Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/33EF594ED2DF11EFB853DD67762E951A.roa
File: 33EF594ED2DF11EFB853DD67762E951A.roa (raw, json)
Hash identifier: hDMBEplka2ZQVrdK6UQz/We3gZvUzpPrqKmzgT1MZCU=
Subject key identifier: A8:5F:EE:66:16:EA:12:0E:8E:23:6B:14:26:35:71:E7:7D:AB:28:CB
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010729
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/33EF594ED2DF11EFB853DD67762E951A.roa
Signing time: Wed 15 Jan 2025 01:22:36 +0000
ROA not before: Wed 15 Jan 2025 01:22:32 +0000
ROA not after: Mon 13 Dec 2027 01:22:32 +0000
asID: 17561
IP address blocks: 156.247.25.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67369 (0x10729)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 15 01:22:32 2025 GMT
Not After : Dec 13 01:22:32 2027 GMT
Subject: CN=67870ddc-2605
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:44:81:90:0f:14:a7:54:24:ea:fb:a1:46:c1:
ba:fb:13:05:97:02:d0:65:34:62:23:b4:56:b2:f3:
84:15:74:b2:b0:54:74:6e:57:76:98:96:01:9a:dc:
1c:b0:ea:c1:b8:a5:01:98:4c:b5:fe:d7:c4:54:1f:
62:41:63:06:d7:d0:27:24:93:f9:d3:b5:87:2b:38:
04:8a:61:99:9f:cd:3b:07:63:2a:a7:cd:5f:ed:b4:
d1:ac:0f:87:d4:19:71:02:2d:c2:6c:07:77:02:57:
7e:c9:d6:40:54:97:b1:b3:7d:4c:f7:cb:2a:96:48:
3e:cf:94:b4:68:14:ed:14:a3:0e:8c:03:d0:e1:39:
42:75:6b:30:f9:56:08:83:2f:a6:6d:cc:49:b1:f6:
17:f6:ab:70:44:d6:16:54:c9:eb:68:03:f7:35:d8:
ad:c0:2b:1e:fb:ce:2a:27:92:07:31:7f:e9:c4:81:
9d:3c:2d:43:04:9b:b9:9f:c6:e4:98:52:be:69:fb:
6e:ac:ef:e8:ff:b2:ff:18:18:61:a6:6c:51:3a:f1:
1f:09:fa:d2:d5:14:36:bd:c3:eb:f0:d5:b0:5b:7c:
5f:e1:29:c8:e9:e6:63:98:3c:4d:57:9d:6a:91:a2:
d8:84:43:0f:52:b2:96:7f:a1:74:45:2f:69:fe:c3:
11:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:5F:EE:66:16:EA:12:0E:8E:23:6B:14:26:35:71:E7:7D:AB:28:CB
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/33EF594ED2DF11EFB853DD67762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.247.25.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:0e:f7:79:74:8a:44:09:49:41:95:4b:95:70:86:9e:6b:1c:
5f:7b:3c:0d:75:2f:30:b5:b4:92:07:84:d8:41:ad:c3:a1:dc:
68:c5:06:71:f5:e7:3f:d8:aa:97:8a:ca:7b:46:bd:e1:24:6c:
db:1b:2f:7d:58:53:5d:a9:1e:fb:54:09:34:b5:68:60:af:a5:
12:3a:d2:24:96:2c:f6:ef:70:27:dd:c0:32:db:0c:2b:50:13:
05:1f:03:24:ae:ca:7e:cd:55:e8:6e:5c:fd:f8:02:9e:21:84:
b9:c9:70:7a:c8:a4:f7:bc:c1:e4:2a:c0:7c:d5:c0:de:3f:54:
c2:3f:05:4e:af:70:d5:d7:19:aa:0a:5f:ec:95:ed:a1:29:83:
0b:e6:a5:1a:c9:3a:c9:43:2e:02:b0:08:61:ac:c6:da:f1:e8:
d3:6d:7b:dd:3d:fd:f2:07:d4:11:6e:3d:35:0f:60:70:cb:6c:
d3:ec:8a:48:b2:92:d2:ed:ae:b9:83:af:e9:f6:51:36:67:5f:
66:94:f0:58:88:45:dc:dd:42:e7:ba:04:17:df:12:42:b2:aa:
18:de:6a:9d:bd:1c:88:8d:6a:9c:59:80:fc:21:cc:09:0a:63:
d5:52:60:dc:f1:4a:ba:94:c1:ea:3d:db:56:92:fa:42:eb:c7:
b5:57:d8:16
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQcpMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE1MDEyMjMyWhcNMjcxMjEzMDEyMjMyWjAYMRYw
FAYDVQQDEw02Nzg3MGRkYy0yNjA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3ESBkA8Up1Qk6vuhRsG6+xMFlwLQZTRiI7RWsvOEFXSysFR0bld2mJYB
mtwcsOrBuKUBmEy1/tfEVB9iQWMG19AnJJP507WHKzgEimGZn807B2Mqp81f7bTR
rA+H1BlxAi3CbAd3Ald+ydZAVJexs31M98sqlkg+z5S0aBTtFKMOjAPQ4TlCdWsw
+VYIgy+mbcxJsfYX9qtwRNYWVMnraAP3NditwCse+84qJ5IHMX/pxIGdPC1DBJu5
n8bkmFK+afturO/o/7L/GBhhpmxROvEfCfrS1RQ2vcPr8NWwW3xf4SnI6eZjmDxN
V51qkaLYhEMPUrKWf6F0RS9p/sMR3wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKhf
7mYW6hIOjiNrFCY1ced9qyjLMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zM0VGNTk0RUQyREYxMUVGQjg1M0RENjc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPcZMA0GCSqGSIb3DQEBCwUA
A4IBAQAvDvd5dIpECUlBlUuVcIaeaxxfezwNdS8wtbSSB4TYQa3DodxoxQZx9ec/
2KqXisp7Rr3hJGzbGy99WFNdqR77VAk0tWhgr6USOtIkliz273An3cAy2wwrUBMF
HwMkrsp+zVXoblz9+AKeIYS5yXB6yKT3vMHkKsB81cDeP1TCPwVOr3DV1xmqCl/s
le2hKYML5qUayTrJQy4CsAhhrMba8ejTbXvdPf3yB9QRbj01D2Bwy2zT7IpIspLS
7a65g6/p9lE2Z19mlPBYiEXc3ULnugQX3xJCsqoY3mqdvRyIjWqcWYD8IcwJCmPV
UmDc8Uq6lMHqPdtWkvpC68e1V9gW
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:55:01 2025 by rpki-client