Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/885A8A34CD1811EF8BFBBE44762E951A.roa
File: 885A8A34CD1811EF8BFBBE44762E951A.roa (raw, json)
Hash identifier: k7NIRj9IWNyLqi2qUthhBqLr7ssFgqA34Rq/4vYe6V0=
Subject key identifier: F0:1B:CA:21:D8:4D:1E:15:DC:66:8A:0C:80:08:D2:80:15:68:80:25
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FD2F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/885A8A34CD1811EF8BFBBE44762E951A.roa
Signing time: Tue 07 Jan 2025 16:57:52 +0000
ROA not before: Tue 07 Jan 2025 16:57:49 +0000
ROA not after: Mon 13 Dec 2027 16:57:49 +0000
asID: 17561
IP address blocks: 156.241.27.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64815 (0xfd2f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 16:57:49 2025 GMT
Not After : Dec 13 16:57:49 2027 GMT
Subject: CN=677d5d10-f925
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:8f:ad:ae:2f:c1:97:3b:94:21:7a:35:25:93:
f7:b7:e2:ec:ad:68:57:39:53:7e:c2:75:63:e2:08:
eb:ae:f6:9f:be:f4:19:9d:d0:3a:fa:4d:f6:b0:46:
e3:34:b2:9c:c2:5f:9e:ea:2d:d8:40:10:1d:70:f9:
b9:37:dc:85:76:2e:f8:72:a4:3c:3c:6d:8a:63:94:
6c:55:75:a4:fd:d7:c4:98:ed:57:90:7c:e6:ae:ed:
50:5f:8c:ac:4b:63:82:b2:c3:33:28:fb:58:11:7a:
82:88:39:76:90:9f:23:64:11:5d:c8:18:bd:ea:f0:
f7:91:8f:13:93:a5:d7:88:9f:27:9c:a3:b1:75:dc:
ea:50:ae:43:3f:6c:39:ec:29:a7:dc:85:e6:70:10:
a1:70:85:93:2e:c5:46:26:05:f7:d6:bc:e4:d8:8e:
ed:df:81:da:b2:49:0f:1c:fd:29:dc:ad:f9:7f:14:
a0:ea:38:45:98:8f:60:d1:57:a8:22:19:0a:68:81:
b6:ff:55:74:d3:32:7b:0f:a1:6e:74:8b:01:e9:9e:
12:9f:5f:69:1f:cb:60:6e:7f:09:b9:d1:a7:c0:5c:
53:19:ee:3b:ea:9c:77:2c:61:5e:58:0f:63:c3:bb:
27:9c:4e:4a:78:06:d1:83:b0:fc:55:1e:c2:05:c7:
0a:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:1B:CA:21:D8:4D:1E:15:DC:66:8A:0C:80:08:D2:80:15:68:80:25
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/885A8A34CD1811EF8BFBBE44762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.241.27.0/24
Signature Algorithm: sha256WithRSAEncryption
68:4b:b0:ed:4c:1d:f1:27:d2:f1:bc:4c:6d:31:db:53:43:20:
28:a5:44:19:0c:15:4e:7e:49:b9:f9:18:dc:55:61:0b:9a:94:
8d:46:6f:d2:69:39:08:01:94:ef:4b:b7:cc:94:de:22:e7:a3:
3f:32:6a:23:42:5d:6a:65:35:d2:2b:c8:20:3e:d4:fd:39:e3:
bd:6b:69:3b:30:a2:30:b4:2b:e0:02:5f:d6:fb:88:b9:ec:92:
ca:e6:87:85:a8:05:5e:de:b0:27:d8:94:02:36:53:2a:a6:df:
a4:8d:a3:84:52:ad:ed:35:33:6d:c6:50:ae:3e:25:0a:ed:c4:
d8:0d:2c:dd:12:13:26:e6:dd:e2:bb:64:c6:ff:ef:65:59:89:
9d:9f:f4:9e:3d:c1:88:d8:8a:66:fd:45:e9:24:f2:0a:d8:fd:
50:8f:87:5d:2f:05:01:97:cf:27:73:ce:85:82:78:4a:92:88:
e0:a5:9f:f4:fc:ce:f6:66:6f:b9:22:1b:86:c7:53:1c:6a:7b:
34:1a:25:d2:e1:54:d2:6b:b1:3c:33:af:ff:ae:bc:dd:a5:d1:
49:42:4a:f2:bc:2f:ef:bf:34:2e:80:95:e1:dd:97:cb:27:80:
0b:3d:1e:7b:ee:2b:cf:99:46:de:b9:c5:6e:33:e8:fb:86:23:
97:2a:d7:18
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP0vMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTY1NzQ5WhcNMjcxMjEzMTY1NzQ5WjAYMRYw
FAYDVQQDEw02NzdkNWQxMC1mOTI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuI+tri/BlzuUIXo1JZP3t+LsrWhXOVN+wnVj4gjrrvafvvQZndA6+k32
sEbjNLKcwl+e6i3YQBAdcPm5N9yFdi74cqQ8PG2KY5RsVXWk/dfEmO1XkHzmru1Q
X4ysS2OCssMzKPtYEXqCiDl2kJ8jZBFdyBi96vD3kY8Tk6XXiJ8nnKOxddzqUK5D
P2w57Cmn3IXmcBChcIWTLsVGJgX31rzk2I7t34HaskkPHP0p3K35fxSg6jhFmI9g
0VeoIhkKaIG2/1V00zJ7D6FudIsB6Z4Sn19pH8tgbn8JudGnwFxTGe476px3LGFe
WA9jw7snnE5KeAbRg7D8VR7CBccKNQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPAb
yiHYTR4V3GaKDIAI0oAVaIAlMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84ODVBOEEzNENEMTgxMUVGOEJGQkJFNDQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPEbMA0GCSqGSIb3DQEBCwUA
A4IBAQBoS7DtTB3xJ9LxvExtMdtTQyAopUQZDBVOfkm5+RjcVWELmpSNRm/SaTkI
AZTvS7fMlN4i56M/MmojQl1qZTXSK8ggPtT9OeO9a2k7MKIwtCvgAl/W+4i57JLK
5oeFqAVe3rAn2JQCNlMqpt+kjaOEUq3tNTNtxlCuPiUK7cTYDSzdEhMm5t3iu2TG
/+9lWYmdn/SePcGI2Ipm/UXpJPIK2P1Qj4ddLwUBl88nc86FgnhKkojgpZ/0/M72
Zm+5IhuGx1Mcans0GiXS4VTSa7E8M6//rrzdpdFJQkryvC/vvzQugJXh3ZfLJ4AL
PR577ivPmUbeucVuM+j7hiOXKtcY
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:57:35 2025 by rpki-client