Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2EE55E3ECCFA11EFA3C14784762E951A.roa
File: 2EE55E3ECCFA11EFA3C14784762E951A.roa (raw, json)
Hash identifier: QYD8NtWfgKc2q9z14cUCaxmhwuAKPFQvSKjrGQsWfYY=
Subject key identifier: E5:63:69:37:EE:79:D2:F9:4C:48:CB:84:77:D7:B1:47:E4:00:67:1B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FC39
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2EE55E3ECCFA11EFA3C14784762E951A.roa
Signing time: Tue 07 Jan 2025 13:20:37 +0000
ROA not before: Tue 07 Jan 2025 13:20:33 +0000
ROA not after: Mon 13 Dec 2027 13:20:33 +0000
asID: 17561
IP address blocks: 156.237.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64569 (0xfc39)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 13:20:33 2025 GMT
Not After : Dec 13 13:20:33 2027 GMT
Subject: CN=677d2a25-8583
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ca:b7:9a:e1:73:dd:cd:ff:02:4f:f5:94:5f:
5c:46:17:18:81:55:32:c7:69:8d:54:49:2b:22:70:
20:dd:95:d1:db:5b:3d:38:4a:ef:25:9a:b4:40:0e:
bf:b6:8f:77:cc:d3:77:21:81:95:8b:b2:bd:36:05:
1e:f1:38:9b:d0:1b:d5:e0:d1:66:b2:82:24:4d:92:
06:85:bf:ad:9e:d8:8c:99:0a:68:f4:f7:f3:24:f1:
98:a2:09:b3:c0:5a:12:98:bf:93:c9:62:11:32:2d:
f6:88:b9:3f:0b:10:29:02:36:56:31:07:f2:12:71:
d8:c0:c0:44:d8:25:04:92:e7:1b:f6:2b:7f:a6:9e:
a6:52:b1:79:47:52:4b:ca:51:85:cd:70:f5:89:87:
81:09:c0:d8:79:a5:44:64:76:5a:0a:fa:54:0f:01:
7c:47:2f:6a:e7:79:21:10:20:b2:a0:26:da:fc:41:
b7:ec:ab:bd:5b:bd:5c:0a:b9:f5:01:c5:f3:1c:80:
36:0f:90:87:ec:2f:f7:2b:2b:d2:b7:36:26:36:8b:
21:ae:4e:ae:b6:7b:d0:0e:cb:88:ba:14:9d:ac:5f:
99:43:02:da:e5:33:8a:32:3c:6b:da:b6:48:93:7a:
d1:f8:ca:b4:d4:ae:0b:31:8c:92:ab:a7:2d:bd:ec:
6c:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:63:69:37:EE:79:D2:F9:4C:48:CB:84:77:D7:B1:47:E4:00:67:1B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2EE55E3ECCFA11EFA3C14784762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.237.127.0/24
Signature Algorithm: sha256WithRSAEncryption
25:14:5c:06:66:45:fd:4f:c9:a4:02:e9:1f:c8:af:de:bc:f0:
49:c6:66:09:b6:16:89:d6:5f:ca:47:90:31:a0:53:7c:ba:6f:
cd:e4:41:03:fb:55:a9:dc:85:c1:41:3b:d2:d3:5d:7d:9c:3d:
52:1b:3e:d7:cf:9a:6c:cd:f7:b8:d5:b7:56:e7:61:92:a9:07:
ea:42:39:5a:c8:32:f9:02:3b:6f:df:68:83:57:af:7a:05:fc:
fe:d8:f8:2c:37:c9:e1:97:e3:b4:c9:fa:e3:04:2e:b5:bd:e3:
64:0b:f6:0e:a7:04:75:18:a5:5e:72:17:07:7a:70:1f:56:50:
aa:6c:3b:ca:31:08:4d:73:23:ab:29:04:8a:34:23:9b:34:c6:
a6:db:9e:60:b9:05:2a:c6:c9:af:6a:1d:39:73:3c:95:b4:ab:
78:43:8b:c4:2f:6b:78:f4:f2:76:f8:0f:45:6a:b1:d5:2a:87:
5e:af:07:11:2f:e5:50:b2:30:24:a1:11:8b:7a:47:c6:18:5b:
81:1a:74:2a:69:b9:44:c6:bb:1e:b3:da:c0:51:e2:3b:df:b7:
39:89:88:07:bb:a6:a2:c8:97:45:d5:97:cc:13:ee:20:ec:a0:
37:c9:9f:ec:d8:08:76:30:8f:f5:1b:6a:98:27:fb:f2:ab:f4:
40:42:8b:f7
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPw5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTMyMDMzWhcNMjcxMjEzMTMyMDMzWjAYMRYw
FAYDVQQDEw02NzdkMmEyNS04NTgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwMq3muFz3c3/Ak/1lF9cRhcYgVUyx2mNVEkrInAg3ZXR21s9OErvJZq0
QA6/to93zNN3IYGVi7K9NgUe8Tib0BvV4NFmsoIkTZIGhb+tntiMmQpo9PfzJPGY
ogmzwFoSmL+TyWIRMi32iLk/CxApAjZWMQfyEnHYwMBE2CUEkucb9it/pp6mUrF5
R1JLylGFzXD1iYeBCcDYeaVEZHZaCvpUDwF8Ry9q53khECCyoCba/EG37Ku9W71c
Crn1AcXzHIA2D5CH7C/3KyvStzYmNoshrk6utnvQDsuIuhSdrF+ZQwLa5TOKMjxr
2rZIk3rR+Mq01K4LMYySq6ctvexsYwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOVj
aTfuedL5TEjLhHfXsUfkAGcbMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yRUU1NUUzRUNDRkExMUVGQTNDMTQ3ODQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO1/MA0GCSqGSIb3DQEBCwUA
A4IBAQAlFFwGZkX9T8mkAukfyK/evPBJxmYJthaJ1l/KR5AxoFN8um/N5EED+1Wp
3IXBQTvS0119nD1SGz7Xz5pszfe41bdW52GSqQfqQjlayDL5Ajtv32iDV696Bfz+
2PgsN8nhl+O0yfrjBC61veNkC/YOpwR1GKVechcHenAfVlCqbDvKMQhNcyOrKQSK
NCObNMam255guQUqxsmvah05czyVtKt4Q4vEL2t49PJ2+A9FarHVKoderwcRL+VQ
sjAkoRGLekfGGFuBGnQqablExrses9rAUeI737c5iYgHu6aiyJdF1ZfME+4g7KA3
yZ/s2Ah2MI/1G2qYJ/vyq/RAQov3
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:43:10 2025 by rpki-client