Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/475C5BC8CD1A11EF806BC34F762E951A.roa
File: 475C5BC8CD1A11EF806BC34F762E951A.roa (raw, json)
Hash identifier: 2FLXvKrQeeAsGTEekXgPPfVtQchAsj7JvCzx5wxFJcQ=
Subject key identifier: 72:F0:AE:0B:3D:1B:6E:7F:6E:63:FE:C5:B7:48:E9:AB:90:88:2E:79
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FD3D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/475C5BC8CD1A11EF806BC34F762E951A.roa
Signing time: Tue 07 Jan 2025 17:10:22 +0000
ROA not before: Tue 07 Jan 2025 17:10:19 +0000
ROA not after: Mon 13 Dec 2027 17:10:19 +0000
asID: 17561
IP address blocks: 156.241.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64829 (0xfd3d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 17:10:19 2025 GMT
Not After : Dec 13 17:10:19 2027 GMT
Subject: CN=677d5ffe-f2e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:50:54:c0:38:92:18:80:b8:25:26:54:ba:cb:
65:c8:e7:dc:95:90:6d:a5:b5:e7:23:1d:c6:c9:05:
ba:2a:b6:89:5f:5f:23:a4:95:1c:a0:c6:40:ff:66:
90:3f:eb:80:e6:60:71:d2:78:2b:c3:70:62:fe:9e:
01:3b:27:7f:a5:6d:99:3b:36:46:a0:c3:44:a7:0d:
cc:7d:d9:67:2e:36:f5:3b:3d:e2:8b:73:e4:af:de:
28:fd:a1:de:e4:24:27:82:67:9e:f2:5b:c5:ea:9d:
3f:bf:de:ad:77:78:72:ea:8a:89:bd:e3:d3:76:fb:
ba:0c:ab:17:9c:90:91:54:76:ee:71:cb:08:c8:94:
9c:2f:8c:04:61:df:43:9d:46:2e:95:df:e0:90:a0:
c6:ab:5e:32:69:45:2f:64:35:bb:fa:e5:4e:db:be:
76:51:58:24:d5:58:c9:92:63:be:6f:40:08:ec:5e:
93:08:9e:c6:1a:dd:4d:87:ae:1e:8f:36:62:16:d1:
96:6f:23:68:a2:bc:f7:7d:cc:4b:a0:96:fa:bb:b6:
bc:0e:c4:46:54:55:7a:88:0a:6a:31:bc:81:a8:34:
79:f3:71:b6:6d:59:cc:bb:ae:d7:44:8a:43:f4:0a:
ff:57:db:50:7a:b3:c1:06:70:df:13:e1:91:7c:39:
24:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:F0:AE:0B:3D:1B:6E:7F:6E:63:FE:C5:B7:48:E9:AB:90:88:2E:79
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/475C5BC8CD1A11EF806BC34F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.241.35.0/24
Signature Algorithm: sha256WithRSAEncryption
49:89:16:ad:92:b2:ab:17:38:ab:87:bc:ba:8f:8a:a8:93:51:
16:bd:82:e4:8d:94:55:d9:3e:9c:cb:cc:32:8d:65:34:bc:46:
03:0e:16:9d:f3:64:77:bb:2f:fa:aa:5f:e2:bd:98:69:51:12:
32:2c:ab:2c:a0:35:38:23:e9:6c:6e:28:ae:53:5a:bc:68:1e:
c9:6e:9d:22:0a:06:7a:1a:e6:dd:b8:7b:0f:af:a6:d7:6e:0d:
ec:33:f9:74:35:39:bc:91:c8:47:72:95:08:52:8e:1c:29:e5:
9c:c4:f2:4c:ad:83:ac:92:af:e8:84:54:b4:4d:6f:43:ca:94:
84:4b:fd:ae:3e:1c:ce:31:a0:e5:36:5e:2a:ec:fc:5b:60:4a:
0a:b5:de:d1:d3:f4:7c:b6:ee:c5:e0:fc:0c:59:e6:91:d3:ab:
e7:3b:31:4b:8c:19:08:b7:c7:ac:bf:07:b3:fb:34:10:34:43:
a5:59:d6:fc:e4:9c:eb:df:05:cc:6c:14:ac:eb:05:2c:e1:7d:
47:9e:60:ff:97:8c:d7:5b:68:18:db:9d:13:9f:28:38:1b:42:
b5:f3:6d:a5:4d:f2:51:81:3b:93:28:f5:48:99:e8:a1:3f:f4:
ce:2e:01:fe:17:c3:30:c7:35:d3:41:36:79:06:98:38:6f:e8:
65:f2:e7:5d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP09MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTcxMDE5WhcNMjcxMjEzMTcxMDE5WjAYMRYw
FAYDVQQDEw02NzdkNWZmZS1mMmUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAn1BUwDiSGIC4JSZUustlyOfclZBtpbXnIx3GyQW6KraJX18jpJUcoMZA
/2aQP+uA5mBx0ngrw3Bi/p4BOyd/pW2ZOzZGoMNEpw3MfdlnLjb1Oz3ii3Pkr94o
/aHe5CQngmee8lvF6p0/v96td3hy6oqJvePTdvu6DKsXnJCRVHbuccsIyJScL4wE
Yd9DnUYuld/gkKDGq14yaUUvZDW7+uVO2752UVgk1VjJkmO+b0AI7F6TCJ7GGt1N
h64ejzZiFtGWbyNoorz3fcxLoJb6u7a8DsRGVFV6iApqMbyBqDR583G2bVnMu67X
RIpD9Ar/V9tQerPBBnDfE+GRfDkkGwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHLw
rgs9G25/bmP+xbdI6auQiC55MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80NzVDNUJDOENEMUExMUVGODA2QkMzNEY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPEjMA0GCSqGSIb3DQEBCwUA
A4IBAQBJiRatkrKrFzirh7y6j4qok1EWvYLkjZRV2T6cy8wyjWU0vEYDDhad82R3
uy/6ql/ivZhpURIyLKssoDU4I+lsbiiuU1q8aB7Jbp0iCgZ6GubduHsPr6bXbg3s
M/l0NTm8kchHcpUIUo4cKeWcxPJMrYOskq/ohFS0TW9DypSES/2uPhzOMaDlNl4q
7PxbYEoKtd7R0/R8tu7F4PwMWeaR06vnOzFLjBkIt8esvwez+zQQNEOlWdb85Jzr
3wXMbBSs6wUs4X1HnmD/l4zXW2gY250Tnyg4G0K1822lTfJRgTuTKPVImeihP/TO
LgH+F8MwxzXTQTZ5Bpg4b+hl8udd
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:44:31 2025 by rpki-client