
Subject: CN=67775348-7b38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:cf:7a:17:fe:2c:b5:41:4d:5e:c4:0b:c2:96:
ef:32:93:a6:92:a3:cb:21:d0:c1:51:f0:03:00:19:
b4:e7:e5:76:39:17:07:a7:02:87:b9:34:44:db:fb:
5d:44:09:24:66:02:ec:de:ce:6d:51:e8:2a:54:d4:
68:b2:d6:56:ac:04:3f:57:1f:90:ef:2a:ec:2f:a8:
74:24:05:e0:15:fa:2b:36:90:b1:49:b7:d6:36:81:
b4:4a:92:c9:2e:b0:f7:36:cb:c7:72:ee:e2:96:74:
e9:03:68:28:78:07:b8:28:32:55:94:4a:7f:1a:da:
65:43:d1:dd:bd:3f:dc:c7:ca:d7:06:6a:aa:5e:0c:
64:b7:a7:a8:38:d1:7e:91:23:07:ed:fe:3b:f4:fb:
18:d9:49:2b:e4:7c:a6:c4:b1:2f:26:f9:45:d6:56:
9d:ba:5b:d3:71:af:e8:5e:e8:5b:cb:96:fd:c7:24:
65:e3:5d:b5:7a:9c:ba:91:ea:01:4c:d9:57:e5:de:
1c:03:7b:b4:b8:f0:51:65:f2:70:29:24:72:2c:cf:
4d:c7:68:9c:22:36:0b:af:5a:b1:14:e8:46:dc:ba:
ed:e0:42:2c:71:68:11:27:cd:72:0b:93:8f:52:20:
ea:ff:6b:30:54:06:30:1e:85:be:f2:07:e6:e0:f8:
9e:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:F6:27:EA:17:13:71:F2:3F:AC:C1:72:5B:36:6A:6D:D7:BB:E1:8E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2C960B20C97F11EFBBB09571762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.237.0/24
Signature Algorithm: sha256WithRSAEncryption
16:5a:fa:d5:07:71:10:18:07:87:e5:6b:db:ef:b5:a9:0e:69:
19:c0:3a:3b:8f:97:de:77:b9:84:62:6b:5a:e0:52:8d:b2:c5:
ea:72:b3:7c:bd:9e:a6:39:9a:54:97:d7:c2:11:05:9b:81:bc:
85:44:ae:d8:2f:a4:1d:cb:bf:14:c7:92:cf:52:8c:29:6f:ac:
22:c0:d1:77:45:36:14:17:16:d2:0e:20:8a:fe:ec:53:64:d6:
be:a0:55:28:f1:60:3c:57:e7:ac:68:8a:40:5e:f8:5e:50:81:
da:8f:bc:bd:7a:38:9e:5e:59:e1:e2:99:aa:96:ea:fd:be:44:
6d:0d:40:d3:01:28:88:3c:e4:b7:b8:73:a7:40:a2:42:56:16:
5d:43:04:00:58:67:a3:dd:17:27:5b:7f:30:1e:4a:e2:77:10:
e7:99:14:6c:27:2b:30:10:5c:67:24:17:ee:05:d1:9c:fd:e9:
ce:4a:7b:c7:2e:be:0b:6b:6d:c8:69:12:0c:39:85:a4:8c:8d:
37:2d:6d:e7:6a:3a:8d:e9:d3:71:df:8a:be:62:df:9d:67:9c:
c4:cb:d7:96:d4:08:6d:e2:e9:1e:86:66:c3:e7:29:50:10:0d:
d1:ce:0e:2f:03:cc:12:fa:2e:0d:f6:6b:ad:0a:2e:c8:e8:70:
34:df:09:cc
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPU9MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDMwMjI4WhcNMjUxMjEzMDMwMjI4WjAYMRYw
FAYDVQQDEw02Nzc3NTM0OC03YjM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4c96F/4stUFNXsQLwpbvMpOmkqPLIdDBUfADABm05+V2ORcHpwKHuTRE
2/tdRAkkZgLs3s5tUegqVNRostZWrAQ/Vx+Q7yrsL6h0JAXgFforNpCxSbfWNoG0
SpLJLrD3NsvHcu7ilnTpA2goeAe4KDJVlEp/GtplQ9HdvT/cx8rXBmqqXgxkt6eo
ONF+kSMH7f479PsY2Ukr5HymxLEvJvlF1ladulvTca/oXuhby5b9xyRl4121epy6
keoBTNlX5d4cA3u0uPBRZfJwKSRyLM9Nx2icIjYLr1qxFOhG3Lrt4EIscWgRJ81y
C5OPUiDq/2swVAYwHoW+8gfm4PiesQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAP2
J+oXE3HyP6zBcls2am3Xu+GOMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yQzk2MEIyMEM5N0YxMUVGQkJCMDk1NzE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOXtMA0GCSqGSIb3DQEBCwUA
A4IBAQAWWvrVB3EQGAeH5Wvb77WpDmkZwDo7j5fed7mEYmta4FKNssXqcrN8vZ6m
OZpUl9fCEQWbgbyFRK7YL6Qdy78Ux5LPUowpb6wiwNF3RTYUFxbSDiCK/uxTZNa+
oFUo8WA8V+esaIpAXvheUIHaj7y9ejieXlnh4pmqlur9vkRtDUDTASiIPOS3uHOn
QKJCVhZdQwQAWGej3RcnW38wHkridxDnmRRsJyswEFxnJBfuBdGc/enOSnvHLr4L
a23IaRIMOYWkjI03LW3najqN6dNx34q+Yt+dZ5zEy9eW1Aht4ukehmbD5ylQEA3R
zg4vA8wS+i4N9mutCi7I6HA03wnM
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:45:49 2025 by rpki-client