Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2F0FCF34CF2F11EFBA01F2A1762E951A.roa
File: 2F0FCF34CF2F11EFBA01F2A1762E951A.roa (raw, json)
Hash identifier: LuJUEHdZ09sGqmxlKWYe4FBHLrBuS7AI6pIXj0bI5Co=
Subject key identifier: 0A:33:E1:FB:EB:2B:CF:63:37:F7:86:83:55:AA:18:D6:6D:BF:45:78
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010527
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2F0FCF34CF2F11EFBA01F2A1762E951A.roa
Signing time: Fri 10 Jan 2025 08:45:03 +0000
ROA not before: Fri 10 Jan 2025 08:44:59 +0000
ROA not after: Sat 22 Mar 2025 08:44:59 +0000
asID: 142286
IP address blocks: 156.250.16.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66855 (0x10527)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 10 08:44:59 2025 GMT
Not After : Mar 22 08:44:59 2025 GMT
Subject: CN=6780de0f-6107
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ca:0f:b5:bf:4b:47:a7:28:5a:05:1d:e6:6d:
ca:8e:7a:4b:71:8f:69:d3:da:bc:0b:b1:dc:f7:87:
bf:d7:18:d4:04:00:df:7c:33:8a:ec:bc:ca:a4:06:
40:77:82:42:e0:e5:79:89:20:0f:e2:6d:e9:bb:54:
5e:6f:d8:a1:c4:78:a4:06:6e:27:61:96:76:bf:0d:
20:8e:34:48:0a:0f:e8:6f:5d:1f:81:13:26:3f:0d:
b3:cf:4a:4e:8d:eb:29:9d:a9:e8:c4:eb:20:ac:92:
25:6b:13:fa:a8:da:28:54:8f:3f:2a:12:70:d8:8f:
5d:98:d4:a2:ee:40:df:a8:6e:39:df:15:94:e4:8a:
b1:7a:5b:1f:fc:bc:f9:d4:8f:16:9d:04:07:ad:34:
17:f7:1a:c8:b7:17:4f:8a:6e:92:c6:d0:63:01:ff:
7f:b2:67:17:1e:c2:7e:fb:f7:b9:ac:57:f4:19:0b:
a3:6a:13:02:31:ba:56:86:6d:24:e3:f2:66:7a:39:
41:ae:b0:d6:cc:eb:8b:a1:95:cc:2b:d4:d0:ac:f7:
16:57:0c:9b:e2:92:9e:90:bb:20:42:7c:3d:0f:5f:
46:03:ae:4a:04:82:ba:da:a6:62:cb:25:ec:25:14:
ed:f3:e6:06:11:7e:39:cb:dd:75:2b:a6:2a:4c:c4:
4d:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:33:E1:FB:EB:2B:CF:63:37:F7:86:83:55:AA:18:D6:6D:BF:45:78
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2F0FCF34CF2F11EFBA01F2A1762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.250.16.0/20
Signature Algorithm: sha256WithRSAEncryption
42:0b:4c:0c:61:85:6c:dd:ac:42:e6:d2:2d:7f:1e:84:95:73:
a1:77:0e:ec:58:23:9e:1c:bd:f6:57:2e:7b:40:0c:37:e6:57:
c0:fb:17:c6:f4:20:06:46:da:ef:15:98:6e:49:b5:5d:06:ee:
89:f6:c5:82:7c:4d:a9:f7:06:84:e0:93:7e:db:ff:f2:d0:a6:
1e:23:e4:00:f6:7d:8b:06:d2:6e:1d:78:78:19:c6:b4:af:21:
f7:74:77:55:92:be:0d:49:d3:f7:a9:78:f9:ac:5b:a1:c7:5b:
32:74:2f:da:2a:db:45:ba:6a:51:b4:3a:f8:d1:bd:d1:82:cd:
7a:f3:92:86:ca:cf:cc:2b:32:fd:17:f8:41:d5:50:3a:2f:98:
70:b4:98:f4:77:ec:1e:a6:28:d5:0b:f5:95:e5:68:e3:da:4c:
f6:eb:6c:1d:c6:a2:b7:3a:d3:e2:58:87:15:e4:d7:72:6b:40:
60:bd:80:f7:58:22:e8:c5:95:cb:5d:1e:59:a4:72:df:37:7d:
c2:7f:cf:fb:09:4d:85:fe:dd:03:ba:b7:80:90:19:7b:e1:31:
e9:88:d8:75:a5:09:11:9f:ef:e5:58:3f:21:c9:66:ee:d6:13:
d0:79:a5:65:95:f8:5e:93:07:47:79:48:05:0e:a3:d7:71:44:
9f:81:60:c0
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQUnMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTEwMDg0NDU5WhcNMjUwMzIyMDg0NDU5WjAYMRYw
FAYDVQQDEw02NzgwZGUwZi02MTA3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApMoPtb9LR6coWgUd5m3KjnpLcY9p09q8C7Hc94e/1xjUBADffDOK7LzK
pAZAd4JC4OV5iSAP4m3pu1Reb9ihxHikBm4nYZZ2vw0gjjRICg/ob10fgRMmPw2z
z0pOjespnanoxOsgrJIlaxP6qNooVI8/KhJw2I9dmNSi7kDfqG453xWU5Iqxelsf
/Lz51I8WnQQHrTQX9xrItxdPim6SxtBjAf9/smcXHsJ++/e5rFf0GQujahMCMbpW
hm0k4/JmejlBrrDWzOuLoZXMK9TQrPcWVwyb4pKekLsgQnw9D19GA65KBIK62qZi
yyXsJRTt8+YGEX45y911K6YqTMRNcwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAoz
4fvrK89jN/eGg1WqGNZtv0V4MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yRjBGQ0YzNENGMkYxMUVGQkEwMUYyQTE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnPoQMA0GCSqGSIb3DQEBCwUA
A4IBAQBCC0wMYYVs3axC5tItfx6ElXOhdw7sWCOeHL32Vy57QAw35lfA+xfG9CAG
RtrvFZhuSbVdBu6J9sWCfE2p9waE4JN+2//y0KYeI+QA9n2LBtJuHXh4Gca0ryH3
dHdVkr4NSdP3qXj5rFuhx1sydC/aKttFumpRtDr40b3Rgs1685KGys/MKzL9F/hB
1VA6L5hwtJj0d+wepijVC/WV5Wjj2kz262wdxqK3OtPiWIcV5Ndya0BgvYD3WCLo
xZXLXR5ZpHLfN33Cf8/7CU2F/t0DureAkBl74THpiNh1pQkRn+/lWD8hyWbu1hPQ
eaVllfhekwdHeUgFDqPXcUSfgWDA
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:37:32 2025 by rpki-client