Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2E40A2FACD5811EFB69EE953762E951A.roa
File: 2E40A2FACD5811EFB69EE953762E951A.roa (raw, json)
Hash identifier: AWa8YTM37P/Toz/4svKLSw0vRMJDKMj+G6GdVmkWueU=
Subject key identifier: 64:D9:E5:EC:D6:66:38:4F:E3:29:33:BC:68:B5:36:DD:04:EA:C1:B1
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FEF3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2E40A2FACD5811EFB69EE953762E951A.roa
Signing time: Wed 08 Jan 2025 00:33:29 +0000
ROA not before: Wed 08 Jan 2025 00:00:25 +0000
ROA not after: Sat 13 Dec 2025 00:00:25 +0000
asID: 984
IP address blocks: 156.247.66.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65267 (0xfef3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 00:00:25 2025 GMT
Not After : Dec 13 00:00:25 2025 GMT
Subject: CN=677dc7d9-c146
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:fa:a8:98:c5:35:ed:6c:4a:47:84:e8:5e:00:
8e:eb:e0:52:70:f0:f9:53:2e:7a:68:9e:6c:92:a4:
b7:20:31:d5:32:07:e4:3a:8e:25:ce:6d:33:74:ad:
4c:3c:a3:1c:69:f8:7c:a2:31:a4:42:37:c5:79:b9:
f7:2b:f0:d0:04:97:8a:39:55:e4:d0:18:a9:51:84:
5b:72:23:5c:65:58:a8:1d:a7:4f:9f:ce:e8:be:c6:
0a:8a:09:0c:0e:75:56:0e:19:dd:70:bd:e6:12:c8:
34:01:f3:aa:90:91:63:a8:9f:78:76:5d:37:67:14:
a5:06:fd:5d:46:ef:62:44:1d:20:fb:23:a1:68:ee:
61:0b:8a:42:93:53:79:dc:d3:08:9f:03:6e:6f:d9:
06:a8:75:0b:04:7f:aa:03:79:ce:90:6b:d1:6a:a7:
31:e4:15:31:28:6c:89:07:29:49:70:3b:4c:d8:1a:
8b:0c:4e:9e:d4:e8:8d:1d:6f:6c:c3:34:dc:49:8b:
0c:c9:ef:9e:a3:d7:cd:ad:35:67:9e:14:3b:52:7b:
d2:ea:a6:0a:cd:05:79:7d:1d:dc:64:a8:c3:12:2c:
74:4f:cc:ce:42:3e:fa:31:f1:d7:06:90:e6:10:41:
72:21:aa:95:56:e8:13:8a:e7:d8:ad:3d:ba:da:d8:
7e:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:D9:E5:EC:D6:66:38:4F:E3:29:33:BC:68:B5:36:DD:04:EA:C1:B1
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2E40A2FACD5811EFB69EE953762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.247.66.0/24
Signature Algorithm: sha256WithRSAEncryption
34:32:2f:45:0c:7b:e4:5d:10:27:1b:1f:7a:90:32:12:22:6c:
2d:95:29:22:f3:4e:39:89:20:e0:36:3f:e3:9e:bd:15:60:a5:
da:46:58:bc:5e:ed:b6:c9:e2:31:62:71:1d:b4:50:1c:b0:66:
4a:ac:fc:96:eb:25:ab:b5:17:2d:10:45:35:be:59:38:3c:3e:
22:22:e4:24:6f:04:59:86:77:3e:eb:de:a5:33:ef:83:f5:4f:
f7:77:01:a8:28:0e:05:0d:7d:8b:88:de:51:48:23:82:40:17:
45:9b:cf:09:2b:62:e3:b2:4d:f9:82:ad:6e:39:40:ff:78:34:
9b:15:33:b3:7a:49:a2:6e:a5:a6:ab:f6:ea:4d:72:f5:89:81:
ed:06:bd:bc:61:43:46:98:90:74:75:28:58:c3:dc:86:09:ee:
19:42:c5:4d:ca:38:5f:69:4a:6e:07:ed:36:ec:a1:71:19:f0:
53:24:41:8a:0d:b9:7e:48:fe:19:24:2d:1f:e9:3a:f2:01:63:
2b:c6:eb:0a:2f:48:9f:6e:24:f8:3a:08:77:15:73:6e:1b:e3:
33:f9:18:f1:60:02:7b:97:a4:7a:1c:fe:ab:05:93:5f:12:50:
e9:8c:6e:a5:2d:85:b6:bc:1d:87:b1:8a:e0:40:f0:dd:64:fb:
74:3b:1a:6f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP7zMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDAwMDI1WhcNMjUxMjEzMDAwMDI1WjAYMRYw
FAYDVQQDEw02NzdkYzdkOS1jMTQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxvqomMU17WxKR4ToXgCO6+BScPD5Uy56aJ5skqS3IDHVMgfkOo4lzm0z
dK1MPKMcafh8ojGkQjfFebn3K/DQBJeKOVXk0BipUYRbciNcZVioHadPn87ovsYK
igkMDnVWDhndcL3mEsg0AfOqkJFjqJ94dl03ZxSlBv1dRu9iRB0g+yOhaO5hC4pC
k1N53NMInwNub9kGqHULBH+qA3nOkGvRaqcx5BUxKGyJBylJcDtM2BqLDE6e1OiN
HW9swzTcSYsMye+eo9fNrTVnnhQ7UnvS6qYKzQV5fR3cZKjDEix0T8zOQj76MfHX
BpDmEEFyIaqVVugTiufYrT262th+xQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGTZ
5ezWZjhP4ykzvGi1Nt0E6sGxMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yRTQwQTJGQUNENTgxMUVGQjY5RUU5NTM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPdCMA0GCSqGSIb3DQEBCwUA
A4IBAQA0Mi9FDHvkXRAnGx96kDISImwtlSki8045iSDgNj/jnr0VYKXaRli8Xu22
yeIxYnEdtFAcsGZKrPyW6yWrtRctEEU1vlk4PD4iIuQkbwRZhnc+696lM++D9U/3
dwGoKA4FDX2LiN5RSCOCQBdFm88JK2Ljsk35gq1uOUD/eDSbFTOzekmibqWmq/bq
TXL1iYHtBr28YUNGmJB0dShYw9yGCe4ZQsVNyjhfaUpuB+027KFxGfBTJEGKDbl+
SP4ZJC0f6TryAWMrxusKL0ifbiT4Ogh3FXNuG+Mz+RjxYAJ7l6R6HP6rBZNfElDp
jG6lLYW2vB2HsYrgQPDdZPt0Oxpv
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:00:06 2025 by rpki-client