Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8FB044B6CD8311EF8383B87B762E951A.roa
File: 8FB044B6CD8311EF8383B87B762E951A.roa (raw, json)
Hash identifier: MhF7h2TKU0pheLjwqjnTN1s7XIIfd8NR04OZlB8jYWc=
Subject key identifier: AC:A5:B8:A1:97:C7:95:BF:66:F6:32:1D:C2:50:F6:BF:3C:49:91:FD
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010017
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8FB044B6CD8311EF8383B87B762E951A.roa
Signing time: Wed 08 Jan 2025 05:44:01 +0000
ROA not before: Wed 08 Jan 2025 05:43:57 +0000
ROA not after: Mon 13 Dec 2027 05:43:57 +0000
asID: 17561
IP address blocks: 156.252.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65559 (0x10017)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 05:43:57 2025 GMT
Not After : Dec 13 05:43:57 2027 GMT
Subject: CN=677e10a1-118b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:de:95:50:f7:83:0b:b8:c1:21:c0:d0:34:df:
77:5c:e3:f2:80:03:28:d4:8b:b6:84:2f:c3:01:cb:
ff:b9:3b:f3:9f:6b:49:f1:82:69:83:68:02:c3:e5:
3d:d7:b9:1a:f6:10:f2:93:89:0c:77:e6:c6:60:3f:
12:12:4d:ce:9a:30:5d:f6:0a:5a:bf:07:d3:d0:6a:
9c:d5:9a:86:88:7a:e7:e2:6d:c0:cb:52:ad:b2:e1:
1c:2e:41:73:cf:d4:cb:75:16:c6:eb:58:8a:81:28:
cc:14:b5:ce:00:71:f9:93:83:87:1d:66:de:7d:0e:
eb:f2:3f:d4:23:0b:98:3e:5e:ca:39:98:f8:ea:35:
43:e0:fc:07:67:a3:69:89:f5:48:b9:0c:28:39:e4:
ef:61:fc:da:d3:21:b3:05:48:ea:1c:44:df:d5:9a:
fc:87:f3:5a:74:a7:03:48:4e:4c:96:f7:95:96:e4:
ec:19:e6:67:4f:f3:dc:bb:57:3f:99:11:78:f7:d5:
d5:71:57:51:50:b3:f8:7d:ad:5d:51:1c:f6:fd:2b:
df:dd:01:51:ad:81:a9:5e:e5:ec:e6:2e:de:ed:d3:
24:03:a5:1f:ee:b3:af:a5:04:d3:19:41:25:c2:68:
20:91:53:07:e3:ff:42:3a:a9:f4:2a:c7:cf:65:f5:
af:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:A5:B8:A1:97:C7:95:BF:66:F6:32:1D:C2:50:F6:BF:3C:49:91:FD
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8FB044B6CD8311EF8383B87B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.23.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:35:4d:29:6d:f6:6a:97:a7:2d:4f:f4:de:86:a4:61:bd:ff:
58:01:bf:72:76:84:db:3e:ac:b2:97:89:8b:a7:ec:00:70:71:
de:ad:c5:f7:c6:63:a5:64:cc:07:69:47:b9:0d:b3:51:dd:d4:
e8:81:73:73:87:e3:77:14:18:a7:0f:13:8c:3b:3e:54:ed:c0:
5a:f9:e5:06:09:d2:c3:b5:a2:5a:e2:7e:ff:f6:2e:03:0d:99:
98:fd:d3:c7:70:f9:41:67:82:a8:3f:50:c3:53:5e:66:0d:74:
b3:52:2b:15:e8:8c:bc:bf:ac:44:1f:ba:10:b5:9f:1b:cf:d9:
16:5c:0d:5f:bd:00:58:8c:04:de:f4:9b:9e:ae:9c:d9:21:b7:
c2:ed:fd:a5:9f:6f:40:8f:ba:10:6c:f0:1f:0d:07:a5:52:33:
7e:22:7b:96:d0:3c:4c:8f:aa:42:07:07:57:ef:33:54:8b:72:
25:a9:c2:7f:8c:ac:60:7d:da:d1:19:a4:a5:e1:98:e2:4a:93:
22:3b:34:d8:f7:89:64:44:48:0a:a1:7b:d0:b3:15:21:77:56:
88:38:eb:71:51:00:69:6e:db:f4:22:67:8c:b8:58:1b:1e:2d:
9c:db:f7:54:2b:4c:fe:41:14:57:37:b8:ca:07:fa:38:43:3f:
d6:22:f2:15
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQAXMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDU0MzU3WhcNMjcxMjEzMDU0MzU3WjAYMRYw
FAYDVQQDEw02NzdlMTBhMS0xMThiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv96VUPeDC7jBIcDQNN93XOPygAMo1Iu2hC/DAcv/uTvzn2tJ8YJpg2gC
w+U917ka9hDyk4kMd+bGYD8SEk3OmjBd9gpavwfT0Gqc1ZqGiHrn4m3Ay1KtsuEc
LkFzz9TLdRbG61iKgSjMFLXOAHH5k4OHHWbefQ7r8j/UIwuYPl7KOZj46jVD4PwH
Z6NpifVIuQwoOeTvYfza0yGzBUjqHETf1Zr8h/NadKcDSE5MlveVluTsGeZnT/Pc
u1c/mRF499XVcVdRULP4fa1dURz2/Svf3QFRrYGpXuXs5i7e7dMkA6Uf7rOvpQTT
GUElwmggkVMH4/9COqn0KsfPZfWvrQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKyl
uKGXx5W/ZvYyHcJQ9r88SZH9MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84RkIwNDRCNkNEODMxMUVGODM4M0I4N0I3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPwXMA0GCSqGSIb3DQEBCwUA
A4IBAQCzNU0pbfZql6ctT/TehqRhvf9YAb9ydoTbPqyyl4mLp+wAcHHercX3xmOl
ZMwHaUe5DbNR3dTogXNzh+N3FBinDxOMOz5U7cBa+eUGCdLDtaJa4n7/9i4DDZmY
/dPHcPlBZ4KoP1DDU15mDXSzUisV6Iy8v6xEH7oQtZ8bz9kWXA1fvQBYjATe9Jue
rpzZIbfC7f2ln29Aj7oQbPAfDQelUjN+InuW0DxMj6pCBwdX7zNUi3IlqcJ/jKxg
fdrRGaSl4ZjiSpMiOzTY94lkREgKoXvQsxUhd1aIOOtxUQBpbtv0ImeMuFgbHi2c
2/dUK0z+QRRXN7jKB/o4Qz/WIvIV
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:55:45 2025 by rpki-client