Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7C1B9A00CCE211EF870BEC6F762E951A.roa
File: 7C1B9A00CCE211EF870BEC6F762E951A.roa (raw, json)
Hash identifier: Jv8VgceRHgSuaKWk7taYuPYSSAcaWrs95XOHvodJ5Xg=
Subject key identifier: 9F:19:A4:9D:96:63:8B:C0:5D:86:D3:23:C6:63:83:92:39:08:34:4A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FBAF
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7C1B9A00CCE211EF870BEC6F762E951A.roa
Signing time: Tue 07 Jan 2025 10:30:59 +0000
ROA not before: Tue 07 Jan 2025 10:30:55 +0000
ROA not after: Sat 13 Dec 2025 10:30:55 +0000
asID: 984
IP address blocks: 156.233.236.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64431 (0xfbaf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 10:30:55 2025 GMT
Not After : Dec 13 10:30:55 2025 GMT
Subject: CN=677d0263-3ee8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:0b:58:52:71:43:70:ff:64:f4:5d:7a:9a:0d:
a5:71:e8:7b:c3:f7:6a:ff:44:86:eb:1c:29:3f:62:
93:d6:2b:57:80:2d:cf:61:1d:f7:76:21:24:42:4a:
45:1a:06:da:65:67:85:1b:30:df:ab:24:bf:0b:03:
a3:c3:3e:f5:06:63:ce:d0:9d:77:e5:7f:dc:0a:ee:
96:1c:76:b1:36:17:37:c7:61:07:35:84:dd:b6:64:
9a:f8:a8:5e:63:ff:6a:43:73:89:54:92:2c:0b:07:
67:20:e2:45:17:1a:16:fb:7d:30:d1:d0:29:33:bf:
20:2b:47:56:b2:37:7b:2b:29:59:fe:c7:59:67:6d:
a7:d9:51:75:34:38:92:5a:92:9c:3b:e8:bf:85:57:
00:3f:a3:8a:d4:73:70:7c:6d:ca:29:26:06:74:62:
1f:b6:5a:49:dd:1a:a4:6c:2c:04:13:22:26:86:b6:
95:4d:53:f3:37:5e:45:72:39:f7:e9:c9:b0:80:5b:
c1:36:9a:a8:26:e2:2d:c0:43:30:e5:f2:f9:5c:13:
a0:0b:79:98:5b:4b:aa:50:72:5c:67:a8:ba:3c:9e:
2c:a8:49:ef:3e:e1:9b:e9:60:47:eb:1d:cf:b2:e1:
2d:d2:1b:ef:78:fe:c9:de:3a:dd:03:ff:cc:e5:46:
98:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:19:A4:9D:96:63:8B:C0:5D:86:D3:23:C6:63:83:92:39:08:34:4A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7C1B9A00CCE211EF870BEC6F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.236.0/24
Signature Algorithm: sha256WithRSAEncryption
26:a6:80:fc:8a:69:69:a0:ee:57:f7:5c:5e:1c:eb:90:3b:8c:
8f:b4:d0:54:85:cb:dd:a0:8e:a3:62:58:f7:ec:ae:5a:b1:27:
ff:c2:1b:53:2a:f9:70:9a:eb:b1:53:c0:6b:bd:d3:d8:41:e1:
78:a1:a4:4e:ba:c0:fc:1d:ed:06:c8:c1:6f:a0:b2:92:6f:7d:
87:5c:b7:f9:92:c7:b9:98:0f:13:b0:3e:00:3a:ab:b7:52:34:
3c:17:e8:6d:27:fc:04:c0:15:a4:7d:f7:c2:3d:8b:8e:12:50:
59:be:09:21:fd:e6:56:61:0d:13:bf:67:05:e8:7f:21:f8:55:
53:b5:8f:5d:97:b9:91:b1:c0:06:76:23:19:a6:54:da:14:58:
e2:03:01:a1:d5:93:32:28:47:11:39:ca:b2:f4:ff:e5:9c:25:
32:44:7d:8e:5a:a1:ac:86:ae:4d:bd:d2:19:62:2a:d1:fe:48:
53:a2:75:89:a1:57:5a:9d:8a:d9:e3:df:4e:00:01:98:05:d5:
43:00:5f:21:42:64:e7:8a:e6:62:ea:33:c6:bb:86:d8:88:b4:
fa:98:4d:a8:13:6e:5e:9f:1e:8f:a0:b0:3b:c9:0f:02:aa:36:
cf:4d:36:d4:2c:ca:77:07:e2:60:38:76:4b:a2:a1:58:3c:1d:
ee:38:1a:8c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPuvMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTAzMDU1WhcNMjUxMjEzMTAzMDU1WjAYMRYw
FAYDVQQDEw02NzdkMDI2My0zZWU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuwtYUnFDcP9k9F16mg2lceh7w/dq/0SG6xwpP2KT1itXgC3PYR33diEk
QkpFGgbaZWeFGzDfqyS/CwOjwz71BmPO0J135X/cCu6WHHaxNhc3x2EHNYTdtmSa
+KheY/9qQ3OJVJIsCwdnIOJFFxoW+30w0dApM78gK0dWsjd7KylZ/sdZZ22n2VF1
NDiSWpKcO+i/hVcAP6OK1HNwfG3KKSYGdGIftlpJ3RqkbCwEEyImhraVTVPzN15F
cjn36cmwgFvBNpqoJuItwEMw5fL5XBOgC3mYW0uqUHJcZ6i6PJ4sqEnvPuGb6WBH
6x3PsuEt0hvveP7J3jrdA//M5UaYYQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJ8Z
pJ2WY4vAXYbTI8Zjg5I5CDRKMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83QzFCOUEwMENDRTIxMUVGODcwQkVDNkY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOnsMA0GCSqGSIb3DQEBCwUA
A4IBAQAmpoD8imlpoO5X91xeHOuQO4yPtNBUhcvdoI6jYlj37K5asSf/whtTKvlw
muuxU8BrvdPYQeF4oaROusD8He0GyMFvoLKSb32HXLf5kse5mA8TsD4AOqu3UjQ8
F+htJ/wEwBWkfffCPYuOElBZvgkh/eZWYQ0Tv2cF6H8h+FVTtY9dl7mRscAGdiMZ
plTaFFjiAwGh1ZMyKEcROcqy9P/lnCUyRH2OWqGshq5NvdIZYirR/khTonWJoVda
nYrZ499OAAGYBdVDAF8hQmTniuZi6jPGu4bYiLT6mE2oE25enx6PoLA7yQ8CqjbP
TTbULMp3B+JgOHZLoqFYPB3uOBqM
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:51:28 2025 by rpki-client