Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2CCA616ACD7911EF997C8FB9762E951A.roa
File: 2CCA616ACD7911EF997C8FB9762E951A.roa (raw, json)
Hash identifier: G2YSv8AK+JnxWYej5vumcW3eOut8ir/17cDdoZyT59Q=
Subject key identifier: 38:92:63:22:28:CB:C3:67:CA:4D:29:ED:4A:8C:30:49:8B:9F:88:9A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FFC9
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2CCA616ACD7911EF997C8FB9762E951A.roa
Signing time: Wed 08 Jan 2025 04:29:40 +0000
ROA not before: Wed 08 Jan 2025 04:29:36 +0000
ROA not after: Sat 13 Dec 2025 04:29:36 +0000
asID: 984
IP address blocks: 156.250.41.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65481 (0xffc9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 04:29:36 2025 GMT
Not After : Dec 13 04:29:36 2025 GMT
Subject: CN=677dff34-43f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:41:9a:e1:a9:93:aa:f2:09:ef:2f:70:db:37:
09:42:93:14:b1:31:5f:cb:65:77:cc:47:c6:5a:bc:
f4:95:7d:fc:f5:69:0a:bc:60:a2:67:6d:98:a1:8f:
bc:9a:7c:cc:d5:36:3c:f1:ba:d3:6e:61:25:23:38:
45:f7:b5:e6:7a:bc:4b:7d:55:84:bb:b4:81:13:f7:
a0:cc:b2:49:d1:49:81:91:cc:cb:6a:48:c4:7e:c4:
47:3a:5a:6f:71:d6:f8:33:76:23:65:52:84:85:43:
08:f4:ab:67:74:87:60:df:ac:cb:6e:90:84:40:fe:
c9:38:01:a9:d0:8b:de:02:77:b6:a8:bf:5d:df:26:
37:d9:5c:14:da:38:d9:23:7e:68:f0:7b:bd:87:cd:
62:f8:7d:d6:26:5f:29:73:e6:7b:e6:bb:67:89:6f:
87:2b:c8:b0:36:22:87:34:b0:c4:0a:7b:f0:46:d6:
44:b0:16:cd:4f:a6:c5:40:0e:39:89:fb:d7:bc:ba:
b9:c6:6c:a1:56:bf:79:cc:6a:93:3c:4f:9f:88:1b:
f8:00:72:91:18:88:63:78:a1:1b:53:cd:dd:05:33:
c6:a0:ea:44:01:0b:6c:db:e0:88:e4:a3:61:d9:0a:
32:bf:31:69:63:94:b9:25:88:ae:be:75:94:86:b5:
19:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:92:63:22:28:CB:C3:67:CA:4D:29:ED:4A:8C:30:49:8B:9F:88:9A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2CCA616ACD7911EF997C8FB9762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.250.41.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:ec:d5:25:cb:ff:e0:f4:ef:7a:c2:19:09:2e:93:82:bf:2d:
72:87:c4:f8:a1:63:99:bf:8a:0a:3e:6e:e1:96:da:8f:e5:d3:
20:f8:77:02:86:bc:21:29:95:7a:d8:36:05:b0:f4:13:bb:f5:
c7:7d:fa:ee:56:fe:5b:d8:d6:68:4a:91:4c:56:b6:b7:1b:4b:
46:ba:5f:a5:99:b9:ae:07:89:c7:6b:cf:b5:18:15:f5:42:48:
ec:5c:66:df:07:fa:eb:22:44:57:dc:c0:17:a8:b3:3a:99:ab:
72:1b:a2:65:47:cd:e6:71:61:9e:25:b1:cd:4d:b9:48:bf:e7:
d4:c6:cb:ff:2d:17:b3:1b:ce:2f:6d:33:aa:2e:ab:c1:d3:7c:
37:bd:b9:ca:19:3f:78:7f:04:86:f0:d1:56:c7:d3:23:a0:49:
ba:0e:54:63:26:52:9f:5d:63:74:8c:49:96:a9:c3:0f:d2:4e:
b5:19:cd:b4:2b:13:ed:e7:ec:ef:52:54:45:6f:f7:e7:f4:3d:
95:f4:55:65:90:e4:75:3e:35:c6:05:73:11:94:fe:b0:82:93:
36:ce:9c:94:90:31:9a:97:6b:ee:1b:84:83:03:b5:18:4e:98:
03:c7:e3:3d:43:a1:74:15:be:61:9b:a8:a1:d4:74:3e:6d:17:
d6:f2:24:5e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP/JMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDQyOTM2WhcNMjUxMjEzMDQyOTM2WjAYMRYw
FAYDVQQDEw02NzdkZmYzNC00M2YyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwUGa4amTqvIJ7y9w2zcJQpMUsTFfy2V3zEfGWrz0lX389WkKvGCiZ22Y
oY+8mnzM1TY88brTbmElIzhF97XmerxLfVWEu7SBE/egzLJJ0UmBkczLakjEfsRH
Olpvcdb4M3YjZVKEhUMI9KtndIdg36zLbpCEQP7JOAGp0IveAne2qL9d3yY32VwU
2jjZI35o8Hu9h81i+H3WJl8pc+Z75rtniW+HK8iwNiKHNLDECnvwRtZEsBbNT6bF
QA45ifvXvLq5xmyhVr95zGqTPE+fiBv4AHKRGIhjeKEbU83dBTPGoOpEAQts2+CI
5KNh2QoyvzFpY5S5JYiuvnWUhrUZewIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDiS
YyIoy8Nnyk0p7UqMMEmLn4iaMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yQ0NBNjE2QUNENzkxMUVGOTk3QzhGQjk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPopMA0GCSqGSIb3DQEBCwUA
A4IBAQC17NUly//g9O96whkJLpOCvy1yh8T4oWOZv4oKPm7hltqP5dMg+HcChrwh
KZV62DYFsPQTu/XHffruVv5b2NZoSpFMVra3G0tGul+lmbmuB4nHa8+1GBX1Qkjs
XGbfB/rrIkRX3MAXqLM6matyG6JlR83mcWGeJbHNTblIv+fUxsv/LRezG84vbTOq
LqvB03w3vbnKGT94fwSG8NFWx9MjoEm6DlRjJlKfXWN0jEmWqcMP0k61Gc20KxPt
5+zvUlRFb/fn9D2V9FVlkOR1PjXGBXMRlP6wgpM2zpyUkDGal2vuG4SDA7UYTpgD
x+M9Q6F0Fb5hm6ih1HQ+bRfW8iRe
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:52:09 2025 by rpki-client