Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/85B66B04CCAF11EFAB9CDBAD762E951A.roa
File: 85B66B04CCAF11EFAB9CDBAD762E951A.roa (raw, json)
Hash identifier: TY1Emf/vjhMdt106zysnTF96m1vHdHcJQMGFXdxV7KE=
Subject key identifier: 6B:38:07:7E:53:D9:56:71:2B:1F:6E:31:83:15:CF:70:FD:C2:EC:40
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F9EC
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/85B66B04CCAF11EFAB9CDBAD762E951A.roa
Signing time: Tue 07 Jan 2025 04:26:11 +0000
ROA not before: Tue 07 Jan 2025 04:26:07 +0000
ROA not after: Mon 13 Dec 2027 04:26:07 +0000
asID: 17561
IP address blocks: 156.232.71.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63980 (0xf9ec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 04:26:07 2025 GMT
Not After : Dec 13 04:26:07 2027 GMT
Subject: CN=677cace3-69d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:4e:2d:f9:23:81:d7:ff:be:91:69:93:50:7f:
e5:d6:cf:08:7c:ba:81:6b:05:a6:ca:cd:61:ca:56:
9a:62:f7:61:eb:1b:09:1d:48:4b:55:15:6e:11:5f:
b2:b8:76:9c:ca:0d:5b:62:2f:51:29:23:4f:fd:87:
d5:67:ce:6f:b5:9f:fb:d1:3c:ed:d9:89:0d:0f:3e:
7b:24:a3:57:da:12:7e:18:8e:c5:43:f6:b4:af:d8:
ab:49:92:4b:6a:ae:cb:94:4e:84:72:a0:27:5c:8a:
08:f7:f1:d7:8f:ce:e4:3c:70:cb:60:02:4b:1d:69:
2f:6b:4d:3e:7b:30:0b:4a:c3:b2:dd:3b:85:7b:55:
7f:49:03:cb:bd:9b:77:3a:82:d8:d6:d3:6b:b9:bb:
36:b6:52:a9:be:49:4e:ff:98:e9:2e:a6:2a:94:13:
69:5c:34:46:04:f4:3c:38:a2:4d:ac:13:84:38:f0:
a0:08:90:e7:6d:bf:ba:16:ae:c9:db:4d:22:4d:04:
b9:68:c4:2d:5b:bc:83:a0:f0:12:f9:c3:5b:63:54:
a9:7c:55:c6:52:1e:95:8d:80:ad:75:0c:0f:5a:97:
e1:c2:21:6c:a7:fc:53:32:4a:39:c4:93:6e:ab:ce:
fb:33:e6:0a:d1:a9:9b:3e:77:b3:1d:e3:4a:65:20:
1b:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:38:07:7E:53:D9:56:71:2B:1F:6E:31:83:15:CF:70:FD:C2:EC:40
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/85B66B04CCAF11EFAB9CDBAD762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.232.71.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:5b:cc:6e:50:b5:ca:e6:23:a8:a9:ff:24:d9:e8:ca:d6:96:
b1:65:94:87:7c:1a:2f:0c:6c:c3:9b:dc:25:72:5c:5b:5d:0f:
60:b6:34:4b:e4:f6:88:f1:29:cd:c7:1b:5b:36:75:79:21:9b:
d0:7f:d1:65:c3:d5:4c:4d:a9:77:b6:cb:a1:3e:b8:7e:5f:35:
bd:10:6f:41:52:1e:7c:58:bd:bb:dd:c8:bb:52:f3:c9:44:1b:
76:96:5f:ba:06:b9:22:f7:fa:8d:71:be:f6:33:0b:63:3f:f8:
46:ac:d0:82:a6:8c:c1:0f:d1:d7:f2:de:b0:6d:f2:09:12:05:
eb:7e:91:f7:97:ae:d0:6d:23:d0:82:fd:d6:52:4f:c4:e2:d8:
a5:0b:67:e9:3e:cb:98:64:a3:43:f9:1e:db:f7:46:4e:81:6f:
42:f5:97:73:87:61:a4:48:19:5b:80:cc:9f:c2:dd:03:a2:e0:
15:f2:1e:e8:ef:44:4f:13:b8:5b:f8:14:80:5c:56:1e:fc:02:
a0:d1:13:cd:ee:b5:89:e8:26:32:71:d4:f8:f0:7a:52:3d:8e:
fa:71:77:55:da:b5:92:e5:2d:b6:69:e8:5e:1b:08:f1:fc:b4:
25:75:2c:3b:a8:83:be:80:31:0c:5b:a2:e9:98:4a:d4:1d:cd:
1f:49:1a:a0
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPnsMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDQyNjA3WhcNMjcxMjEzMDQyNjA3WjAYMRYw
FAYDVQQDEw02NzdjYWNlMy02OWQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2U4t+SOB1/++kWmTUH/l1s8IfLqBawWmys1hylaaYvdh6xsJHUhLVRVu
EV+yuHacyg1bYi9RKSNP/YfVZ85vtZ/70Tzt2YkNDz57JKNX2hJ+GI7FQ/a0r9ir
SZJLaq7LlE6EcqAnXIoI9/HXj87kPHDLYAJLHWkva00+ezALSsOy3TuFe1V/SQPL
vZt3OoLY1tNrubs2tlKpvklO/5jpLqYqlBNpXDRGBPQ8OKJNrBOEOPCgCJDnbb+6
Fq7J200iTQS5aMQtW7yDoPAS+cNbY1SpfFXGUh6VjYCtdQwPWpfhwiFsp/xTMko5
xJNuq877M+YK0ambPnezHeNKZSAbDwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGs4
B35T2VZxKx9uMYMVz3D9wuxAMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84NUI2NkIwNENDQUYxMUVGQUI5Q0RCQUQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOhHMA0GCSqGSIb3DQEBCwUA
A4IBAQAtW8xuULXK5iOoqf8k2ejK1paxZZSHfBovDGzDm9wlclxbXQ9gtjRL5PaI
8SnNxxtbNnV5IZvQf9Flw9VMTal3tsuhPrh+XzW9EG9BUh58WL273ci7UvPJRBt2
ll+6Brki9/qNcb72MwtjP/hGrNCCpozBD9HX8t6wbfIJEgXrfpH3l67QbSPQgv3W
Uk/E4tilC2fpPsuYZKND+R7b90ZOgW9C9Zdzh2GkSBlbgMyfwt0DouAV8h7o70RP
E7hb+BSAXFYe/AKg0RPN7rWJ6CYycdT48HpSPY76cXdV2rWS5S22aeheGwjx/LQl
dSw7qIO+gDEMW6LpmErUHc0fSRqg
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:47:19 2025 by rpki-client