Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2D4121B2D2EF11EF9C5F485D762E951A.roa
File: 2D4121B2D2EF11EF9C5F485D762E951A.roa (raw, json)
Hash identifier: ZDTw7cIa9xpyVFSrvEBY/1UzOqc02RQTaNovYS+qqqM=
Subject key identifier: A3:97:CB:4D:3A:F4:20:D4:D3:24:CD:B9:AE:BF:DB:2F:10:CE:27:44
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010773
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2D4121B2D2EF11EF9C5F485D762E951A.roa
Signing time: Wed 15 Jan 2025 03:16:57 +0000
ROA not before: Wed 15 Jan 2025 03:16:53 +0000
ROA not after: Sat 03 Jan 2026 03:16:53 +0000
asID: 984
IP address blocks: 156.236.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67443 (0x10773)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 15 03:16:53 2025 GMT
Not After : Jan 3 03:16:53 2026 GMT
Subject: CN=678728a9-f9a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:9d:a7:f1:5d:ed:3d:bd:69:46:b3:0e:9e:f1:
b7:10:ba:08:5c:df:8f:01:c3:77:cd:9d:69:96:58:
06:d4:5f:29:d4:6d:13:52:5e:48:50:a9:b4:d6:43:
52:23:4b:fc:1f:ba:03:f2:6a:dc:f1:0d:47:ed:48:
fd:1b:de:b5:9e:f5:ca:b2:35:0c:6e:e5:ed:f4:93:
85:5a:1b:c8:e4:0c:0e:79:a5:36:83:49:ad:0e:f5:
e3:ff:b5:85:62:f1:44:8c:14:8d:b3:86:c9:91:2f:
e7:fe:16:34:a3:29:62:d4:4a:56:d7:6a:99:1e:5c:
c6:1e:22:ca:ff:0e:ce:ee:56:9a:8a:d6:57:46:e9:
bd:8b:01:d8:a8:3e:75:f2:44:87:81:be:93:b7:66:
43:84:90:19:74:33:5c:82:e9:ad:f0:5a:12:7b:65:
54:f8:17:a4:d8:3d:9a:1a:52:c5:1a:97:88:c8:f1:
84:18:9a:32:25:6b:f4:d6:7f:8e:bb:fb:26:d9:b9:
f3:33:b5:c4:be:c4:8a:d0:d3:20:37:ea:26:95:82:
98:da:36:b9:ec:34:0f:d6:e8:0c:cb:f4:f2:c6:3b:
07:39:f0:c7:99:6d:9f:e6:73:7f:54:c8:aa:ed:45:
cd:21:43:3d:8c:35:15:01:fe:61:17:aa:dd:d1:b2:
63:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:97:CB:4D:3A:F4:20:D4:D3:24:CD:B9:AE:BF:DB:2F:10:CE:27:44
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2D4121B2D2EF11EF9C5F485D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.236.123.0/24
Signature Algorithm: sha256WithRSAEncryption
10:d7:a3:f4:3d:6e:de:ea:78:f6:d8:8c:35:d8:8c:39:18:d1:
37:5d:44:2f:b7:f7:e8:4b:34:43:2a:64:7c:81:70:6e:15:c0:
9c:f8:e9:49:29:6c:b3:68:94:a9:b5:c3:d8:ce:fa:69:a3:19:
27:26:c3:29:39:ec:ba:05:ba:74:13:bd:cc:f6:43:09:ba:39:
eb:42:99:2e:02:fc:dd:4f:44:23:44:df:c5:e3:bb:eb:c5:59:
86:cf:ff:75:ca:c1:19:97:27:a2:59:3c:c0:f7:a4:fa:67:de:
3b:10:58:9f:1b:1e:c8:e5:55:ed:a0:d6:e4:f8:79:98:fc:25:
5a:de:6f:cb:a3:f9:46:28:3a:ef:61:1b:a1:c5:86:5b:68:fa:
20:e5:7d:d0:2a:3d:ad:ca:e6:1d:3e:49:f0:8e:89:ce:bb:93:
34:f2:71:79:fb:5e:ac:e8:57:e0:64:a7:fd:5c:1f:54:92:61:
6d:c7:74:7f:ce:6f:ba:58:42:ea:56:71:b6:86:14:3a:14:18:
cf:ff:67:2c:b8:c5:97:a8:a6:8d:f6:8b:0f:e0:d9:7c:a3:f0:
87:9e:6c:5f:3f:f0:be:12:46:6f:97:ef:7f:aa:c5:8a:e9:bf:
0e:13:2a:a6:64:57:4c:6e:16:3d:57:1e:46:0c:78:b8:62:e9:
18:32:4e:cc
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQdzMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE1MDMxNjUzWhcNMjYwMTAzMDMxNjUzWjAYMRYw
FAYDVQQDEw02Nzg3MjhhOS1mOWEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA152n8V3tPb1pRrMOnvG3ELoIXN+PAcN3zZ1pllgG1F8p1G0TUl5IUKm0
1kNSI0v8H7oD8mrc8Q1H7Uj9G961nvXKsjUMbuXt9JOFWhvI5AwOeaU2g0mtDvXj
/7WFYvFEjBSNs4bJkS/n/hY0oyli1EpW12qZHlzGHiLK/w7O7laaitZXRum9iwHY
qD518kSHgb6Tt2ZDhJAZdDNcgumt8FoSe2VU+Bek2D2aGlLFGpeIyPGEGJoyJWv0
1n+Ou/sm2bnzM7XEvsSK0NMgN+omlYKY2ja57DQP1ugMy/TyxjsHOfDHmW2f5nN/
VMiq7UXNIUM9jDUVAf5hF6rd0bJjYQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKOX
y0069CDU0yTNua6/2y8QzidEMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yRDQxMjFCMkQyRUYxMUVGOUM1RjQ4NUQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOx7MA0GCSqGSIb3DQEBCwUA
A4IBAQAQ16P0PW7e6nj22Iw12Iw5GNE3XUQvt/foSzRDKmR8gXBuFcCc+OlJKWyz
aJSptcPYzvppoxknJsMpOey6Bbp0E73M9kMJujnrQpkuAvzdT0QjRN/F47vrxVmG
z/91ysEZlyeiWTzA96T6Z947EFifGx7I5VXtoNbk+HmY/CVa3m/Lo/lGKDrvYRuh
xYZbaPog5X3QKj2tyuYdPknwjonOu5M08nF5+16s6FfgZKf9XB9UkmFtx3R/zm+6
WELqVnG2hhQ6FBjP/2csuMWXqKaN9osP4Nl8o/CHnmxfP/C+EkZvl+9/qsWK6b8O
EyqmZFdMbhY9Vx5GDHi4YukYMk7M
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:58:24 2025 by rpki-client