Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/56F4CA00CCDB11EFBD133944762E951A.roa
File: 56F4CA00CCDB11EFBD133944762E951A.roa (raw, json)
Hash identifier: 0pgTjyQUE4l6phkn+bCEiOyouY3nfybmce2nqmf3950=
Subject key identifier: CC:DE:3C:8F:D4:A7:45:35:EF:02:2D:F0:AF:5E:67:ED:D6:E9:06:5E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FB5D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/56F4CA00CCDB11EFBD133944762E951A.roa
Signing time: Tue 07 Jan 2025 09:39:50 +0000
ROA not before: Tue 07 Jan 2025 09:39:46 +0000
ROA not after: Mon 13 Dec 2027 09:39:46 +0000
asID: 17561
IP address blocks: 156.233.201.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64349 (0xfb5d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 09:39:46 2025 GMT
Not After : Dec 13 09:39:46 2027 GMT
Subject: CN=677cf666-a60a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:7f:1e:87:ea:6b:6d:c5:70:57:74:7a:0d:25:
c7:88:61:c0:d8:5a:c1:0b:d4:5f:d2:d4:02:54:e6:
c1:d5:07:f1:10:c8:6f:ae:44:f3:83:04:b5:83:20:
7e:41:6c:d3:1b:6d:23:77:5a:b3:14:24:27:5e:a0:
8e:74:7b:ed:56:6e:70:48:ed:57:73:47:29:e2:77:
66:fc:b6:9c:29:ef:f3:11:f9:c7:25:b4:f0:2d:3a:
ac:49:dd:39:b4:ec:94:62:45:75:59:89:d4:50:aa:
7d:95:40:a6:62:1f:72:fb:ca:57:17:78:fa:36:48:
f0:fa:95:79:79:cc:2e:1e:a6:14:34:c5:c9:29:8f:
eb:9a:a1:f0:b4:09:0e:14:63:56:00:dc:0e:05:17:
30:d0:5c:20:a6:64:a8:e9:de:d5:1d:58:54:27:be:
9f:e4:8d:d5:e9:f0:5c:f4:16:07:b6:d6:9a:46:e1:
70:4b:c5:07:2f:aa:97:83:70:cf:fb:95:83:a1:b4:
83:86:e5:32:53:16:28:be:44:d1:45:8c:d6:bf:a6:
a2:2b:18:89:5d:5a:0b:be:3b:ff:a2:25:f9:c4:55:
e7:23:16:ae:23:d2:b7:ef:0d:7e:d7:a0:c0:93:25:
f3:15:2c:7a:fe:7b:3e:d8:81:75:06:b9:56:bf:7b:
03:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:DE:3C:8F:D4:A7:45:35:EF:02:2D:F0:AF:5E:67:ED:D6:E9:06:5E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/56F4CA00CCDB11EFBD133944762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.201.0/24
Signature Algorithm: sha256WithRSAEncryption
17:62:e9:a0:d1:f7:52:f4:63:1a:aa:c5:b3:52:52:06:ec:7b:
c5:e4:59:49:11:9b:9c:3a:f9:4b:75:81:8c:a0:53:fd:27:79:
71:a5:d3:c9:d0:11:12:a0:89:c6:d6:18:bf:08:97:d9:d3:ef:
38:37:e9:f1:aa:6e:5a:66:d7:8e:57:41:44:35:3c:b2:eb:a4:
4f:c5:93:ad:57:95:e6:05:b6:1d:62:6f:13:66:13:33:79:34:
a6:e5:34:e1:d9:14:01:fc:e0:d3:44:bb:cd:12:47:01:9f:4c:
3a:b0:ae:1e:b8:3d:e5:ff:01:38:b6:61:5d:4e:e8:79:d0:3e:
26:ec:f8:d2:45:d6:80:46:a6:51:07:fe:8d:38:63:60:68:57:
b7:e5:30:50:b7:29:29:84:d8:06:b2:e5:2f:bd:37:c8:3d:cc:
95:0e:d4:e0:8c:f0:bf:0e:e8:51:cb:b3:c2:91:93:b6:47:36:
0c:09:aa:bb:05:c8:53:20:da:8a:56:36:eb:8b:b6:f4:33:1a:
5d:59:2f:a3:ac:17:03:c3:1f:92:f3:5d:1c:ed:53:25:eb:5f:
a0:7a:7b:2b:8d:74:10:0a:d5:d1:cf:54:45:eb:b4:c1:b4:2c:
bf:77:12:cd:b9:c7:54:5e:1a:5a:b5:1e:d3:d9:f5:9b:3e:97:
41:78:aa:20
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPtdMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDkzOTQ2WhcNMjcxMjEzMDkzOTQ2WjAYMRYw
FAYDVQQDEw02NzdjZjY2Ni1hNjBhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAq38eh+prbcVwV3R6DSXHiGHA2FrBC9Rf0tQCVObB1QfxEMhvrkTzgwS1
gyB+QWzTG20jd1qzFCQnXqCOdHvtVm5wSO1Xc0cp4ndm/LacKe/zEfnHJbTwLTqs
Sd05tOyUYkV1WYnUUKp9lUCmYh9y+8pXF3j6Nkjw+pV5ecwuHqYUNMXJKY/rmqHw
tAkOFGNWANwOBRcw0FwgpmSo6d7VHVhUJ76f5I3V6fBc9BYHttaaRuFwS8UHL6qX
g3DP+5WDobSDhuUyUxYovkTRRYzWv6aiKxiJXVoLvjv/oiX5xFXnIxauI9K37w1+
16DAkyXzFSx6/ns+2IF1BrlWv3sDFwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMze
PI/Up0U17wIt8K9eZ+3W6QZeMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81NkY0Q0EwMENDREIxMUVGQkQxMzM5NDQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOnJMA0GCSqGSIb3DQEBCwUA
A4IBAQAXYumg0fdS9GMaqsWzUlIG7HvF5FlJEZucOvlLdYGMoFP9J3lxpdPJ0BES
oInG1hi/CJfZ0+84N+nxqm5aZteOV0FENTyy66RPxZOtV5XmBbYdYm8TZhMzeTSm
5TTh2RQB/ODTRLvNEkcBn0w6sK4euD3l/wE4tmFdTuh50D4m7PjSRdaARqZRB/6N
OGNgaFe35TBQtykphNgGsuUvvTfIPcyVDtTgjPC/DuhRy7PCkZO2RzYMCaq7BchT
INqKVjbri7b0MxpdWS+jrBcDwx+S810c7VMl61+gensrjXQQCtXRz1RF67TBtCy/
dxLNucdUXhpatR7T2fWbPpdBeKog
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:52:41 2025 by rpki-client