Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/86DFF280CD1711EF88A0A7BC762E951A.roa
File: 86DFF280CD1711EF88A0A7BC762E951A.roa (raw, json)
Hash identifier: /W5T3rCYQpPdFll5rM2k60ieYQlEnxN0qf2WId9t8W4=
Subject key identifier: 41:2C:DB:3F:72:D4:D5:D3:75:DD:85:EE:68:BA:38:0D:69:15:CC:17
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FD27
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/86DFF280CD1711EF88A0A7BC762E951A.roa
Signing time: Tue 07 Jan 2025 16:50:40 +0000
ROA not before: Tue 07 Jan 2025 16:50:36 +0000
ROA not after: Mon 13 Dec 2027 16:50:36 +0000
asID: 17561
IP address blocks: 156.241.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64807 (0xfd27)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 16:50:36 2025 GMT
Not After : Dec 13 16:50:36 2027 GMT
Subject: CN=677d5b60-77a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:83:18:ca:54:0c:19:a8:1d:85:4c:c4:e9:f9:
39:4b:ca:36:a9:93:36:6d:df:f4:93:16:64:11:44:
d4:68:ca:e4:15:e7:9d:d5:57:d2:ee:30:3d:00:c1:
2e:64:f3:9a:1e:ae:0e:62:36:a8:de:e0:10:25:97:
45:09:8d:e1:40:35:d9:7c:4f:4c:bd:25:18:2b:4d:
c3:81:59:36:d7:73:04:fd:e5:13:51:c7:c4:04:0a:
b5:58:f1:64:e3:58:c8:62:a7:a8:4f:92:83:8b:73:
05:51:e1:4c:a1:3c:e1:a7:7e:2b:7f:93:85:87:99:
e0:42:6e:ef:db:ba:4d:3c:5c:89:7a:5d:e9:c5:c3:
ae:4f:7e:de:23:13:d6:24:cf:f8:f4:2b:9b:bd:76:
54:f3:c2:4c:e8:19:bd:f6:54:1f:ad:6a:84:00:c2:
09:06:9f:98:d1:ec:22:13:77:16:6c:ac:d5:be:4d:
d7:59:6b:84:78:49:96:b5:18:67:88:ee:e6:98:af:
8f:09:e8:bd:ae:52:0c:a9:63:7a:b0:26:74:be:2a:
45:27:bb:23:4a:8e:ab:e1:04:bc:75:a9:a5:88:cb:
6e:a2:4d:29:ba:66:f3:92:fb:96:66:f9:27:2e:bf:
7e:5f:f5:3a:1a:9a:bc:6d:2d:95:52:5a:3d:d3:5d:
10:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:2C:DB:3F:72:D4:D5:D3:75:DD:85:EE:68:BA:38:0D:69:15:CC:17
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/86DFF280CD1711EF88A0A7BC762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.241.23.0/24
Signature Algorithm: sha256WithRSAEncryption
05:58:44:d3:c2:6c:5f:e2:07:24:11:a4:c9:11:48:3c:e3:14:
3f:aa:55:3e:5b:63:51:91:8d:ea:f5:1d:14:13:4e:b5:7a:a1:
aa:23:64:5f:3a:0b:2b:5a:f3:cb:13:29:a8:12:4d:eb:6a:66:
6a:61:79:c4:43:2f:ee:95:9a:98:1b:86:36:f3:e0:93:12:49:
e4:27:33:24:9b:36:11:61:dc:72:79:14:9d:69:04:71:cc:33:
66:e0:7b:ec:61:23:30:4c:46:e7:27:af:48:72:d4:69:d6:27:
f3:b0:60:da:ee:77:b8:49:91:98:02:38:a3:26:5d:f9:96:7d:
f5:e2:ab:6f:b0:9d:2b:39:1d:73:81:03:c4:bf:9c:64:73:72:
aa:69:99:b9:25:d0:6f:d9:cc:50:4e:62:94:a2:28:19:a7:8c:
30:04:67:11:55:f2:04:ae:e6:86:9c:c5:1d:0f:85:ae:92:3e:
9d:ab:a0:49:ae:17:53:bd:5c:60:b3:1b:ed:ee:e4:c0:6a:fc:
4a:0c:71:ee:bb:61:c9:12:36:08:da:e5:d7:c2:b8:64:ca:43:
09:c9:5e:e7:de:84:d2:da:9f:e0:23:44:a5:d8:da:37:72:48:
30:a7:8e:ac:85:a1:e2:e7:f1:fb:e8:8b:26:a7:be:09:00:f7:
c4:4c:0f:49
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP0nMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTY1MDM2WhcNMjcxMjEzMTY1MDM2WjAYMRYw
FAYDVQQDEw02NzdkNWI2MC03N2E2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxIMYylQMGagdhUzE6fk5S8o2qZM2bd/0kxZkEUTUaMrkFeed1VfS7jA9
AMEuZPOaHq4OYjao3uAQJZdFCY3hQDXZfE9MvSUYK03DgVk213ME/eUTUcfEBAq1
WPFk41jIYqeoT5KDi3MFUeFMoTzhp34rf5OFh5ngQm7v27pNPFyJel3pxcOuT37e
IxPWJM/49CubvXZU88JM6Bm99lQfrWqEAMIJBp+Y0ewiE3cWbKzVvk3XWWuEeEmW
tRhniO7mmK+PCei9rlIMqWN6sCZ0vipFJ7sjSo6r4QS8damliMtuok0pumbzkvuW
ZvknLr9+X/U6Gpq8bS2VUlo9010QuQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEEs
2z9y1NXTdd2F7mi6OA1pFcwXMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84NkRGRjI4MENEMTcxMUVGODhBMEE3QkM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPEXMA0GCSqGSIb3DQEBCwUA
A4IBAQAFWETTwmxf4gckEaTJEUg84xQ/qlU+W2NRkY3q9R0UE061eqGqI2RfOgsr
WvPLEymoEk3ramZqYXnEQy/ulZqYG4Y28+CTEknkJzMkmzYRYdxyeRSdaQRxzDNm
4HvsYSMwTEbnJ69IctRp1ifzsGDa7ne4SZGYAjijJl35ln314qtvsJ0rOR1zgQPE
v5xkc3KqaZm5JdBv2cxQTmKUoigZp4wwBGcRVfIEruaGnMUdD4Wukj6dq6BJrhdT
vVxgsxvt7uTAavxKDHHuu2HJEjYI2uXXwrhkykMJyV7n3oTS2p/gI0Sl2No3ckgw
p46shaHi5/H76Ismp74JAPfETA9J
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:46:42 2025 by rpki-client