Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2EDB6FE6C34511EF8DC25C56762E951A.roa
File: 2EDB6FE6C34511EF8DC25C56762E951A.roa (raw, json)
Hash identifier: Rht4WNXbHIMbVb50XNZQAjrgBZ+W0erZslZ5oq5a6zI=
Subject key identifier: 67:92:FC:7C:56:90:8D:16:57:F7:0C:B6:40:3E:BE:4A:38:C0:C0:7D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EBFB
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2EDB6FE6C34511EF8DC25C56762E951A.roa
Signing time: Thu 26 Dec 2024 04:52:18 +0000
ROA not before: Thu 26 Dec 2024 04:52:14 +0000
ROA not after: Fri 10 Dec 2027 04:52:14 +0000
asID: 17561
IP address blocks: 156.244.249.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60411 (0xebfb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 04:52:14 2024 GMT
Not After : Dec 10 04:52:14 2027 GMT
Subject: CN=676ce102-5fce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:af:90:38:5a:46:e4:c0:c9:20:ad:88:4f:b1:
c5:b6:18:2c:7f:9a:4e:6c:10:dd:bf:41:8e:ae:f2:
f1:3e:1f:a3:00:a9:6d:6e:fa:66:0f:97:9e:22:aa:
97:c8:6d:b5:af:96:99:84:90:0c:21:fc:53:70:f0:
8d:8e:d3:a1:33:30:c7:17:db:ef:9e:0d:f6:bd:57:
34:e1:cd:17:e9:b7:69:e4:bc:7d:b3:25:1a:ba:71:
2d:98:fa:b2:4d:33:fb:2f:84:f4:be:c3:3c:eb:e5:
4b:da:49:a8:6a:22:ca:60:78:e8:e4:1a:87:a1:45:
b9:57:9c:10:2d:2b:90:b5:f8:ec:70:23:9d:d3:dc:
07:29:60:3d:7b:de:12:be:16:09:91:3c:01:61:94:
a9:4e:b1:61:66:ce:15:87:fa:09:7e:86:82:b7:4d:
07:f1:57:71:44:03:23:3d:c5:75:c1:2d:94:23:d8:
7e:7f:80:0f:15:41:cf:f8:ef:b1:fd:99:bd:f8:c6:
04:f5:85:8f:5d:e1:2d:9b:b5:4f:dd:86:27:bd:ee:
89:12:56:5e:62:f6:b2:cd:cd:23:ab:b1:23:2b:b3:
17:e2:c3:d9:ba:7f:31:c6:56:e1:16:03:5b:51:17:
8e:3e:6b:3f:92:0f:e5:b6:72:2f:c6:af:f9:40:5d:
93:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:92:FC:7C:56:90:8D:16:57:F7:0C:B6:40:3E:BE:4A:38:C0:C0:7D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2EDB6FE6C34511EF8DC25C56762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.244.249.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:85:c7:0c:c4:65:57:c6:b0:46:fd:ad:9a:e3:d0:61:46:3c:
07:6f:9f:10:f8:d2:e5:bf:eb:23:56:b6:48:21:9a:fa:1b:cc:
f4:7c:99:d2:44:0d:f6:88:17:6f:9a:60:99:b9:2f:f0:07:be:
61:30:43:ad:d0:5a:66:18:5f:31:1c:a2:b0:59:ba:33:99:eb:
7a:25:cb:73:8e:5b:3e:1b:7c:08:51:0c:d6:44:41:8e:e4:a0:
11:54:65:a9:04:db:e5:be:70:32:ba:14:ca:38:58:98:cc:d8:
b4:29:09:b2:89:29:fd:c6:67:aa:f2:f0:a3:69:c4:6f:7f:3e:
76:ab:99:93:b7:9b:38:19:d2:b5:24:58:ae:b6:fc:f3:f8:a1:
d6:8d:34:81:0e:33:b6:5a:63:60:17:e1:46:08:6b:5f:1d:40:
47:23:72:0f:c7:cb:69:12:e7:84:bd:1e:eb:50:82:76:7c:10:
86:7f:e3:ca:ba:80:3c:01:79:ab:a2:4c:b4:63:6d:51:41:5b:
47:90:10:91:95:81:c3:30:9b:08:76:97:07:87:1f:8f:e3:ce:
bc:7d:15:f5:f4:df:1b:46:de:ba:5c:72:3d:f7:9f:9e:ff:aa:
b5:d9:34:7e:8a:b0:16:d0:39:ea:db:eb:c9:ae:d2:56:6e:ef:
ad:5c:0c:ec
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOv7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDQ1MjE0WhcNMjcxMjEwMDQ1MjE0WjAYMRYw
FAYDVQQDEw02NzZjZTEwMi01ZmNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAq6+QOFpG5MDJIK2IT7HFthgsf5pObBDdv0GOrvLxPh+jAKltbvpmD5ee
IqqXyG21r5aZhJAMIfxTcPCNjtOhMzDHF9vvng32vVc04c0X6bdp5Lx9syUaunEt
mPqyTTP7L4T0vsM86+VL2kmoaiLKYHjo5BqHoUW5V5wQLSuQtfjscCOd09wHKWA9
e94SvhYJkTwBYZSpTrFhZs4Vh/oJfoaCt00H8VdxRAMjPcV1wS2UI9h+f4APFUHP
+O+x/Zm9+MYE9YWPXeEtm7VP3YYnve6JElZeYvayzc0jq7EjK7MX4sPZun8xxlbh
FgNbUReOPms/kg/ltnIvxq/5QF2TpwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGeS
/HxWkI0WV/cMtkA+vko4wMB9MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yRURCNkZFNkMzNDUxMUVGOERDMjVDNTY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPT5MA0GCSqGSIb3DQEBCwUA
A4IBAQAvhccMxGVXxrBG/a2a49BhRjwHb58Q+NLlv+sjVrZIIZr6G8z0fJnSRA32
iBdvmmCZuS/wB75hMEOt0FpmGF8xHKKwWbozmet6Jctzjls+G3wIUQzWREGO5KAR
VGWpBNvlvnAyuhTKOFiYzNi0KQmyiSn9xmeq8vCjacRvfz52q5mTt5s4GdK1JFiu
tvzz+KHWjTSBDjO2WmNgF+FGCGtfHUBHI3IPx8tpEueEvR7rUIJ2fBCGf+PKuoA8
AXmroky0Y21RQVtHkBCRlYHDMJsIdpcHhx+P4868fRX19N8bRt66XHI995+e/6q1
2TR+irAW0Dnq2+vJrtJWbu+tXAzs
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:48:18 2025 by rpki-client