Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4F0607DCCCAE11EFA18999A5762E951A.roa
File: 4F0607DCCCAE11EFA18999A5762E951A.roa (raw, json)
Hash identifier: EEgdQRr98MFhT0yYXrxTpSrLWy4VUXs1pEL5BmFraug=
Subject key identifier: 6B:DA:9A:BE:55:F7:E1:E3:4C:8E:F1:CC:8B:82:0B:D2:FF:E2:D8:0F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F9E2
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4F0607DCCCAE11EFA18999A5762E951A.roa
Signing time: Tue 07 Jan 2025 04:17:29 +0000
ROA not before: Tue 07 Jan 2025 04:17:26 +0000
ROA not after: Mon 13 Dec 2027 04:17:26 +0000
asID: 17561
IP address blocks: 156.232.65.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63970 (0xf9e2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 04:17:26 2025 GMT
Not After : Dec 13 04:17:26 2027 GMT
Subject: CN=677caad9-a6c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:1b:a7:14:96:f0:90:e8:7e:6a:bf:42:c3:da:
52:34:10:f4:24:4f:0d:62:8b:cc:dd:25:c1:23:77:
3a:dd:b0:f3:f5:f3:f4:60:e0:ca:20:89:66:e6:55:
fa:07:ad:79:0f:19:3a:69:82:8f:c6:72:a5:68:a8:
47:9e:f0:89:71:be:74:94:8a:5d:75:fb:7f:54:7f:
c3:53:28:09:a1:93:9b:6d:8f:41:eb:d5:bc:e9:d4:
37:ba:f5:e6:2b:13:19:26:0c:64:3b:1b:62:c2:12:
84:21:61:6e:6d:2f:cd:b3:6e:96:90:83:97:d4:a4:
3f:57:0c:c4:5a:2f:23:16:f2:c2:3d:95:72:0b:95:
a6:41:d6:7f:96:6a:31:8d:40:6a:d6:9f:43:9f:4a:
b6:6e:c2:c4:81:9f:44:f8:ff:01:34:f0:6a:1b:ff:
a1:80:2f:0c:66:0c:cb:c4:65:b8:25:f0:b5:ee:2b:
6e:7c:8d:95:bf:3c:14:02:f1:1b:73:93:8d:64:23:
dc:3d:5b:b6:4a:2e:5a:0d:5f:a0:c1:57:e1:88:6a:
e0:2a:4e:eb:16:85:02:77:62:34:3d:55:23:02:e9:
89:11:df:1d:bc:eb:b7:d0:e0:3b:07:02:e0:b1:91:
58:3b:ea:dd:98:44:bf:8d:c8:e5:40:ae:5a:f5:45:
5d:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:DA:9A:BE:55:F7:E1:E3:4C:8E:F1:CC:8B:82:0B:D2:FF:E2:D8:0F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4F0607DCCCAE11EFA18999A5762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.232.65.0/24
Signature Algorithm: sha256WithRSAEncryption
38:13:37:06:f0:5b:05:86:25:7d:8b:77:9d:0f:a2:1f:0a:3f:
a7:1b:f2:bb:1d:2b:82:ed:9d:28:42:a6:1b:b6:1d:02:ec:9a:
6e:50:99:6b:a0:9b:0f:e8:f1:b7:ac:49:b4:99:3f:15:fe:50:
94:05:9f:61:b4:d6:1e:79:27:64:cd:dd:66:1f:91:c6:04:f7:
8b:10:82:30:60:f6:ff:d3:72:b4:c5:45:f7:73:eb:24:58:1b:
17:3a:77:ce:b3:a6:03:fd:84:83:ad:cd:fd:80:29:bd:38:4a:
56:cb:f9:2d:81:74:25:49:c1:f9:c1:2f:09:7a:d5:01:7c:62:
b2:a9:77:db:e7:a4:0b:b2:96:f5:97:d9:e6:7c:42:fb:98:64:
1b:8b:03:91:e3:8a:66:38:14:5e:91:de:27:f6:96:34:80:38:
b3:e0:89:e2:19:07:27:7b:a3:a9:fd:f2:f9:01:c6:fb:cc:e3:
33:b5:b7:4f:ca:8d:57:a0:38:72:da:04:10:48:ba:6b:5d:1a:
fe:d8:c8:48:18:64:28:58:e3:87:be:5a:0b:f9:f6:17:43:64:
9c:e1:ab:8c:07:f2:b5:f4:d9:2a:fd:e2:05:06:03:b7:36:a3:
68:0f:3d:5f:52:5c:cd:dc:76:46:82:a4:20:b5:bb:61:25:2a:
67:63:54:b8
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPniMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDQxNzI2WhcNMjcxMjEzMDQxNzI2WjAYMRYw
FAYDVQQDEw02NzdjYWFkOS1hNmM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApRunFJbwkOh+ar9Cw9pSNBD0JE8NYovM3SXBI3c63bDz9fP0YODKIIlm
5lX6B615Dxk6aYKPxnKlaKhHnvCJcb50lIpddft/VH/DUygJoZObbY9B69W86dQ3
uvXmKxMZJgxkOxtiwhKEIWFubS/Ns26WkIOX1KQ/VwzEWi8jFvLCPZVyC5WmQdZ/
lmoxjUBq1p9Dn0q2bsLEgZ9E+P8BNPBqG/+hgC8MZgzLxGW4JfC17itufI2VvzwU
AvEbc5ONZCPcPVu2Si5aDV+gwVfhiGrgKk7rFoUCd2I0PVUjAumJEd8dvOu30OA7
BwLgsZFYO+rdmES/jcjlQK5a9UVdTwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGva
mr5V9+HjTI7xzIuCC9L/4tgPMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80RjA2MDdEQ0NDQUUxMUVGQTE4OTk5QTU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOhBMA0GCSqGSIb3DQEBCwUA
A4IBAQA4EzcG8FsFhiV9i3edD6IfCj+nG/K7HSuC7Z0oQqYbth0C7JpuUJlroJsP
6PG3rEm0mT8V/lCUBZ9htNYeeSdkzd1mH5HGBPeLEIIwYPb/03K0xUX3c+skWBsX
OnfOs6YD/YSDrc39gCm9OEpWy/ktgXQlScH5wS8JetUBfGKyqXfb56QLspb1l9nm
fEL7mGQbiwOR44pmOBRekd4n9pY0gDiz4IniGQcne6Op/fL5Acb7zOMztbdPyo1X
oDhy2gQQSLprXRr+2MhIGGQoWOOHvloL+fYXQ2Sc4auMB/K19Nkq/eIFBgO3NqNo
Dz1fUlzN3HZGgqQgtbthJSpnY1S4
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:51:04 2025 by rpki-client