Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/535041F8CCE611EFB9E48E87762E951A.roa
File: 535041F8CCE611EFB9E48E87762E951A.roa (raw, json)
Hash identifier: iUYt/haB6BZ/5vi7/SJscW9VNVeIHwxHRZbmkurw3gk=
Subject key identifier: DC:C5:46:A8:E0:EF:8F:84:D9:B1:FD:83:6A:E0:58:F0:68:F6:B6:52
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FBD1
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/535041F8CCE611EFB9E48E87762E951A.roa
Signing time: Tue 07 Jan 2025 10:58:28 +0000
ROA not before: Tue 07 Jan 2025 10:58:25 +0000
ROA not after: Mon 13 Dec 2027 10:58:25 +0000
asID: 17561
IP address blocks: 156.233.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64465 (0xfbd1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 10:58:25 2025 GMT
Not After : Dec 13 10:58:25 2027 GMT
Subject: CN=677d08d4-a8c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:40:99:7d:54:26:4a:09:3c:e0:4c:ad:bc:13:
09:de:90:b3:c5:f4:5d:99:5e:ae:35:a3:5e:81:9b:
f5:f9:c6:3b:66:31:8e:b3:3f:c9:4a:d6:c6:0b:34:
0a:04:46:38:06:f5:18:27:80:2b:33:fd:0b:d0:58:
75:0b:ac:a6:b5:e0:14:a9:84:64:92:0d:9c:a5:d6:
0f:80:1a:e2:0e:84:4f:d9:12:c0:04:69:62:f8:58:
57:a3:67:b2:cd:30:7c:95:30:20:3d:3e:e5:36:8b:
d3:b5:43:fc:15:9b:65:83:9e:29:86:e2:41:a8:0e:
77:52:73:6c:69:68:7e:20:26:5a:fe:af:35:f8:8b:
11:09:4d:e6:15:2f:9b:f0:39:2d:99:e1:96:c2:c0:
3e:59:fa:4e:eb:57:c4:20:c6:af:44:99:b2:b6:9d:
7a:ba:2f:ef:a5:b9:2f:e3:9f:49:67:ff:4a:7d:71:
16:e2:2d:b1:00:7b:97:1e:b9:af:61:c7:23:f9:6d:
20:15:22:1f:52:3e:72:f2:31:d6:f1:f1:7e:18:ad:
a2:89:f6:4c:8a:7c:b2:ad:42:0d:cc:49:b6:0d:23:
d7:f0:01:7b:f7:85:57:43:1a:31:3a:80:c0:ce:c4:
b4:6c:df:4b:34:a1:fb:62:7f:d1:a5:02:f1:85:30:
6c:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:C5:46:A8:E0:EF:8F:84:D9:B1:FD:83:6A:E0:58:F0:68:F6:B6:52
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/535041F8CCE611EFB9E48E87762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.255.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:39:31:62:04:8e:da:45:8e:6c:a9:66:76:82:cd:52:de:54:
d4:da:48:b8:ab:ac:6e:82:46:dc:ba:5b:fc:4b:24:ef:e1:03:
13:13:f9:d7:59:e4:66:e9:47:0a:9c:30:98:2a:8f:c0:36:a8:
f3:d7:e4:71:0a:b9:fe:44:2d:66:72:5d:9f:1d:66:10:e1:4e:
70:74:36:e2:d6:0a:5f:88:36:13:5a:03:49:a1:84:db:76:8c:
27:93:dc:be:51:ab:2d:f7:f1:05:8a:50:97:af:48:f4:8e:f0:
2f:ed:2e:d3:da:c5:b4:63:1d:00:61:dd:33:66:e1:a1:94:4c:
94:d0:39:39:45:e9:38:09:8c:d8:57:40:f2:95:6b:d1:7a:cc:
f5:44:eb:ba:16:17:36:29:ed:c1:18:04:7c:38:24:92:13:b0:
9f:93:73:a7:81:2c:b9:85:6a:c6:80:7c:38:74:4b:55:c5:c6:
55:11:0b:af:20:db:b8:f6:a9:46:1b:ac:f2:6f:4d:34:25:dc:
2d:36:62:18:0e:71:28:85:ac:ce:5d:0e:47:ad:86:a4:1f:42:
4e:08:84:43:e2:0f:cb:8b:14:a2:64:f5:35:8e:08:f8:2b:e5:
b7:6c:20:a9:0b:4a:f2:2f:8b:1c:29:cd:84:c7:4d:01:1b:f1:
37:1f:e9:02
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPvRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTA1ODI1WhcNMjcxMjEzMTA1ODI1WjAYMRYw
FAYDVQQDEw02NzdkMDhkNC1hOGMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0ECZfVQmSgk84EytvBMJ3pCzxfRdmV6uNaNegZv1+cY7ZjGOsz/JStbG
CzQKBEY4BvUYJ4ArM/0L0Fh1C6ymteAUqYRkkg2cpdYPgBriDoRP2RLABGli+FhX
o2eyzTB8lTAgPT7lNovTtUP8FZtlg54phuJBqA53UnNsaWh+ICZa/q81+IsRCU3m
FS+b8DktmeGWwsA+WfpO61fEIMavRJmytp16ui/vpbkv459JZ/9KfXEW4i2xAHuX
HrmvYccj+W0gFSIfUj5y8jHW8fF+GK2iifZMinyyrUINzEm2DSPX8AF794VXQxox
OoDAzsS0bN9LNKH7Yn/RpQLxhTBsBQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNzF
Rqjg74+E2bH9g2rgWPBo9rZSMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81MzUwNDFGOENDRTYxMUVGQjlFNDhFODc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOn/MA0GCSqGSIb3DQEBCwUA
A4IBAQAcOTFiBI7aRY5sqWZ2gs1S3lTU2ki4q6xugkbculv8SyTv4QMTE/nXWeRm
6UcKnDCYKo/ANqjz1+RxCrn+RC1mcl2fHWYQ4U5wdDbi1gpfiDYTWgNJoYTbdown
k9y+Uast9/EFilCXr0j0jvAv7S7T2sW0Yx0AYd0zZuGhlEyU0Dk5Rek4CYzYV0Dy
lWvResz1ROu6Fhc2Ke3BGAR8OCSSE7Cfk3OngSy5hWrGgHw4dEtVxcZVEQuvINu4
9qlGG6zyb000JdwtNmIYDnEohazOXQ5HrYakH0JOCIRD4g/LixSiZPU1jgj4K+W3
bCCpC0ryL4scKc2Ex00BG/E3H+kC
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:44:47 2025 by rpki-client