Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2D982A2ACD5911EF95DF595A762E951A.roa
File: 2D982A2ACD5911EF95DF595A762E951A.roa (raw, json)
Hash identifier: 7KruFgUSsqTPkjKUno+Rbz7aXGNyQYv4pBRWHvUYUFI=
Subject key identifier: C7:05:16:36:F2:C6:6C:EB:B6:C2:ED:AD:A3:01:B9:C0:4A:E5:13:E7
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FEFB
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2D982A2ACD5911EF95DF595A762E951A.roa
Signing time: Wed 08 Jan 2025 00:40:37 +0000
ROA not before: Wed 08 Jan 2025 00:00:34 +0000
ROA not after: Sat 13 Dec 2025 00:00:34 +0000
asID: 984
IP address blocks: 156.247.70.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65275 (0xfefb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 00:00:34 2025 GMT
Not After : Dec 13 00:00:34 2025 GMT
Subject: CN=677dc985-54a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:14:4c:f6:28:92:91:42:96:34:ea:61:bf:92:
b1:e2:e4:3c:18:3c:7f:21:fa:77:8e:fb:5b:ec:5d:
94:98:64:ad:aa:b2:97:08:5d:cc:05:51:54:0a:15:
3b:38:1b:13:f3:22:b2:47:b7:28:12:a4:67:79:6c:
51:1c:89:72:7e:13:c7:fb:e6:8c:82:35:85:35:aa:
e1:3a:44:cf:d3:07:89:a4:25:71:46:f8:aa:72:e2:
91:42:da:4f:a7:55:30:62:8c:6c:63:0a:13:8e:05:
30:5d:0e:fb:1f:c0:90:76:e8:b3:fa:d5:d7:f3:dc:
0d:9c:ef:b2:cc:6e:0d:d7:1f:65:eb:2f:74:14:d9:
77:24:5e:6d:ad:6e:ba:de:f7:18:a3:d1:f4:65:3a:
1d:48:e3:57:e7:07:09:58:f2:a8:dc:ef:cd:69:00:
12:23:a5:35:23:a6:76:9d:d9:c2:d7:04:19:57:30:
bd:d8:b9:89:b6:0e:3e:35:d8:56:32:a8:95:f1:4d:
f8:7c:f6:e8:b3:8c:08:28:82:c0:88:87:53:cb:e6:
54:ea:73:9a:3c:42:0e:af:aa:f6:e7:d1:4a:9c:c9:
b5:ee:05:72:c3:d8:fe:4f:bd:58:00:11:ae:cb:2d:
33:19:70:12:14:30:d6:ad:6e:86:37:d8:61:96:8a:
4b:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:05:16:36:F2:C6:6C:EB:B6:C2:ED:AD:A3:01:B9:C0:4A:E5:13:E7
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2D982A2ACD5911EF95DF595A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.247.70.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:0c:eb:05:14:01:a1:26:5d:1a:e8:aa:25:59:42:f3:b9:6f:
16:f2:c3:83:13:a8:b7:39:50:f6:ba:68:59:ff:ea:1d:7f:34:
d9:87:15:46:69:7f:24:3f:6d:36:75:23:e6:da:73:0b:93:27:
04:22:da:f2:27:92:99:4d:9b:ee:d3:0f:b4:d0:65:f0:9e:d7:
0d:26:29:4f:c1:5b:6c:69:2f:1d:6c:5b:0a:f3:e4:01:13:72:
24:9c:f4:06:47:04:22:35:92:6a:1a:c1:1d:f8:d7:68:33:c2:
a7:c0:9b:c8:fb:76:f9:39:5b:bf:fc:5d:cc:54:b5:e3:c7:fe:
1c:a9:03:4b:50:a5:6e:b1:1a:f4:9b:ca:f4:30:47:9a:51:43:
c7:93:29:09:a3:e1:5f:77:cf:ec:7e:0c:c2:66:10:8f:e2:74:
63:d5:b5:9d:6e:dd:eb:49:fa:41:f9:e6:5f:05:7e:92:e7:4e:
6d:c9:cd:1a:74:cc:30:d9:e6:f2:b8:d0:01:3e:1e:cd:60:a0:
b0:9c:3b:b6:c7:2c:04:21:03:99:30:ac:f2:29:8a:b1:fe:27:
da:a1:2d:fa:44:42:f3:d7:2c:b1:8e:e9:f0:a7:94:e0:e5:1a:
5c:c4:9f:5c:63:41:bb:7e:0b:c6:c3:7e:b0:e8:8f:7c:71:5e:
b5:d8:f2:f6
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP77MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDAwMDM0WhcNMjUxMjEzMDAwMDM0WjAYMRYw
FAYDVQQDEw02NzdkYzk4NS01NGExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuRRM9iiSkUKWNOphv5Kx4uQ8GDx/Ifp3jvtb7F2UmGStqrKXCF3MBVFU
ChU7OBsT8yKyR7coEqRneWxRHIlyfhPH++aMgjWFNarhOkTP0weJpCVxRviqcuKR
QtpPp1UwYoxsYwoTjgUwXQ77H8CQduiz+tXX89wNnO+yzG4N1x9l6y90FNl3JF5t
rW663vcYo9H0ZTodSONX5wcJWPKo3O/NaQASI6U1I6Z2ndnC1wQZVzC92LmJtg4+
NdhWMqiV8U34fPbos4wIKILAiIdTy+ZU6nOaPEIOr6r259FKnMm17gVyw9j+T71Y
ABGuyy0zGXASFDDWrW6GN9hhlopLbQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMcF
FjbyxmzrtsLtraMBucBK5RPnMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yRDk4MkEyQUNENTkxMUVGOTVERjU5NUE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPdGMA0GCSqGSIb3DQEBCwUA
A4IBAQCyDOsFFAGhJl0a6KolWULzuW8W8sODE6i3OVD2umhZ/+odfzTZhxVGaX8k
P202dSPm2nMLkycEItryJ5KZTZvu0w+00GXwntcNJilPwVtsaS8dbFsK8+QBE3Ik
nPQGRwQiNZJqGsEd+NdoM8KnwJvI+3b5OVu//F3MVLXjx/4cqQNLUKVusRr0m8r0
MEeaUUPHkykJo+Ffd8/sfgzCZhCP4nRj1bWdbt3rSfpB+eZfBX6S505tyc0adMww
2ebyuNABPh7NYKCwnDu2xywEIQOZMKzyKYqx/ifaoS36RELz1yyxjunwp5Tg5Rpc
xJ9cY0G7fgvGw36w6I98cV612PL2
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:54:30 2025 by rpki-client