Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2FF7C5A6C98E11EF96D3A555762E951A.roa
File: 2FF7C5A6C98E11EF96D3A555762E951A.roa (raw, json)
Hash identifier: 2m+Y5ok0FO2I1NwHO5rXPZY31GSYs5Yhl9oHwgg8xj4=
Subject key identifier: 58:DB:5D:1A:BF:DA:38:47:71:5D:D3:FB:3C:DB:CD:62:86:6D:34:22
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F5C9
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2FF7C5A6C98E11EF96D3A555762E951A.roa
Signing time: Fri 03 Jan 2025 04:50:00 +0000
ROA not before: Fri 03 Jan 2025 04:49:56 +0000
ROA not after: Mon 13 Dec 2027 04:49:56 +0000
asID: 17561
IP address blocks: 156.233.57.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62921 (0xf5c9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 04:49:56 2025 GMT
Not After : Dec 13 04:49:56 2027 GMT
Subject: CN=67776c78-96bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:ee:35:49:b0:57:9b:53:ab:54:30:08:55:22:
ac:76:d2:27:88:a2:33:33:7a:8b:c7:af:f4:d3:b7:
63:39:df:0c:6d:64:e8:4b:60:8b:6a:a8:04:c5:e0:
47:d9:42:33:3a:4e:90:92:62:c8:bb:6d:85:d2:80:
f3:ca:94:3b:2c:69:fd:53:f0:8e:36:9d:18:84:d5:
a0:27:9d:8c:f3:6b:78:29:6c:ff:48:99:c7:c2:34:
d6:b2:3b:d2:bd:22:de:04:bc:06:c0:33:1f:57:55:
d3:53:d3:9c:fe:21:e9:4d:0f:a9:bd:ca:0d:a3:da:
b1:4a:5b:f9:65:4b:82:a3:1b:e4:87:8f:6b:7b:57:
35:10:58:b2:f9:86:3e:c5:74:e1:fd:5b:05:39:5e:
c9:0d:53:c8:4b:05:e3:47:e6:1b:7b:75:ce:7f:b0:
33:41:45:3e:31:19:61:24:bc:8e:00:5f:46:69:85:
46:ba:36:7d:20:c1:da:93:1a:be:55:ec:7c:7f:c2:
25:85:6f:70:bd:58:da:34:2a:98:c5:6b:4e:85:9f:
74:3a:b4:ea:f4:db:a2:d6:24:91:a1:b3:04:a4:80:
c0:05:d2:1f:ce:e6:98:c2:c5:1d:77:0b:ed:9b:88:
31:29:ea:95:21:62:1e:be:38:84:dd:67:95:7e:b2:
d8:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:DB:5D:1A:BF:DA:38:47:71:5D:D3:FB:3C:DB:CD:62:86:6D:34:22
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2FF7C5A6C98E11EF96D3A555762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.57.0/24
Signature Algorithm: sha256WithRSAEncryption
90:50:c8:eb:f8:5e:80:70:6a:af:74:4c:57:01:e8:44:02:a1:
9f:a2:f9:d1:11:c2:76:a9:32:45:63:08:bd:2e:34:0b:ce:60:
a0:a6:69:d9:40:e9:5b:68:06:37:58:cb:f2:dd:c9:57:46:27:
20:fa:df:4a:a5:4d:ae:08:35:82:b5:43:cf:70:d9:ae:04:c8:
c5:6b:84:20:68:5f:e9:84:95:61:0d:8d:13:b4:ef:47:8f:e7:
ea:f5:d3:00:cd:66:68:81:14:4b:32:bc:1c:93:75:18:90:fa:
15:f7:b3:e6:b6:3a:06:5a:9a:2a:55:68:a4:7f:8f:35:bc:29:
1c:46:4e:42:c5:5f:f4:e2:30:9e:98:86:14:8f:8e:5e:c7:a9:
57:b2:f7:4f:ea:28:84:1f:69:81:5a:48:ad:e2:db:c1:b9:e6:
ce:45:2f:8c:f3:2a:0f:8a:97:ec:78:98:20:47:fe:a3:8e:3d:
20:83:36:03:9b:de:fb:04:f3:40:55:57:63:41:70:32:0f:d1:
11:81:7f:f2:d3:17:c9:70:cd:b1:f7:c6:72:73:6f:9a:ed:01:
da:3f:c9:0e:46:20:9b:3d:77:bb:ba:3d:3b:bf:0b:20:f9:f4:
ad:e4:3f:25:fa:08:8f:e0:0e:f1:6a:b4:0d:18:bc:ef:e4:7d:
79:fa:7d:0e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPXJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDQ0OTU2WhcNMjcxMjEzMDQ0OTU2WjAYMRYw
FAYDVQQDEw02Nzc3NmM3OC05NmJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0O41SbBXm1OrVDAIVSKsdtIniKIzM3qLx6/007djOd8MbWToS2CLaqgE
xeBH2UIzOk6QkmLIu22F0oDzypQ7LGn9U/CONp0YhNWgJ52M82t4KWz/SJnHwjTW
sjvSvSLeBLwGwDMfV1XTU9Oc/iHpTQ+pvcoNo9qxSlv5ZUuCoxvkh49re1c1EFiy
+YY+xXTh/VsFOV7JDVPISwXjR+Ybe3XOf7AzQUU+MRlhJLyOAF9GaYVGujZ9IMHa
kxq+Vex8f8IlhW9wvVjaNCqYxWtOhZ90OrTq9Nui1iSRobMEpIDABdIfzuaYwsUd
dwvtm4gxKeqVIWIevjiE3WeVfrLYEwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFjb
XRq/2jhHcV3T+zzbzWKGbTQiMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yRkY3QzVBNkM5OEUxMUVGOTZEM0E1NTU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOk5MA0GCSqGSIb3DQEBCwUA
A4IBAQCQUMjr+F6AcGqvdExXAehEAqGfovnREcJ2qTJFYwi9LjQLzmCgpmnZQOlb
aAY3WMvy3clXRicg+t9KpU2uCDWCtUPPcNmuBMjFa4QgaF/phJVhDY0TtO9Hj+fq
9dMAzWZogRRLMrwck3UYkPoV97PmtjoGWpoqVWikf481vCkcRk5CxV/04jCemIYU
j45ex6lXsvdP6iiEH2mBWkit4tvBuebORS+M8yoPipfseJggR/6jjj0ggzYDm977
BPNAVVdjQXAyD9ERgX/y0xfJcM2x98Zyc2+a7QHaP8kORiCbPXe7uj07vwsg+fSt
5D8l+giP4A7xarQNGLzv5H15+n0O
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:46:41 2025 by rpki-client