Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/41AF2076CCE211EFA657CD6D762E951A.roa
File: 41AF2076CCE211EFA657CD6D762E951A.roa (raw, json)
Hash identifier: hEqkZuXVQQvn0354Ob7NPuFRBit3jEDOhmMJWnSqsQE=
Subject key identifier: 34:92:20:23:B8:5A:B0:BA:99:98:2D:A1:17:34:09:2B:18:72:63:B5
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FBAD
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/41AF2076CCE211EFA657CD6D762E951A.roa
Signing time: Tue 07 Jan 2025 10:29:21 +0000
ROA not before: Tue 07 Jan 2025 10:29:17 +0000
ROA not after: Mon 13 Dec 2027 10:29:17 +0000
asID: 17561
IP address blocks: 156.233.235.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64429 (0xfbad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 10:29:17 2025 GMT
Not After : Dec 13 10:29:17 2027 GMT
Subject: CN=677d0201-bfd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:40:79:39:2f:e0:4e:c7:9f:8d:6a:2e:9d:e0:
43:0c:4f:6c:d4:1a:c3:c2:62:81:61:1e:c7:4c:3c:
01:47:28:d1:85:2b:ba:96:3a:0e:f6:fa:da:03:2b:
d9:9b:86:3e:e9:2f:e7:5f:e0:8d:e9:9e:0c:3a:b5:
cf:79:0c:5c:05:da:cd:cf:76:e0:a1:ec:bb:90:d9:
41:91:9b:d6:97:7b:1e:ea:78:c1:37:76:27:47:eb:
94:53:4a:78:b9:ed:98:79:b3:7c:f9:8a:04:b7:83:
30:70:b5:9f:95:f2:a1:25:04:53:c4:5d:48:d4:4a:
5d:7a:74:91:4b:72:35:f3:17:58:76:ae:4f:09:4a:
12:2c:84:23:84:07:e6:14:79:34:aa:6b:b1:ba:be:
2c:e9:01:c1:88:14:0a:9a:4f:8e:1e:0d:33:db:79:
da:b4:6f:20:f1:08:3b:3b:b3:03:a7:26:d6:4f:13:
7e:2b:ce:8d:52:69:b6:a0:48:0b:d6:ab:4d:b9:22:
da:e1:84:bf:77:b5:7a:4e:23:34:a9:e5:e0:01:8e:
39:3d:b4:89:83:a2:ee:eb:c1:01:39:9f:53:fc:3f:
f5:3d:f0:88:ea:c2:75:93:0b:7b:ce:1f:a7:fc:15:
20:96:f7:f8:83:ca:c5:c4:68:de:ce:15:78:32:6c:
47:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:92:20:23:B8:5A:B0:BA:99:98:2D:A1:17:34:09:2B:18:72:63:B5
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/41AF2076CCE211EFA657CD6D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.235.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:29:5a:89:40:4b:60:a7:d0:c7:41:0f:79:ab:74:ee:1b:f7:
ad:3c:9b:51:ee:72:12:aa:e4:ca:ac:7d:5c:e1:f3:a4:88:13:
e9:fc:db:dc:88:98:24:89:3b:4d:81:c4:1f:cb:82:d8:63:22:
42:14:b4:c4:e1:6f:b4:e5:cb:31:70:28:2d:96:46:01:5d:c9:
a8:18:8d:3e:ea:ca:95:cb:55:17:1b:3c:04:cc:cb:ba:78:09:
8b:d1:79:71:72:dd:e5:fc:47:b3:59:c7:6b:7d:88:0e:cc:b0:
0d:bd:65:b3:d2:60:eb:a2:93:54:a8:44:be:74:8e:11:2c:4e:
2e:b9:e1:6f:06:64:23:8d:0e:13:39:81:f8:ba:1e:ea:bb:e4:
40:86:e6:5e:ed:10:26:49:c7:4d:3e:03:fd:5b:81:28:fe:8b:
41:ec:4e:b4:a6:1f:62:cf:24:28:11:df:fb:e8:ec:17:4c:d9:
f5:43:56:13:2e:d3:91:f9:60:a8:22:09:9b:3a:16:e8:cd:f0:
23:16:85:15:0d:b9:3d:e4:ae:0a:1b:30:e8:d1:2e:4d:c2:2e:
6c:c6:77:b4:0b:32:5b:52:88:57:4e:21:cd:94:e7:c2:37:9b:
72:a5:d9:92:f5:16:f5:45:f1:c5:33:e3:1d:1c:0c:06:ad:e7:
8e:29:e2:b6
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPutMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTAyOTE3WhcNMjcxMjEzMTAyOTE3WjAYMRYw
FAYDVQQDEw02NzdkMDIwMS1iZmQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsUB5OS/gTsefjWouneBDDE9s1BrDwmKBYR7HTDwBRyjRhSu6ljoO9vra
AyvZm4Y+6S/nX+CN6Z4MOrXPeQxcBdrNz3bgoey7kNlBkZvWl3se6njBN3YnR+uU
U0p4ue2YebN8+YoEt4MwcLWflfKhJQRTxF1I1EpdenSRS3I18xdYdq5PCUoSLIQj
hAfmFHk0qmuxur4s6QHBiBQKmk+OHg0z23natG8g8Qg7O7MDpybWTxN+K86NUmm2
oEgL1qtNuSLa4YS/d7V6TiM0qeXgAY45PbSJg6Lu68EBOZ9T/D/1PfCI6sJ1kwt7
zh+n/BUglvf4g8rFxGjezhV4MmxH2wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDSS
ICO4WrC6mZgtoRc0CSsYcmO1MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80MUFGMjA3NkNDRTIxMUVGQTY1N0NENkQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOnrMA0GCSqGSIb3DQEBCwUA
A4IBAQBcKVqJQEtgp9DHQQ95q3TuG/etPJtR7nISquTKrH1c4fOkiBPp/NvciJgk
iTtNgcQfy4LYYyJCFLTE4W+05csxcCgtlkYBXcmoGI0+6sqVy1UXGzwEzMu6eAmL
0Xlxct3l/EezWcdrfYgOzLANvWWz0mDropNUqES+dI4RLE4uueFvBmQjjQ4TOYH4
uh7qu+RAhuZe7RAmScdNPgP9W4Eo/otB7E60ph9izyQoEd/76OwXTNn1Q1YTLtOR
+WCoIgmbOhbozfAjFoUVDbk95K4KGzDo0S5Nwi5sxne0CzJbUohXTiHNlOfCN5ty
pdmS9Rb1RfHFM+MdHAwGreeOKeK2
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:59:30 2025 by rpki-client