Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7F1FCE14C97311EF8F13FB98762E951A.roa
File: 7F1FCE14C97311EF8F13FB98762E951A.roa (raw, json)
Hash identifier: bBrRvWWvED2pg1ugkFrAQhDdwB9sq+m4RNyBow0Vvs0=
Subject key identifier: 79:CE:89:EE:05:C0:25:83:67:62:CC:A5:16:84:9D:A4:96:63:98:B7
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F4CD
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7F1FCE14C97311EF8F13FB98762E951A.roa
Signing time: Fri 03 Jan 2025 01:38:56 +0000
ROA not before: Fri 03 Jan 2025 01:38:53 +0000
ROA not after: Mon 13 Dec 2027 01:38:53 +0000
asID: 17561
IP address blocks: 156.227.88.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62669 (0xf4cd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 01:38:53 2025 GMT
Not After : Dec 13 01:38:53 2027 GMT
Subject: CN=67773fb0-0893
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:8f:81:d3:4f:ac:22:82:4d:5c:3a:b2:67:c8:
74:58:8c:dd:66:79:a1:37:d2:36:2d:d7:58:79:e2:
ff:dd:c1:2d:04:a3:a2:78:66:0e:68:6a:78:d6:e3:
63:e3:f0:71:04:58:23:31:d9:44:23:15:3b:36:30:
db:1f:3e:6b:90:4c:1b:b6:c8:b8:54:b0:d0:9a:89:
77:86:48:f0:d4:35:38:bd:3c:59:cf:54:22:d9:23:
3f:fc:11:eb:8e:d5:c0:10:02:6a:d3:77:c6:02:8a:
a5:06:c8:b8:e2:0b:2a:1d:3e:64:58:13:d1:4a:2c:
bc:31:3d:69:76:60:cb:07:31:64:4d:13:e2:80:6f:
23:b6:73:d8:b5:a4:d7:76:ca:95:6b:8f:17:c5:0d:
18:4e:f1:42:c3:5a:93:2b:e8:91:4d:7a:b3:fb:6b:
d2:03:0b:51:75:11:de:58:46:2f:6e:5b:12:52:cf:
dd:6f:c0:fd:9f:0b:f7:3a:64:7c:bd:5b:1b:56:23:
ec:c5:ab:f5:1e:70:39:86:2f:9f:ce:9c:c2:e7:4f:
82:7e:68:df:7d:0f:81:2a:ce:f7:da:57:be:78:46:
7e:63:e5:5d:90:99:c6:e5:a2:c4:7b:45:56:e2:5c:
7b:dd:4d:70:e6:fc:98:89:51:e6:9f:6e:90:d2:c1:
db:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:CE:89:EE:05:C0:25:83:67:62:CC:A5:16:84:9D:A4:96:63:98:B7
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7F1FCE14C97311EF8F13FB98762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.88.0/24
Signature Algorithm: sha256WithRSAEncryption
63:a3:89:81:66:3c:cb:93:43:24:49:dc:04:4b:9f:5f:6e:84:
61:1a:b2:9d:a2:d0:3b:bf:71:d5:2b:c6:91:48:02:c3:78:84:
87:91:1d:08:2d:d8:49:b1:33:02:ad:c4:e0:a8:df:0a:08:ff:
1c:9a:0f:eb:16:1a:06:da:93:36:e0:8e:21:44:a6:11:4c:e4:
97:cc:68:49:05:51:41:0c:40:ef:56:f4:76:16:97:e1:38:bc:
f2:2d:9f:c9:fc:2a:f0:ca:f2:2f:25:a3:24:e8:39:f6:9f:3c:
07:75:c6:86:26:d3:b3:9d:14:29:d0:ba:5b:f7:67:c6:a8:67:
10:fe:c6:5f:98:eb:41:fb:f6:35:6c:62:07:72:89:53:6b:05:
a1:ed:1b:f8:4b:31:22:5c:45:b5:bb:de:88:e8:9f:5c:da:7e:
49:a4:bb:a2:cf:e7:45:e1:8d:2c:98:c1:0b:8f:54:9e:c4:3b:
48:85:0f:3e:8f:c3:69:30:30:75:75:50:9e:65:b2:d7:89:a3:
c3:cf:52:7b:07:ba:0d:c2:24:ea:e6:a4:6a:f1:85:c6:de:21:
10:5e:07:7a:3b:84:89:b4:23:a5:35:43:5b:f5:a4:f9:22:f9:
01:67:b3:4a:b3:a0:68:5b:7d:b5:dc:c4:b4:d2:34:5b:bd:a0:
76:ae:9b:e2
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPTNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDEzODUzWhcNMjcxMjEzMDEzODUzWjAYMRYw
FAYDVQQDEw02Nzc3M2ZiMC0wODkzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5o+B00+sIoJNXDqyZ8h0WIzdZnmhN9I2LddYeeL/3cEtBKOieGYOaGp4
1uNj4/BxBFgjMdlEIxU7NjDbHz5rkEwbtsi4VLDQmol3hkjw1DU4vTxZz1Qi2SM/
/BHrjtXAEAJq03fGAoqlBsi44gsqHT5kWBPRSiy8MT1pdmDLBzFkTRPigG8jtnPY
taTXdsqVa48XxQ0YTvFCw1qTK+iRTXqz+2vSAwtRdRHeWEYvblsSUs/db8D9nwv3
OmR8vVsbViPsxav1HnA5hi+fzpzC50+CfmjffQ+BKs732le+eEZ+Y+VdkJnG5aLE
e0VW4lx73U1w5vyYiVHmn26Q0sHb1wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHnO
ie4FwCWDZ2LMpRaEnaSWY5i3MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83RjFGQ0UxNEM5NzMxMUVGOEYxM0ZCOTg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnONYMA0GCSqGSIb3DQEBCwUA
A4IBAQBjo4mBZjzLk0MkSdwES59fboRhGrKdotA7v3HVK8aRSALDeISHkR0ILdhJ
sTMCrcTgqN8KCP8cmg/rFhoG2pM24I4hRKYRTOSXzGhJBVFBDEDvVvR2FpfhOLzy
LZ/J/CrwyvIvJaMk6Dn2nzwHdcaGJtOznRQp0Lpb92fGqGcQ/sZfmOtB+/Y1bGIH
colTawWh7Rv4SzEiXEW1u96I6J9c2n5JpLuiz+dF4Y0smMELj1SexDtIhQ8+j8Np
MDB1dVCeZbLXiaPDz1J7B7oNwiTq5qRq8YXG3iEQXgd6O4SJtCOlNUNb9aT5IvkB
Z7NKs6BoW3213MS00jRbvaB2rpvi
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:01:29 2025 by rpki-client