Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7EC72426CCAC11EFA736939A762E951A.roa
File: 7EC72426CCAC11EFA736939A762E951A.roa (raw, json)
Hash identifier: h8UlAQDnXBDm5R6K+zLffnRvCBys9vd9osteDOcCWKA=
Subject key identifier: 39:49:6F:9E:B2:2F:85:2B:BA:06:87:CD:52:7E:87:60:92:27:15:54
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F9D2
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7EC72426CCAC11EFA736939A762E951A.roa
Signing time: Tue 07 Jan 2025 04:04:31 +0000
ROA not before: Tue 07 Jan 2025 04:04:27 +0000
ROA not after: Mon 13 Dec 2027 04:04:27 +0000
asID: 17561
IP address blocks: 156.230.19.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63954 (0xf9d2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 04:04:27 2025 GMT
Not After : Dec 13 04:04:27 2027 GMT
Subject: CN=677ca7ce-da58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:db:99:86:54:fc:ba:b1:94:56:d5:cb:bf:75:
e6:7c:d1:b1:1a:28:72:08:de:bc:90:03:3b:27:5f:
f7:7f:e3:bc:82:d6:51:a3:a8:f9:6e:6d:a1:1e:5d:
08:a8:b9:0d:a3:d4:a6:ec:b5:16:c3:b4:b1:3f:9d:
12:62:5a:4f:0d:8f:54:7e:11:1b:45:d2:7c:21:ff:
53:bb:90:2d:aa:4f:0e:e4:a4:09:58:b3:a1:74:89:
ba:42:9e:d0:9b:5a:ff:01:4c:35:e8:97:1e:0e:af:
09:7f:50:e0:a8:a2:ba:17:e0:f2:f5:07:7a:57:fd:
20:fd:ca:6d:b2:13:30:9d:4c:53:90:96:95:33:79:
d7:70:99:2d:3f:bf:fb:ff:95:62:e7:90:fe:8e:11:
5b:c2:f9:97:8f:ce:8c:6a:fb:d2:ed:37:07:d5:a0:
03:6f:cd:ba:cf:84:37:c1:98:5b:65:d7:79:c0:b0:
c0:d5:a5:e9:db:2e:fc:bb:f1:95:3b:4a:e8:6c:1a:
b0:d6:57:7f:9c:03:b4:66:2e:d6:bb:51:89:29:fb:
88:5d:cd:fe:e1:c8:e2:eb:40:3d:34:2d:eb:93:eb:
9d:ca:33:94:fe:02:d3:fb:b5:43:cd:3d:9b:fe:bc:
1b:04:a2:b4:20:9e:d1:de:f3:94:86:34:71:cf:7d:
db:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:49:6F:9E:B2:2F:85:2B:BA:06:87:CD:52:7E:87:60:92:27:15:54
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7EC72426CCAC11EFA736939A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.230.19.0/24
Signature Algorithm: sha256WithRSAEncryption
53:d5:99:e9:69:43:39:1a:eb:ec:c0:cc:45:36:43:62:2f:5f:
6e:b0:37:ab:4e:58:29:f6:84:9e:0f:13:ea:4a:ed:ce:02:b7:
f1:49:77:e9:87:43:f2:ce:b4:32:f0:d3:b5:13:6e:cf:b0:1e:
56:a1:27:68:41:0e:c8:09:b2:c6:31:83:f8:70:e2:cd:89:3f:
47:d8:55:99:58:dd:1e:5b:f0:55:7a:d8:d9:a5:74:c7:e9:c0:
3b:53:cb:76:cd:19:87:fe:71:7e:c5:80:f7:0f:42:33:a7:2c:
f1:d2:32:a6:2d:87:17:46:bc:09:c4:a6:fd:ea:fb:3b:73:f6:
cf:5b:59:45:af:63:6a:a7:72:ba:fa:97:d9:d4:56:9e:40:fe:
df:65:f3:52:b8:fd:78:0a:0e:ad:56:f1:99:29:dd:41:c3:1b:
b4:a2:65:5b:94:96:8f:7c:a6:e7:36:32:71:e7:ef:df:ab:f7:
af:02:c8:eb:f7:d4:74:de:55:78:3b:83:f1:81:40:79:84:a4:
85:12:c6:9a:87:8c:22:09:92:ee:9c:6a:84:0a:fd:73:cc:02:
b0:2b:81:14:5f:a0:ec:ac:95:48:02:76:22:21:10:30:d6:4c:
e1:68:b6:39:53:00:da:0e:a7:b1:33:fb:1a:cb:ce:19:85:17:
7a:70:b9:d4
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPnSMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDQwNDI3WhcNMjcxMjEzMDQwNDI3WjAYMRYw
FAYDVQQDEw02NzdjYTdjZS1kYTU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApduZhlT8urGUVtXLv3XmfNGxGihyCN68kAM7J1/3f+O8gtZRo6j5bm2h
Hl0IqLkNo9Sm7LUWw7SxP50SYlpPDY9UfhEbRdJ8If9Tu5Atqk8O5KQJWLOhdIm6
Qp7Qm1r/AUw16JceDq8Jf1DgqKK6F+Dy9Qd6V/0g/cptshMwnUxTkJaVM3nXcJkt
P7/7/5Vi55D+jhFbwvmXj86MavvS7TcH1aADb826z4Q3wZhbZdd5wLDA1aXp2y78
u/GVO0robBqw1ld/nAO0Zi7Wu1GJKfuIXc3+4cji60A9NC3rk+udyjOU/gLT+7VD
zT2b/rwbBKK0IJ7R3vOUhjRxz33b0wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDlJ
b56yL4UrugaHzVJ+h2CSJxVUMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83RUM3MjQyNkNDQUMxMUVGQTczNjkzOUE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOYTMA0GCSqGSIb3DQEBCwUA
A4IBAQBT1ZnpaUM5GuvswMxFNkNiL19usDerTlgp9oSeDxPqSu3OArfxSXfph0Py
zrQy8NO1E27PsB5WoSdoQQ7ICbLGMYP4cOLNiT9H2FWZWN0eW/BVetjZpXTH6cA7
U8t2zRmH/nF+xYD3D0Izpyzx0jKmLYcXRrwJxKb96vs7c/bPW1lFr2Nqp3K6+pfZ
1FaeQP7fZfNSuP14Cg6tVvGZKd1Bwxu0omVblJaPfKbnNjJx5+/fq/evAsjr99R0
3lV4O4PxgUB5hKSFEsaah4wiCZLunGqECv1zzAKwK4EUX6DsrJVIAnYiIRAw1kzh
aLY5UwDaDqexM/say84ZhRd6cLnU
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:42:37 2025 by rpki-client