Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2DD376D4CCC311EFBF773EA8762E951A.roa
File: 2DD376D4CCC311EFBF773EA8762E951A.roa (raw, json)
Hash identifier: bdCHPRwRgpyAbvpBmL6lbt722CLxLgqhPBmsHO6OE+Y=
Subject key identifier: 6A:EC:BC:51:27:AC:7E:49:7E:8F:CD:64:AF:B8:69:74:37:1D:DA:9D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FA3E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2DD376D4CCC311EFBF773EA8762E951A.roa
Signing time: Tue 07 Jan 2025 06:46:53 +0000
ROA not before: Tue 07 Jan 2025 06:46:49 +0000
ROA not after: Sat 13 Dec 2025 06:46:49 +0000
asID: 984
IP address blocks: 156.233.50.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64062 (0xfa3e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 06:46:49 2025 GMT
Not After : Dec 13 06:46:49 2025 GMT
Subject: CN=677ccddd-3006
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:04:a2:62:78:02:4a:b1:c7:89:44:9a:01:5f:
02:8e:69:06:3d:8d:45:cd:50:31:18:94:28:19:82:
e0:23:17:df:7d:d6:50:b8:13:55:9e:1d:3a:3e:e3:
d8:2a:7c:8a:29:44:ca:01:1d:d7:18:e5:25:94:c2:
32:90:35:96:53:73:16:1f:85:d0:99:52:14:51:15:
99:88:8e:ca:bd:06:eb:3a:36:71:95:2f:3e:4f:9e:
6e:9b:cc:b0:fa:5a:be:18:42:b2:d5:f8:33:30:4a:
1f:73:14:26:fd:4e:dc:86:44:a2:f4:6f:a0:34:d1:
5a:78:d5:9c:16:a9:6e:f9:8b:8e:95:c7:89:72:45:
6a:b1:4d:10:5e:46:ea:f0:bf:dc:01:df:b1:90:ac:
f3:0f:83:3b:74:42:18:3e:03:11:6d:43:77:04:77:
14:61:96:2c:58:91:81:b6:bb:b4:5d:98:37:a2:3a:
3b:7a:78:9a:f4:d0:e4:0b:24:11:a7:2f:82:ff:44:
b7:30:02:d3:9b:a5:9c:e6:69:5e:44:51:61:79:1e:
84:df:c0:20:75:cb:c6:b1:b5:c4:8e:9e:b8:02:5a:
c4:1a:02:97:83:ac:2a:fa:1e:c6:9f:e3:2b:84:d7:
49:7e:a8:7c:96:ef:d2:57:38:9a:7b:b2:15:f0:a4:
e1:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:EC:BC:51:27:AC:7E:49:7E:8F:CD:64:AF:B8:69:74:37:1D:DA:9D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2DD376D4CCC311EFBF773EA8762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.50.0/24
Signature Algorithm: sha256WithRSAEncryption
91:97:63:57:c0:db:d8:67:6f:3a:3f:8c:52:d3:15:e9:7b:95:
29:be:f0:9c:b0:4b:90:d7:75:73:c9:c2:ca:48:b8:a4:65:8b:
24:55:45:42:d3:fe:b5:98:b5:33:e5:08:3f:44:6a:02:a0:9f:
75:81:5b:6c:8c:f5:22:2c:95:69:04:7a:c8:f2:75:62:12:42:
c2:2c:67:b2:87:f4:4d:f6:06:f6:d7:f5:b7:d9:b9:22:8b:5e:
03:3e:d9:a2:04:81:4d:1d:75:f2:c7:03:13:91:8d:42:4e:a3:
77:8c:65:03:88:92:37:46:37:5b:83:66:bd:47:5c:db:b6:5f:
62:ab:12:5a:7f:92:11:0b:e8:81:e5:ae:5a:f6:a8:74:54:eb:
34:c6:c9:d9:10:b7:d0:73:84:b6:ab:5c:10:97:a1:10:5f:9a:
48:78:c3:a3:42:14:a7:0b:d2:74:ed:29:00:a9:16:cc:1d:1e:
e6:6c:b8:d8:b4:e6:85:2b:41:ab:ef:56:03:0e:2e:d5:f1:81:
68:74:a9:ce:6e:ca:93:eb:9f:64:bd:e7:1f:7b:6e:c1:25:e7:
95:e8:1b:bc:fa:60:e6:ec:74:1a:98:1c:e3:15:98:e3:d0:6e:
72:89:fe:34:3d:69:f8:f8:6d:ba:54:c3:f3:d8:c8:a4:80:93:
ea:16:b8:01
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPo+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDY0NjQ5WhcNMjUxMjEzMDY0NjQ5WjAYMRYw
FAYDVQQDEw02NzdjY2RkZC0zMDA2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAswSiYngCSrHHiUSaAV8CjmkGPY1FzVAxGJQoGYLgIxfffdZQuBNVnh06
PuPYKnyKKUTKAR3XGOUllMIykDWWU3MWH4XQmVIUURWZiI7KvQbrOjZxlS8+T55u
m8yw+lq+GEKy1fgzMEofcxQm/U7chkSi9G+gNNFaeNWcFqlu+YuOlceJckVqsU0Q
Xkbq8L/cAd+xkKzzD4M7dEIYPgMRbUN3BHcUYZYsWJGBtru0XZg3ojo7enia9NDk
CyQRpy+C/0S3MALTm6Wc5mleRFFheR6E38AgdcvGsbXEjp64AlrEGgKXg6wq+h7G
n+MrhNdJfqh8lu/SVziae7IV8KThqQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGrs
vFEnrH5Jfo/NZK+4aXQ3HdqdMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yREQzNzZENENDQzMxMUVGQkY3NzNFQTg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOkyMA0GCSqGSIb3DQEBCwUA
A4IBAQCRl2NXwNvYZ286P4xS0xXpe5UpvvCcsEuQ13VzycLKSLikZYskVUVC0/61
mLUz5Qg/RGoCoJ91gVtsjPUiLJVpBHrI8nViEkLCLGeyh/RN9gb21/W32bkii14D
PtmiBIFNHXXyxwMTkY1CTqN3jGUDiJI3Rjdbg2a9R1zbtl9iqxJaf5IRC+iB5a5a
9qh0VOs0xsnZELfQc4S2q1wQl6EQX5pIeMOjQhSnC9J07SkAqRbMHR7mbLjYtOaF
K0Gr71YDDi7V8YFodKnObsqT659kvecfe27BJeeV6Bu8+mDm7HQamBzjFZjj0G5y
if40PWn4+G26VMPz2MikgJPqFrgB
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:42:23 2025 by rpki-client