Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7F378D74CCCF11EFA3A7B277762E951A.roa
File: 7F378D74CCCF11EFA3A7B277762E951A.roa (raw, json)
Hash identifier: aHXkrlN4Ow79dVYGC3M1xEeGxUZOE4DgdCadD/0rERc=
Subject key identifier: 65:F4:25:E0:A5:40:2E:2E:1F:1A:E3:98:CF:5B:82:DE:0D:2A:9E:4B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FAB1
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7F378D74CCCF11EFA3A7B277762E951A.roa
Signing time: Tue 07 Jan 2025 08:15:04 +0000
ROA not before: Tue 07 Jan 2025 08:15:00 +0000
ROA not after: Mon 13 Dec 2027 08:15:00 +0000
asID: 17561
IP address blocks: 156.233.144.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64177 (0xfab1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 08:15:00 2025 GMT
Not After : Dec 13 08:15:00 2027 GMT
Subject: CN=677ce288-0971
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:56:f4:c0:fc:8c:c1:09:b7:2c:cf:3e:04:51:
a3:fa:5b:5f:47:19:d9:21:1e:94:df:9c:b6:78:93:
ab:86:8b:2a:1a:e7:5d:f7:ff:03:36:1b:2e:44:ea:
7e:74:62:98:0c:17:39:b6:5f:ca:03:79:66:89:2a:
13:41:e8:80:01:ca:cd:ec:3c:6c:2d:08:ab:d2:ce:
83:00:62:a6:55:d3:2d:9b:33:de:e5:44:08:c0:cd:
38:44:46:24:d0:ce:16:cf:55:51:06:89:94:81:3e:
14:03:f6:09:8a:2c:fb:71:f9:e9:7c:93:23:66:af:
a7:57:77:b7:7c:6a:48:c8:fc:7e:33:09:6d:f3:8c:
24:a6:df:51:45:6c:56:82:b5:2b:10:d9:50:5b:b1:
a7:ab:b0:27:47:4e:48:20:02:19:17:ce:ab:8a:55:
55:53:24:5a:4b:0a:89:38:52:04:ef:9f:87:9a:9c:
32:85:15:fa:27:31:94:72:65:69:fb:c4:82:8b:f7:
fe:2e:a9:21:c9:b0:06:ca:fb:d7:44:55:82:47:1e:
03:bd:ec:ea:38:ba:23:78:0b:6d:61:2c:07:08:fd:
36:95:ed:b2:dc:c3:02:b8:56:f1:61:38:5b:89:9c:
12:56:24:e1:81:c8:df:60:15:5e:c0:f6:6d:c5:86:
d7:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:F4:25:E0:A5:40:2E:2E:1F:1A:E3:98:CF:5B:82:DE:0D:2A:9E:4B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7F378D74CCCF11EFA3A7B277762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.144.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:f1:b6:5c:85:f2:82:a1:ac:d9:c3:8c:13:00:d3:7e:84:ab:
44:a2:63:4f:e5:7d:0f:b6:92:6c:f2:bb:32:25:20:71:2f:1d:
e1:6c:99:d4:ea:92:6c:44:71:4d:34:cf:a1:44:92:c3:cf:0a:
d9:57:d8:27:26:30:4a:42:f3:d6:52:52:cc:05:ee:ee:47:c7:
89:c6:4a:8e:03:17:0d:34:81:a2:99:c3:b5:d5:65:46:a2:b9:
8f:cf:0d:c4:2b:c8:68:02:f9:68:7d:99:cd:78:2d:5e:12:2b:
4e:93:9e:8e:0d:1b:c8:4c:f3:13:6e:9e:c8:f3:50:ab:84:62:
f0:a9:ce:c3:80:c5:94:6e:3e:3f:ba:ce:64:d3:ce:47:9e:a2:
a8:9e:09:a6:3f:61:d2:d6:55:9c:4b:9d:cd:50:d6:70:2b:75:
03:43:7a:93:64:4e:73:86:4f:16:03:7c:d5:f1:be:c1:7b:52:
b5:7a:a8:81:64:19:b4:55:2b:a4:f3:0b:bd:c3:b1:31:27:24:
9c:b0:9c:60:50:e6:ef:b2:4f:55:f4:c3:58:57:fe:88:6a:04:
c6:1f:d3:7e:4c:cd:75:98:2d:5e:f0:a5:e6:ae:71:79:e4:16:
1e:6b:f1:ef:e1:e2:92:11:7a:e6:ce:e7:0b:28:1b:c5:3b:2b:
88:84:12:da
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPqxMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDgxNTAwWhcNMjcxMjEzMDgxNTAwWjAYMRYw
FAYDVQQDEw02NzdjZTI4OC0wOTcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyFb0wPyMwQm3LM8+BFGj+ltfRxnZIR6U35y2eJOrhosqGudd9/8DNhsu
ROp+dGKYDBc5tl/KA3lmiSoTQeiAAcrN7DxsLQir0s6DAGKmVdMtmzPe5UQIwM04
REYk0M4Wz1VRBomUgT4UA/YJiiz7cfnpfJMjZq+nV3e3fGpIyPx+Mwlt84wkpt9R
RWxWgrUrENlQW7Gnq7AnR05IIAIZF86rilVVUyRaSwqJOFIE75+HmpwyhRX6JzGU
cmVp+8SCi/f+LqkhybAGyvvXRFWCRx4DvezqOLojeAttYSwHCP02le2y3MMCuFbx
YThbiZwSViThgcjfYBVewPZtxYbXAwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGX0
JeClQC4uHxrjmM9bgt4NKp5LMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83RjM3OEQ3NENDQ0YxMUVGQTNBN0IyNzc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOmQMA0GCSqGSIb3DQEBCwUA
A4IBAQBf8bZchfKCoazZw4wTANN+hKtEomNP5X0PtpJs8rsyJSBxLx3hbJnU6pJs
RHFNNM+hRJLDzwrZV9gnJjBKQvPWUlLMBe7uR8eJxkqOAxcNNIGimcO11WVGormP
zw3EK8hoAvlofZnNeC1eEitOk56ODRvITPMTbp7I81CrhGLwqc7DgMWUbj4/us5k
085HnqKongmmP2HS1lWcS53NUNZwK3UDQ3qTZE5zhk8WA3zV8b7Be1K1eqiBZBm0
VSuk8wu9w7ExJyScsJxgUObvsk9V9MNYV/6IagTGH9N+TM11mC1e8KXmrnF55BYe
a/Hv4eKSEXrmzucLKBvFOyuIhBLa
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:51:44 2025 by rpki-client