Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/31CF27F8C35C11EFAEAB8F66762E951A.roa
File: 31CF27F8C35C11EFAEAB8F66762E951A.roa (raw, json)
Hash identifier: 8e8XXj1uLlZUoPPG473u2nNePmme0lZb51Jxv1KKGxw=
Subject key identifier: E1:BC:2B:63:D9:4B:C2:F8:C2:1E:8F:84:1B:84:B1:20:9E:21:F6:BC
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EC6D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/31CF27F8C35C11EFAEAB8F66762E951A.roa
Signing time: Thu 26 Dec 2024 07:37:01 +0000
ROA not before: Thu 26 Dec 2024 07:36:57 +0000
ROA not after: Sun 23 Feb 2025 07:36:57 +0000
asID: 63139
IP address blocks: 156.227.220.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60525 (0xec6d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 07:36:57 2024 GMT
Not After : Feb 23 07:36:57 2025 GMT
Subject: CN=676d079d-3c8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:d6:78:a5:2d:a4:ee:6c:c4:89:33:96:9e:28:
07:4e:65:73:b7:8f:b3:58:3f:3f:6f:79:2f:c6:92:
58:56:21:ef:b9:67:4b:62:4a:f2:43:5d:f6:93:53:
48:f2:27:50:b9:68:c8:29:e3:76:8d:48:29:23:ce:
87:86:3b:18:fe:0d:50:9a:39:0c:67:cd:68:0b:d6:
4e:cf:5d:f9:7e:42:73:43:03:e8:64:63:6f:9b:da:
72:96:66:7a:82:86:ce:f4:e8:af:1b:c0:15:6c:42:
88:7e:e8:37:76:a6:a5:a4:df:8c:43:1a:95:a7:61:
3e:b7:62:1c:94:40:96:b2:98:58:8f:bf:e0:ec:58:
94:11:0d:8d:9f:73:32:14:8d:91:a5:01:f7:66:a9:
aa:42:67:19:d7:1f:f4:8d:f8:07:54:59:11:ed:99:
73:a7:01:37:8a:7f:2c:a6:6c:97:74:b6:83:3a:d4:
97:34:ed:af:dd:ba:24:e9:39:0c:73:d0:ff:b0:a5:
4b:95:8f:28:45:ac:7b:62:32:a6:32:7c:a6:49:72:
d2:8e:2d:86:da:10:7d:28:62:3c:c8:3f:7d:5e:b6:
c5:db:67:cc:e7:2f:48:58:e1:25:cf:27:42:19:d3:
f8:ba:bd:f4:f3:f6:20:c3:09:e7:46:a4:bf:28:db:
77:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:BC:2B:63:D9:4B:C2:F8:C2:1E:8F:84:1B:84:B1:20:9E:21:F6:BC
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/31CF27F8C35C11EFAEAB8F66762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.220.0/22
Signature Algorithm: sha256WithRSAEncryption
92:49:80:d8:35:59:cc:3e:09:96:c0:0d:d1:87:e7:db:31:22:
77:d2:38:af:c6:ab:10:3e:e3:ae:32:77:87:c6:31:f8:b9:48:
40:a5:3f:e6:be:2a:d9:dc:61:30:a0:31:d1:65:8e:b2:51:f9:
ac:be:d6:fb:98:ef:1a:77:c4:d2:24:22:dc:d6:2e:65:c2:b2:
e1:1f:45:87:1b:16:5f:68:b5:1c:7c:09:49:9a:58:fd:dc:06:
55:4a:fd:2e:70:06:c9:ff:d0:9b:be:d4:17:b7:1d:75:5d:c6:
54:b8:a4:dd:03:2a:36:7f:31:3b:ed:3f:c6:99:11:df:f1:8a:
b9:82:98:a2:7f:0f:b8:61:a1:62:36:06:87:da:88:56:e0:33:
0f:4e:29:fb:44:70:b7:95:e1:72:3a:1a:8b:5b:8b:3c:f3:b2:
6d:21:58:b8:1a:ab:60:40:37:ce:ea:f7:85:5e:9f:a9:cd:5a:
c0:79:78:43:68:d9:ac:72:6a:d8:59:72:a1:89:c8:0f:46:65:
fc:18:ef:4f:f0:e4:90:f7:8a:e0:39:da:24:0f:8f:a9:0f:25:
76:0e:61:4f:70:a8:b3:6e:3c:76:a3:7b:b8:b4:e4:5c:c4:de:
89:d7:a6:6e:24:1d:ec:4d:b5:d5:a9:aa:fd:5d:20:c9:2b:f8:
e9:95:9d:32
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOxtMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDczNjU3WhcNMjUwMjIzMDczNjU3WjAYMRYw
FAYDVQQDEw02NzZkMDc5ZC0zYzhjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwdZ4pS2k7mzEiTOWnigHTmVzt4+zWD8/b3kvxpJYViHvuWdLYkryQ132
k1NI8idQuWjIKeN2jUgpI86HhjsY/g1QmjkMZ81oC9ZOz135fkJzQwPoZGNvm9py
lmZ6gobO9OivG8AVbEKIfug3dqalpN+MQxqVp2E+t2IclECWsphYj7/g7FiUEQ2N
n3MyFI2RpQH3ZqmqQmcZ1x/0jfgHVFkR7ZlzpwE3in8spmyXdLaDOtSXNO2v3bok
6TkMc9D/sKVLlY8oRax7YjKmMnymSXLSji2G2hB9KGI8yD99XrbF22fM5y9IWOEl
zydCGdP4ur308/YgwwnnRqS/KNt3IQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOG8
K2PZS8L4wh6PhBuEsSCeIfa8MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zMUNGMjdGOEMzNUMxMUVGQUVBQjhGNjY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnOPcMA0GCSqGSIb3DQEBCwUA
A4IBAQCSSYDYNVnMPgmWwA3Rh+fbMSJ30jivxqsQPuOuMneHxjH4uUhApT/mvirZ
3GEwoDHRZY6yUfmsvtb7mO8ad8TSJCLc1i5lwrLhH0WHGxZfaLUcfAlJmlj93AZV
Sv0ucAbJ/9CbvtQXtx11XcZUuKTdAyo2fzE77T/GmRHf8Yq5gpiifw+4YaFiNgaH
2ohW4DMPTin7RHC3leFyOhqLW4s887JtIVi4GqtgQDfO6veFXp+pzVrAeXhDaNms
cmrYWXKhicgPRmX8GO9P8OSQ94rgOdokD4+pDyV2DmFPcKizbjx2o3u4tORcxN6J
16ZuJB3sTbXVqar9XSDJK/jplZ0y
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:38:43 2025 by rpki-client