Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8CBABA5CCD1511EFA08BE0AF762E951A.roa
File: 8CBABA5CCD1511EFA08BE0AF762E951A.roa (raw, json)
Hash identifier: Z1Yyl+WrtveaTaveoU0w96D7+sj8NQKVDfBSg6pcS9I=
Subject key identifier: DE:B2:10:E8:06:B5:50:35:00:B6:B7:8C:5F:C1:9A:44:F7:54:38:C5
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FD17
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8CBABA5CCD1511EFA08BE0AF762E951A.roa
Signing time: Tue 07 Jan 2025 16:36:31 +0000
ROA not before: Tue 07 Jan 2025 16:36:27 +0000
ROA not after: Mon 13 Dec 2027 16:36:27 +0000
asID: 17561
IP address blocks: 156.241.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64791 (0xfd17)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 16:36:27 2025 GMT
Not After : Dec 13 16:36:27 2027 GMT
Subject: CN=677d580f-b2f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:d5:25:b8:c6:90:c1:db:7b:ca:25:38:aa:6e:
57:9b:f5:1e:a8:b7:a8:d4:83:12:bf:10:d5:57:b6:
ae:28:7e:d5:a7:43:1a:40:08:09:b9:78:f1:e8:f9:
16:12:d9:13:a0:f9:59:04:08:c6:d3:72:0c:1f:b5:
c8:3a:d6:d5:b1:41:cc:a5:c1:c5:4c:91:92:43:50:
ea:3e:dd:18:21:f7:64:d5:cb:27:c7:2a:20:7a:35:
60:7b:c9:ef:a8:ea:98:e0:49:21:0f:9c:ef:04:19:
47:fb:ef:da:21:ab:7f:a5:34:6d:a9:ad:5c:e7:d0:
47:c2:00:40:b7:e7:46:08:07:39:11:33:9d:78:cd:
18:93:bb:05:1b:04:74:ba:2e:ba:39:b8:3b:4f:b5:
fe:fd:1f:0b:2e:d5:ae:40:e2:e2:f1:f4:80:1a:55:
dc:eb:18:ca:b9:10:5e:c8:41:58:87:a7:54:49:9c:
ff:71:01:91:c5:a5:bd:d7:fd:87:81:b5:ff:35:b2:
5c:0e:5e:2d:eb:c0:a2:3d:f1:95:9e:30:07:06:86:
e7:95:58:ee:ac:dd:87:f2:f0:d9:41:81:26:da:9f:
72:40:8b:54:4e:fc:c9:c2:2a:11:f5:fa:94:d0:8b:
07:0a:84:c8:7f:ca:ee:a7:07:86:99:47:41:e2:78:
1f:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:B2:10:E8:06:B5:50:35:00:B6:B7:8C:5F:C1:9A:44:F7:54:38:C5
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8CBABA5CCD1511EFA08BE0AF762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.241.15.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:1c:d8:b2:f8:18:b2:ab:99:1b:e5:bb:63:1f:47:b9:27:ba:
2d:5d:99:e5:5c:44:28:02:c3:9a:35:26:5e:f5:96:ea:8a:af:
52:dd:3e:57:f2:e8:a5:02:58:20:28:3c:5e:2a:8c:c8:0a:20:
5a:97:8f:85:2e:24:15:8e:a8:47:f9:c2:d4:1e:b2:5d:49:06:
99:84:00:0f:cd:2b:1b:8a:2e:e3:ad:a3:ef:e8:5c:87:9a:f1:
13:23:e9:8e:79:e5:31:3f:0e:b9:51:23:8f:7d:99:5d:21:9e:
45:26:2c:f2:99:d2:22:2e:be:ab:6e:ba:4b:1c:cf:80:18:ef:
e1:6d:30:0d:39:cb:6c:cb:07:6c:7d:41:86:4a:bf:df:c4:db:
df:f6:42:83:ce:ed:41:5a:c0:49:ed:80:56:54:58:17:3c:bb:
e2:8f:8e:47:69:84:cf:f2:37:ef:92:ca:f6:49:3b:fe:fd:75:
45:ea:ec:b5:11:76:fa:64:25:43:73:24:ad:e8:10:1c:4e:3e:
81:b4:b5:dc:07:03:52:a2:84:1b:f1:68:5a:d8:b4:c7:e0:4d:
03:ef:f3:65:d0:16:5f:1c:13:08:63:dc:e6:91:b3:7b:93:c6:
0c:03:eb:41:68:e5:e2:9b:d5:e9:55:4f:2e:54:c4:97:51:fb:
9d:e7:14:ab
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP0XMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTYzNjI3WhcNMjcxMjEzMTYzNjI3WjAYMRYw
FAYDVQQDEw02NzdkNTgwZi1iMmY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA69UluMaQwdt7yiU4qm5Xm/UeqLeo1IMSvxDVV7auKH7Vp0MaQAgJuXjx
6PkWEtkToPlZBAjG03IMH7XIOtbVsUHMpcHFTJGSQ1DqPt0YIfdk1csnxyogejVg
e8nvqOqY4EkhD5zvBBlH++/aIat/pTRtqa1c59BHwgBAt+dGCAc5ETOdeM0Yk7sF
GwR0ui66Obg7T7X+/R8LLtWuQOLi8fSAGlXc6xjKuRBeyEFYh6dUSZz/cQGRxaW9
1/2HgbX/NbJcDl4t68CiPfGVnjAHBobnlVjurN2H8vDZQYEm2p9yQItUTvzJwioR
9fqU0IsHCoTIf8rupweGmUdB4ngfZwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFN6y
EOgGtVA1ALa3jF/BmkT3VDjFMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84Q0JBQkE1Q0NEMTUxMUVGQTA4QkUwQUY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPEPMA0GCSqGSIb3DQEBCwUA
A4IBAQChHNiy+Biyq5kb5btjH0e5J7otXZnlXEQoAsOaNSZe9Zbqiq9S3T5X8uil
AlggKDxeKozICiBal4+FLiQVjqhH+cLUHrJdSQaZhAAPzSsbii7jraPv6FyHmvET
I+mOeeUxPw65USOPfZldIZ5FJizymdIiLr6rbrpLHM+AGO/hbTANOctsywdsfUGG
Sr/fxNvf9kKDzu1BWsBJ7YBWVFgXPLvij45HaYTP8jfvksr2STv+/XVF6uy1EXb6
ZCVDcySt6BAcTj6BtLXcBwNSooQb8Wha2LTH4E0D7/Nl0BZfHBMIY9zmkbN7k8YM
A+tBaOXim9XpVU8uVMSXUfud5xSr
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:48:48 2025 by rpki-client