Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2D4321B0C99411EF9E06737A762E951A.roa
File: 2D4321B0C99411EF9E06737A762E951A.roa (raw, json)
Hash identifier: YefY+Ur1ClCFA9aqnZdD3Dzu95GnKZO9JSLe/Z3Fl88=
Subject key identifier: C7:3D:8A:4C:7B:40:9E:2C:53:AD:15:E1:29:E1:BD:83:9E:37:DF:E8
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F601
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2D4321B0C99411EF9E06737A762E951A.roa
Signing time: Fri 03 Jan 2025 05:32:52 +0000
ROA not before: Fri 03 Jan 2025 05:32:49 +0000
ROA not after: Mon 13 Dec 2027 05:32:49 +0000
asID: 17561
IP address blocks: 156.233.133.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62977 (0xf601)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 05:32:49 2025 GMT
Not After : Dec 13 05:32:49 2027 GMT
Subject: CN=67777684-c9d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:04:74:39:d8:fd:c0:87:20:1d:ad:4b:dd:cd:
a7:92:27:3a:53:8c:7e:6c:d7:59:ad:01:cc:f6:b1:
0e:14:54:63:77:08:cd:51:3a:88:71:6c:af:94:c2:
10:33:e3:81:dd:81:20:6f:06:29:b2:db:5a:0f:36:
3b:64:4e:62:46:dc:48:58:51:ef:14:16:63:15:13:
87:4f:1f:2a:f2:c0:21:49:e8:c7:81:92:e8:13:f8:
1a:04:a5:48:a1:7e:de:c3:48:fd:42:69:6b:72:0d:
d4:1b:25:d2:70:bc:44:15:7b:71:69:dc:a6:c4:1c:
99:bc:b5:66:c0:0d:28:89:a5:d8:65:7b:99:2c:3e:
aa:8d:41:1c:a5:8a:d9:f1:b5:ec:bb:6f:63:9e:3a:
14:2f:30:1b:49:cb:1f:6e:8a:7e:69:60:6f:4f:12:
6c:45:98:4e:da:3a:d3:5d:2e:90:b2:c5:ed:33:74:
0a:00:ce:a0:9f:63:9b:40:40:28:d2:04:93:81:2f:
aa:1c:9d:a9:d3:dc:8e:c9:8c:8c:40:9f:2a:b6:68:
ab:ef:0b:59:d3:05:35:c2:06:ab:68:a6:5a:f9:4d:
20:46:02:0c:12:43:1b:bd:47:c8:8d:0e:b6:e9:2f:
2b:8b:25:ea:c2:1e:ad:8c:09:87:99:d3:45:15:60:
7a:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:3D:8A:4C:7B:40:9E:2C:53:AD:15:E1:29:E1:BD:83:9E:37:DF:E8
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2D4321B0C99411EF9E06737A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.133.0/24
Signature Algorithm: sha256WithRSAEncryption
52:de:62:45:03:3e:09:4f:ca:0b:23:a9:12:f9:47:ad:2a:f4:
47:1a:99:fb:96:c7:6a:7f:78:5a:c7:30:38:e9:21:b0:e2:5f:
81:a3:da:ca:14:12:52:e9:22:a8:1f:62:18:ea:f0:9a:85:f3:
b2:a0:54:f5:60:0c:b8:46:77:9d:8c:ed:ac:a6:9e:33:1c:38:
3a:5a:d3:a7:92:cd:3a:c3:e2:a6:cf:17:e2:83:9c:2a:30:d8:
27:63:66:e0:92:52:04:8b:a1:89:32:51:e6:eb:f0:33:9e:77:
ed:ee:37:a5:05:87:75:59:02:c0:5b:ba:b0:01:0e:d5:c6:0f:
18:cc:59:b9:4f:3f:c6:f2:1a:82:36:41:ca:f0:7e:84:64:6e:
80:80:3e:61:3d:f0:0f:3d:40:6f:92:ba:c8:cf:4c:63:e9:2f:
0a:c3:51:fc:2d:80:62:7d:b9:c2:4d:66:7e:52:a1:84:de:56:
aa:c2:8b:58:20:bb:3e:89:b2:e2:8a:73:5f:a9:c3:58:e4:a9:
d8:13:9e:71:8c:9f:f2:cf:a0:8c:3d:bb:ce:46:70:fa:52:e7:
c2:59:3a:7b:91:7d:8a:ba:df:bd:31:f5:60:64:5e:e4:0b:39:
41:ce:d7:93:df:b7:61:50:8e:45:37:38:99:ec:ef:25:53:39:
90:ab:b4:3d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPYBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDUzMjQ5WhcNMjcxMjEzMDUzMjQ5WjAYMRYw
FAYDVQQDEw02Nzc3NzY4NC1jOWQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzAR0Odj9wIcgHa1L3c2nkic6U4x+bNdZrQHM9rEOFFRjdwjNUTqIcWyv
lMIQM+OB3YEgbwYpsttaDzY7ZE5iRtxIWFHvFBZjFROHTx8q8sAhSejHgZLoE/ga
BKVIoX7ew0j9Qmlrcg3UGyXScLxEFXtxadymxByZvLVmwA0oiaXYZXuZLD6qjUEc
pYrZ8bXsu29jnjoULzAbScsfbop+aWBvTxJsRZhO2jrTXS6QssXtM3QKAM6gn2Ob
QEAo0gSTgS+qHJ2p09yOyYyMQJ8qtmir7wtZ0wU1wgaraKZa+U0gRgIMEkMbvUfI
jQ626S8riyXqwh6tjAmHmdNFFWB6rQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMc9
ikx7QJ4sU60V4SnhvYOeN9/oMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yRDQzMjFCMEM5OTQxMUVGOUUwNjczN0E3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOmFMA0GCSqGSIb3DQEBCwUA
A4IBAQBS3mJFAz4JT8oLI6kS+UetKvRHGpn7lsdqf3haxzA46SGw4l+Bo9rKFBJS
6SKoH2IY6vCahfOyoFT1YAy4RnedjO2spp4zHDg6WtOnks06w+Kmzxfig5wqMNgn
Y2bgklIEi6GJMlHm6/Aznnft7jelBYd1WQLAW7qwAQ7Vxg8YzFm5Tz/G8hqCNkHK
8H6EZG6AgD5hPfAPPUBvkrrIz0xj6S8Kw1H8LYBifbnCTWZ+UqGE3laqwotYILs+
ibLiinNfqcNY5KnYE55xjJ/yz6CMPbvORnD6UufCWTp7kX2Kut+9MfVgZF7kCzlB
zteT37dhUI5FNziZ7O8lUzmQq7Q9
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:38:53 2025 by rpki-client