Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2CE6D7FCC98A11EFAEB757BA762E951A.roa
File: 2CE6D7FCC98A11EFAEB757BA762E951A.roa (raw, json)
Hash identifier: d9cgxALM1TWEbykaNGplZ7esXVsYk0MxUgBgKws1lfY=
Subject key identifier: 51:0C:73:19:FB:B1:67:B2:1E:7A:A7:05:CD:E5:11:F8:B6:32:89:A6
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F5A5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2CE6D7FCC98A11EFAEB757BA762E951A.roa
Signing time: Fri 03 Jan 2025 04:21:17 +0000
ROA not before: Fri 03 Jan 2025 04:21:13 +0000
ROA not after: Sat 13 Dec 2025 04:21:13 +0000
asID: 984
IP address blocks: 156.233.37.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62885 (0xf5a5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 04:21:13 2025 GMT
Not After : Dec 13 04:21:13 2025 GMT
Subject: CN=677765bd-ca04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:6e:b9:fa:f7:ab:d9:9b:4f:01:a6:9f:f4:56:
cb:e8:4b:71:38:ba:c6:67:27:6e:a4:8b:c3:8c:94:
ed:84:4f:c4:72:2d:ba:77:02:a7:ed:33:34:b4:06:
ea:80:43:ee:a6:6c:d4:75:77:a6:81:50:a5:75:49:
7c:71:61:0d:7b:6c:63:26:3d:ad:ae:e8:76:36:1a:
bc:30:54:6f:4e:d6:ec:0d:c2:00:e3:ec:2c:72:d1:
09:a8:f3:5b:fd:1a:31:eb:7a:d6:4f:49:17:95:5b:
bf:da:9b:31:b3:ff:d2:58:a8:28:c4:73:01:a9:59:
b7:16:37:66:99:97:d0:4a:68:83:6e:3c:53:ab:99:
fa:31:72:f5:ba:8a:2c:fe:ee:d5:13:0a:18:99:f3:
9e:ec:47:1d:99:b7:f7:af:2a:7b:09:4f:a5:86:85:
38:d8:a9:04:6d:34:4e:48:5a:57:8c:6a:f6:01:20:
cd:9e:a8:38:88:b0:be:28:88:78:c1:d0:3f:3a:e9:
39:e2:2c:93:4c:90:54:8f:3c:64:f6:1b:b5:56:55:
c0:c9:12:48:af:7b:ea:d9:cc:9a:ea:f0:7f:40:1b:
e2:97:d6:4f:cc:2f:27:99:07:b7:64:24:4a:aa:9f:
54:2c:06:6d:64:1f:88:5c:2e:9b:4d:85:f5:73:8a:
3c:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:0C:73:19:FB:B1:67:B2:1E:7A:A7:05:CD:E5:11:F8:B6:32:89:A6
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2CE6D7FCC98A11EFAEB757BA762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.37.0/24
Signature Algorithm: sha256WithRSAEncryption
13:89:fb:c9:8f:66:cb:11:49:e6:45:43:c5:24:fe:6d:1c:6c:
33:6b:70:c3:60:8c:13:f0:e4:fc:6b:bc:51:20:27:f1:27:87:
88:0c:f0:aa:86:62:d1:4f:06:e8:1c:ab:56:d6:22:6c:68:43:
7a:db:2e:ca:18:d3:ba:37:9e:11:39:5c:7c:a9:21:b9:e2:33:
2b:7d:0b:ce:fb:fc:08:2c:ab:1b:1c:27:51:a9:b1:dd:af:dc:
e8:06:78:4f:d9:dc:d6:cc:93:fb:d2:b2:3b:2c:fe:5e:b7:9e:
73:24:c0:e8:59:58:20:6c:9d:6b:77:11:dc:18:ab:86:77:14:
55:ab:ab:02:fb:ba:71:ee:de:64:04:1a:6a:92:74:f3:c6:90:
2c:83:12:44:80:f6:82:76:e8:9e:1a:da:8b:3b:1a:ea:e4:63:
d6:fe:6a:6d:55:22:1b:e3:53:99:9a:fe:e5:a4:f0:f5:d7:e1:
b1:ca:74:3e:fb:43:54:23:c7:ed:58:d6:19:2b:b5:f3:0c:92:
a3:a9:f1:4c:3a:96:51:2f:1d:4f:12:4c:0f:e3:86:64:43:58:
92:44:bf:d6:0c:1e:19:a1:d6:cc:83:e1:93:f6:4b:98:91:19:
58:de:dd:12:54:55:67:c7:5c:d7:7b:93:c4:2b:1b:ca:b3:10:
b1:32:b2:ab
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPWlMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDQyMTEzWhcNMjUxMjEzMDQyMTEzWjAYMRYw
FAYDVQQDEw02Nzc3NjViZC1jYTA0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA8m65+ver2ZtPAaaf9FbL6EtxOLrGZydupIvDjJTthE/Eci26dwKn7TM0
tAbqgEPupmzUdXemgVCldUl8cWENe2xjJj2truh2Nhq8MFRvTtbsDcIA4+wsctEJ
qPNb/Rox63rWT0kXlVu/2psxs//SWKgoxHMBqVm3FjdmmZfQSmiDbjxTq5n6MXL1
uoos/u7VEwoYmfOe7Ecdmbf3ryp7CU+lhoU42KkEbTROSFpXjGr2ASDNnqg4iLC+
KIh4wdA/Ouk54iyTTJBUjzxk9hu1VlXAyRJIr3vq2cya6vB/QBvil9ZPzC8nmQe3
ZCRKqp9ULAZtZB+IXC6bTYX1c4o8swIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFEM
cxn7sWeyHnqnBc3lEfi2MommMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yQ0U2RDdGQ0M5OEExMUVGQUVCNzU3QkE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOklMA0GCSqGSIb3DQEBCwUA
A4IBAQATifvJj2bLEUnmRUPFJP5tHGwza3DDYIwT8OT8a7xRICfxJ4eIDPCqhmLR
TwboHKtW1iJsaEN62y7KGNO6N54ROVx8qSG54jMrfQvO+/wILKsbHCdRqbHdr9zo
BnhP2dzWzJP70rI7LP5et55zJMDoWVggbJ1rdxHcGKuGdxRVq6sC+7px7t5kBBpq
knTzxpAsgxJEgPaCduieGtqLOxrq5GPW/mptVSIb41OZmv7lpPD11+GxynQ++0NU
I8ftWNYZK7XzDJKjqfFMOpZRLx1PEkwP44ZkQ1iSRL/WDB4ZodbMg+GT9kuYkRlY
3t0SVFVnx1zXe5PEKxvKsxCxMrKr
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:53:16 2025 by rpki-client