Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2E1AF352C97011EF9B1D3382762E951A.roa
File: 2E1AF352C97011EF9B1D3382762E951A.roa (raw, json)
Hash identifier: dCkKuGGJybuQ+K9Y0iCWGi3KZO9hLY4SV1o4UXPcmeE=
Subject key identifier: 2B:36:1C:01:44:ED:20:79:36:F3:BA:89:96:23:50:B8:CF:19:87:B4
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F4AD
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2E1AF352C97011EF9B1D3382762E951A.roa
Signing time: Fri 03 Jan 2025 01:15:12 +0000
ROA not before: Fri 03 Jan 2025 01:15:08 +0000
ROA not after: Sat 13 Dec 2025 01:15:08 +0000
asID: 984
IP address blocks: 156.227.72.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62637 (0xf4ad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 01:15:08 2025 GMT
Not After : Dec 13 01:15:08 2025 GMT
Subject: CN=67773a20-13c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:5e:d2:b7:fa:2b:92:02:dc:1e:59:35:33:4f:
cf:99:88:22:b6:41:a5:0e:5d:59:40:54:31:15:9f:
e5:45:c0:00:5e:f8:89:cc:6d:c7:9a:a4:b2:f4:3e:
11:c7:aa:03:38:5e:e8:98:16:93:82:60:e2:d4:b8:
03:84:8c:6c:74:69:58:30:f3:46:62:ac:f3:18:29:
7a:60:2b:fc:6b:30:fb:85:cb:98:ab:00:40:2a:dc:
ff:07:64:37:5e:02:f3:8d:a8:78:8c:d3:19:d3:02:
05:5e:c1:4b:c9:27:67:75:be:e0:9d:64:5b:5f:6e:
05:8b:68:84:c0:6e:75:35:09:d3:af:9e:94:2f:38:
93:9a:6b:e1:80:2e:61:7b:39:06:4e:9c:fa:1f:d9:
ea:63:17:20:f6:95:c7:99:ea:03:f2:55:d0:69:b5:
21:ce:f8:1b:67:94:8d:41:95:56:57:16:51:fd:c7:
a2:f6:c0:68:7a:11:c0:36:e5:14:b6:9f:04:7f:32:
38:23:c8:a4:54:51:85:56:73:56:76:c4:2e:09:9d:
33:94:70:eb:92:38:7c:ea:07:dd:28:a5:63:b4:0e:
fb:14:0c:91:23:5a:d2:b5:96:4e:ba:0e:55:65:b6:
1a:a8:1f:83:a8:3e:0c:2a:68:28:a3:b8:b0:85:42:
e8:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:36:1C:01:44:ED:20:79:36:F3:BA:89:96:23:50:B8:CF:19:87:B4
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2E1AF352C97011EF9B1D3382762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.72.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:36:00:14:6a:f3:93:a9:bd:81:eb:39:71:fd:08:82:d1:d8:
ec:06:f1:49:a0:81:5a:38:45:bd:35:f4:8e:5d:c5:b5:31:23:
f7:6c:f7:c1:78:1f:c5:c0:22:dc:43:54:60:b7:63:e8:5e:cf:
92:65:05:e3:98:78:40:5a:b3:b7:6b:74:cf:22:52:b2:32:b4:
f9:47:ac:d6:74:9b:00:bf:f3:05:fb:48:57:45:72:ac:e2:d1:
ce:ec:1a:6b:17:0d:53:9b:df:25:6c:c9:46:76:e5:31:80:83:
2a:5e:26:5a:60:e2:0b:87:0e:95:ca:0f:f4:5b:d4:13:01:27:
0f:7d:49:70:5f:d2:7b:6f:70:c2:03:4a:1a:0a:48:00:d5:9b:
b6:6f:b8:04:27:4c:a5:9a:0f:35:75:71:5d:ed:0e:62:b1:7d:
e4:7b:ff:ce:b4:7d:48:6f:33:fe:a9:04:01:b2:24:ad:ee:ae:
65:d3:ba:88:e3:99:63:bd:0d:e5:d8:16:40:8d:11:42:63:b4:
4f:31:98:5c:d0:18:82:24:d2:05:b4:3b:30:ec:3f:4d:83:8e:
8a:d0:69:56:69:51:0a:28:74:4a:e5:70:d2:e9:1c:f4:7e:68:
ea:01:60:a9:95:4c:fb:09:c7:d7:3e:fb:e7:3d:48:24:87:3b:
b6:0a:98:51
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPStMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDExNTA4WhcNMjUxMjEzMDExNTA4WjAYMRYw
FAYDVQQDEw02Nzc3M2EyMC0xM2M0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAq17St/orkgLcHlk1M0/PmYgitkGlDl1ZQFQxFZ/lRcAAXviJzG3HmqSy
9D4Rx6oDOF7omBaTgmDi1LgDhIxsdGlYMPNGYqzzGCl6YCv8azD7hcuYqwBAKtz/
B2Q3XgLzjah4jNMZ0wIFXsFLySdndb7gnWRbX24Fi2iEwG51NQnTr56ULziTmmvh
gC5hezkGTpz6H9nqYxcg9pXHmeoD8lXQabUhzvgbZ5SNQZVWVxZR/cei9sBoehHA
NuUUtp8EfzI4I8ikVFGFVnNWdsQuCZ0zlHDrkjh86gfdKKVjtA77FAyRI1rStZZO
ug5VZbYaqB+DqD4MKmgoo7iwhULoJQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCs2
HAFE7SB5NvO6iZYjULjPGYe0MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yRTFBRjM1MkM5NzAxMUVGOUIxRDMzODI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnONIMA0GCSqGSIb3DQEBCwUA
A4IBAQCoNgAUavOTqb2B6zlx/QiC0djsBvFJoIFaOEW9NfSOXcW1MSP3bPfBeB/F
wCLcQ1Rgt2PoXs+SZQXjmHhAWrO3a3TPIlKyMrT5R6zWdJsAv/MF+0hXRXKs4tHO
7BprFw1Tm98lbMlGduUxgIMqXiZaYOILhw6Vyg/0W9QTAScPfUlwX9J7b3DCA0oa
CkgA1Zu2b7gEJ0ylmg81dXFd7Q5isX3ke//OtH1IbzP+qQQBsiSt7q5l07qI45lj
vQ3l2BZAjRFCY7RPMZhc0BiCJNIFtDsw7D9Ng46K0GlWaVEKKHRK5XDS6Rz0fmjq
AWCplUz7CcfXPvvnPUgkhzu2CphR
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:40:34 2025 by rpki-client