Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8EFF686CC99611EFB24B3589762E951A.roa
File: 8EFF686CC99611EFB24B3589762E951A.roa (raw, json)
Hash identifier: Ot4LvkQG1MeKRVKtyI11NIvG5bSKfZlHTudB3Mr9Fvw=
Subject key identifier: 05:EE:EA:A9:BE:42:5B:61:F4:DF:22:04:D2:28:F7:24:C3:1D:5C:8E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F617
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8EFF686CC99611EFB24B3589762E951A.roa
Signing time: Fri 03 Jan 2025 05:49:55 +0000
ROA not before: Fri 03 Jan 2025 05:49:52 +0000
ROA not after: Mon 13 Dec 2027 05:49:52 +0000
asID: 17561
IP address blocks: 156.233.144.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62999 (0xf617)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 05:49:52 2025 GMT
Not After : Dec 13 05:49:52 2027 GMT
Subject: CN=67777a83-6e14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ce:18:85:a2:73:82:0b:58:8a:d0:7d:f2:c6:
96:e1:31:97:8f:da:de:49:81:15:3c:8c:a8:01:11:
ad:fb:da:71:b8:6c:f8:8a:41:d9:e1:84:5e:e9:05:
b3:a7:4b:c0:33:7e:f2:ab:26:38:b1:4f:3e:ff:e2:
04:aa:82:6b:97:60:1e:12:fa:ba:d6:f9:b6:bd:cf:
9b:5d:f6:ae:4c:bc:d3:79:cd:c4:06:65:8c:16:b1:
b4:ba:5d:33:a4:c8:1b:0b:15:17:b8:f9:c2:a0:80:
2d:4b:a9:a0:ff:90:28:3b:66:c1:f9:1f:7f:6b:0c:
1f:ad:ad:be:46:b2:69:b4:d8:02:53:c5:43:cd:34:
bc:27:29:44:a2:db:a7:0b:63:5d:2b:4c:10:c6:df:
9c:bb:72:4d:df:df:66:15:ed:d0:6a:b5:2f:d4:eb:
af:8b:51:0e:e6:54:46:af:f2:fa:19:1b:85:49:23:
26:1b:cb:e7:ab:93:58:38:93:24:be:e2:13:f7:0e:
76:8a:2d:be:27:41:0e:6d:d2:33:08:52:62:03:2a:
97:3a:61:e5:c6:50:d0:a7:c5:b8:c9:6c:bd:e4:26:
fc:b8:3c:fc:2a:a8:47:57:47:4b:81:c8:c0:1b:65:
6f:09:e6:b2:d6:5c:4c:3e:2e:e2:4b:9e:8b:6c:cd:
01:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:EE:EA:A9:BE:42:5B:61:F4:DF:22:04:D2:28:F7:24:C3:1D:5C:8E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8EFF686CC99611EFB24B3589762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.144.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:00:0e:91:2a:bd:13:ed:aa:34:15:f3:8a:e9:80:0f:e2:c6:
ba:91:d4:73:78:c9:30:7d:bb:0a:1e:b4:3a:aa:d1:d1:65:c4:
39:4d:03:af:5e:33:10:3b:3e:d4:a5:08:b9:ad:85:20:38:24:
ab:0f:57:a2:b4:86:c9:fd:cf:3c:08:00:8c:90:09:a5:73:d1:
d3:cc:4e:0c:df:53:94:ed:19:f9:37:41:f1:64:b3:4d:e7:b5:
57:24:96:df:1d:4e:0e:fc:f1:e2:24:69:95:6a:a2:83:26:d7:
00:8b:2f:bd:0c:77:dc:e2:45:cf:28:0a:a1:7b:ca:42:d6:53:
92:c8:91:96:70:cc:33:77:59:c9:bc:41:e8:4d:c8:81:39:5a:
f2:b7:b1:b4:44:e7:09:63:9b:69:1f:95:96:1b:8d:8d:c0:69:
e7:a1:f5:7e:4b:7c:5f:7e:74:e9:0c:47:9d:76:0a:d0:fa:fb:
54:42:26:d2:59:eb:eb:08:c8:0c:46:8b:44:b9:27:a4:2d:19:
52:b0:04:e6:84:2e:ff:b0:50:7e:35:84:6d:9d:a3:35:c9:cf:
32:5a:02:49:cb:13:b9:c6:79:b0:21:57:a4:92:07:83:ca:88:
50:a6:88:fb:cb:5d:c4:2c:fb:d1:77:a0:b0:10:2c:af:c1:87:
8d:49:ba:db
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPYXMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDU0OTUyWhcNMjcxMjEzMDU0OTUyWjAYMRYw
FAYDVQQDEw02Nzc3N2E4My02ZTE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv84YhaJzggtYitB98saW4TGXj9reSYEVPIyoARGt+9pxuGz4ikHZ4YRe
6QWzp0vAM37yqyY4sU8+/+IEqoJrl2AeEvq61vm2vc+bXfauTLzTec3EBmWMFrG0
ul0zpMgbCxUXuPnCoIAtS6mg/5AoO2bB+R9/awwfra2+RrJptNgCU8VDzTS8JylE
otunC2NdK0wQxt+cu3JN399mFe3QarUv1Ouvi1EO5lRGr/L6GRuFSSMmG8vnq5NY
OJMkvuIT9w52ii2+J0EObdIzCFJiAyqXOmHlxlDQp8W4yWy95Cb8uDz8KqhHV0dL
gcjAG2VvCeay1lxMPi7iS56LbM0BcQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAXu
6qm+Qlth9N8iBNIo9yTDHVyOMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84RUZGNjg2Q0M5OTYxMUVGQjI0QjM1ODk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOmQMA0GCSqGSIb3DQEBCwUA
A4IBAQAqAA6RKr0T7ao0FfOK6YAP4sa6kdRzeMkwfbsKHrQ6qtHRZcQ5TQOvXjMQ
Oz7UpQi5rYUgOCSrD1eitIbJ/c88CACMkAmlc9HTzE4M31OU7Rn5N0HxZLNN57VX
JJbfHU4O/PHiJGmVaqKDJtcAiy+9DHfc4kXPKAqhe8pC1lOSyJGWcMwzd1nJvEHo
TciBOVryt7G0ROcJY5tpH5WWG42NwGnnofV+S3xffnTpDEeddgrQ+vtUQibSWevr
CMgMRotEuSekLRlSsATmhC7/sFB+NYRtnaM1yc8yWgJJyxO5xnmwIVekkgeDyohQ
poj7y13ELPvRd6CwECyvwYeNSbrb
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:50:43 2025 by rpki-client