Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2DBAE886CCCC11EFBF093862762E951A.roa
File: 2DBAE886CCCC11EFBF093862762E951A.roa (raw, json)
Hash identifier: KH7wLZeyOv8BM10zQ9r9xxZvdAyYqzo4HscM0sXViKE=
Subject key identifier: C1:0C:DE:89:00:77:57:68:64:EF:6A:C0:85:AB:A4:7A:3A:4E:65:0E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FA86
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2DBAE886CCCC11EFBF093862762E951A.roa
Signing time: Tue 07 Jan 2025 07:51:18 +0000
ROA not before: Tue 07 Jan 2025 07:51:15 +0000
ROA not after: Mon 13 Dec 2027 07:51:15 +0000
asID: 17561
IP address blocks: 156.233.128.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64134 (0xfa86)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 07:51:15 2025 GMT
Not After : Dec 13 07:51:15 2027 GMT
Subject: CN=677cdcf6-b33c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:2e:53:cc:2e:61:01:d0:03:9e:45:65:02:1a:
01:94:c4:80:e1:69:d6:2f:fa:5f:80:6d:c6:e0:ef:
c4:18:64:12:9e:2a:82:e3:89:4f:5f:f2:36:f8:8d:
c0:6b:f8:18:ca:c7:d4:3f:11:65:75:08:09:0c:99:
40:63:36:4e:08:87:46:ae:7d:14:8a:17:63:a1:42:
2e:13:92:cd:70:1b:ca:e1:eb:c3:3f:1d:82:fc:44:
f3:28:17:4d:8f:43:a9:96:e2:e4:21:af:04:c4:1d:
5e:64:8b:ee:fd:3d:bd:69:d6:f4:3c:b3:53:68:95:
69:3a:91:32:93:8d:96:53:06:99:d0:79:b1:6f:4f:
a1:4a:10:6f:50:10:6f:33:c7:2f:87:96:e7:70:0c:
e4:0e:10:30:f4:42:ad:3f:ae:d2:02:ba:b5:b4:b5:
d7:42:c4:59:b6:54:52:8f:cb:6c:56:54:13:fb:99:
21:05:5e:b6:30:db:32:a5:a5:c8:01:b2:1e:52:f3:
01:2f:46:62:c5:c6:f8:ce:8f:c6:52:d9:ba:55:d8:
41:ad:71:4a:ab:c2:cf:4f:fc:e7:7f:9f:a4:13:2f:
15:20:70:e5:a1:a1:7e:a0:fc:b1:3a:59:35:6f:7f:
bd:7c:40:9f:23:60:ed:f3:6c:0e:67:f6:59:8f:f7:
d0:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:0C:DE:89:00:77:57:68:64:EF:6A:C0:85:AB:A4:7A:3A:4E:65:0E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2DBAE886CCCC11EFBF093862762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.128.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:f6:54:25:9d:c9:bc:fc:bb:96:89:fa:89:61:38:a0:6e:de:
ad:68:b8:99:58:5e:09:d7:bb:a0:3b:d3:0f:2c:3a:b1:7b:5c:
cb:69:a0:1d:c3:c7:7d:a9:23:0d:d6:31:48:67:fa:39:34:83:
70:ad:54:f9:f1:25:e5:ca:b2:1c:44:26:87:4a:da:17:ed:bc:
45:fe:d4:e7:4c:c3:0b:33:ac:4d:64:fb:03:3f:08:bc:1b:48:
b6:53:0a:f8:9d:3a:36:66:e3:c8:c2:a4:ff:d4:da:61:01:15:
d7:e8:ec:fa:63:88:0f:41:88:42:c2:39:21:ad:b6:8c:0b:b8:
52:cc:a3:7f:50:a1:95:55:a9:13:a4:af:d1:84:14:85:6f:18:
c2:b4:a2:74:33:e4:bd:dc:6d:6d:d3:d8:fa:50:63:ec:b3:55:
e4:9b:06:85:89:15:25:98:03:ed:b4:6f:ad:87:69:03:99:b2:
4c:0b:e1:db:6e:9d:a0:47:c1:53:0a:0a:94:74:50:71:6b:c5:
5d:2f:62:f8:22:68:bc:d1:da:8b:ef:9a:45:e6:24:3f:6a:75:
17:34:60:0d:b8:41:e6:39:ff:c0:ad:0b:11:2a:9f:4d:db:bd:
c6:dc:65:f7:43:98:79:15:ca:67:11:f6:6c:01:c8:28:79:ee:
8c:5e:89:f9
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPqGMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDc1MTE1WhcNMjcxMjEzMDc1MTE1WjAYMRYw
FAYDVQQDEw02NzdjZGNmNi1iMzNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvy5TzC5hAdADnkVlAhoBlMSA4WnWL/pfgG3G4O/EGGQSniqC44lPX/I2
+I3Aa/gYysfUPxFldQgJDJlAYzZOCIdGrn0UihdjoUIuE5LNcBvK4evDPx2C/ETz
KBdNj0OpluLkIa8ExB1eZIvu/T29adb0PLNTaJVpOpEyk42WUwaZ0Hmxb0+hShBv
UBBvM8cvh5bncAzkDhAw9EKtP67SArq1tLXXQsRZtlRSj8tsVlQT+5khBV62MNsy
paXIAbIeUvMBL0Zixcb4zo/GUtm6VdhBrXFKq8LPT/znf5+kEy8VIHDloaF+oPyx
Olk1b3+9fECfI2Dt82wOZ/ZZj/fQbQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMEM
3okAd1doZO9qwIWrpHo6TmUOMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yREJBRTg4NkNDQ0MxMUVGQkYwOTM4NjI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOmAMA0GCSqGSIb3DQEBCwUA
A4IBAQAa9lQlncm8/LuWifqJYTigbt6taLiZWF4J17ugO9MPLDqxe1zLaaAdw8d9
qSMN1jFIZ/o5NINwrVT58SXlyrIcRCaHStoX7bxF/tTnTMMLM6xNZPsDPwi8G0i2
Uwr4nTo2ZuPIwqT/1NphARXX6Oz6Y4gPQYhCwjkhrbaMC7hSzKN/UKGVVakTpK/R
hBSFbxjCtKJ0M+S93G1t09j6UGPss1XkmwaFiRUlmAPttG+th2kDmbJMC+Hbbp2g
R8FTCgqUdFBxa8VdL2L4Imi80dqL75pF5iQ/anUXNGANuEHmOf/ArQsRKp9N273G
3GX3Q5h5FcpnEfZsAcgoee6MXon5
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:45:09 2025 by rpki-client