Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9931D34CD31411EF9AB63E4D762E951A.roa
File: 9931D34CD31411EF9AB63E4D762E951A.roa (raw, json)
Hash identifier: 9mSjAqgICqjz4hPZAI6g1J9II1O6osJw7QT7U4rfuKE=
Subject key identifier: 18:49:97:59:B5:01:4D:72:29:62:52:1A:A7:D7:D8:40:06:65:7C:A7
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010863
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9931D34CD31411EF9AB63E4D762E951A.roa
Signing time: Wed 15 Jan 2025 07:44:49 +0000
ROA not before: Wed 15 Jan 2025 07:44:46 +0000
ROA not after: Mon 03 Jan 2028 07:44:46 +0000
asID: 17561
IP address blocks: 156.254.71.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67683 (0x10863)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 15 07:44:46 2025 GMT
Not After : Jan 3 07:44:46 2028 GMT
Subject: CN=67876771-978e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:05:3b:44:62:fc:c3:aa:04:96:0b:f2:3d:a9:
b0:26:96:c4:be:b6:7d:9e:48:91:1f:93:c7:79:b9:
48:a9:2f:54:ec:e7:c7:0d:fe:a8:23:78:80:34:21:
dc:f0:bf:92:74:74:e9:3d:9c:d0:41:43:e2:d2:6c:
83:c7:aa:28:ab:c7:8a:08:54:ad:70:39:cf:18:09:
1b:d4:dc:94:12:e8:5d:4b:56:d3:64:19:cf:0f:d7:
81:73:34:a5:11:27:c7:7f:03:47:00:d6:55:57:30:
50:71:42:d1:cf:8c:07:61:5c:8f:d6:a7:61:aa:d9:
59:86:28:8f:c9:3a:79:57:73:b9:bc:6d:49:fc:bc:
bb:71:b9:74:52:68:a8:b5:1a:c1:cf:06:67:f4:6b:
e4:e0:33:a0:56:ab:24:56:40:78:d5:23:c3:9f:12:
6d:56:a0:c7:41:b5:71:d2:73:76:14:9f:06:34:1a:
32:bb:ea:b7:a3:b7:a3:37:1b:08:29:04:b7:d0:10:
bd:70:af:fc:dd:d3:d1:43:bc:4b:10:95:cd:6d:83:
1c:6e:66:0a:e7:40:c7:20:47:03:69:64:40:83:f3:
0c:ee:c4:7a:5c:9f:2e:bd:42:70:3d:c5:ce:fb:5a:
70:71:9a:0b:91:48:05:81:ca:26:fe:a7:e9:28:f8:
6c:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:49:97:59:B5:01:4D:72:29:62:52:1A:A7:D7:D8:40:06:65:7C:A7
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9931D34CD31411EF9AB63E4D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.254.71.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:47:ac:5b:72:1e:0a:ca:86:e9:93:97:c7:5d:ac:4e:93:fb:
ff:a2:b7:61:60:dd:b0:75:1e:05:88:33:31:bb:03:92:db:16:
06:9b:89:3c:2e:4e:80:e1:60:58:5b:c3:71:d3:ab:08:ea:83:
bf:0d:67:28:5e:42:c8:fe:a8:99:80:68:ab:9f:b0:5b:89:ce:
9a:c7:b9:a5:c0:64:57:bf:63:8e:0c:4c:c1:b2:b1:10:65:2a:
86:9b:af:e5:4e:9e:99:07:6a:43:42:9d:fa:68:14:c1:74:3a:
07:fe:9f:e3:b4:78:76:db:14:2f:d8:a9:bd:fb:c5:3f:e0:5c:
5d:e0:bd:83:75:64:21:d3:2b:49:18:1c:80:89:61:d8:7a:47:
89:0a:15:3d:c6:8a:ba:9a:56:53:bd:46:e0:ea:48:35:de:e7:
bb:40:17:a2:3b:6c:47:ed:cb:a9:18:7a:3b:de:d5:90:15:d9:
7a:ab:3f:93:70:31:b2:3a:6f:eb:dc:47:22:cb:8c:38:15:fd:
5b:ad:b8:2e:6c:c7:e4:84:5e:2f:17:5f:5c:14:2e:13:37:b6:
fd:42:a8:56:ff:b4:de:f7:73:06:95:7b:fb:7b:6f:bf:6d:5d:
69:fd:b6:b1:24:2e:c9:3f:47:07:98:95:b0:1e:6b:bf:05:27:
1e:da:03:8c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQhjMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE1MDc0NDQ2WhcNMjgwMTAzMDc0NDQ2WjAYMRYw
FAYDVQQDEw02Nzg3Njc3MS05NzhlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApwU7RGL8w6oElgvyPamwJpbEvrZ9nkiRH5PHeblIqS9U7OfHDf6oI3iA
NCHc8L+SdHTpPZzQQUPi0myDx6ooq8eKCFStcDnPGAkb1NyUEuhdS1bTZBnPD9eB
czSlESfHfwNHANZVVzBQcULRz4wHYVyP1qdhqtlZhiiPyTp5V3O5vG1J/Ly7cbl0
UmiotRrBzwZn9Gvk4DOgVqskVkB41SPDnxJtVqDHQbVx0nN2FJ8GNBoyu+q3o7ej
NxsIKQS30BC9cK/83dPRQ7xLEJXNbYMcbmYK50DHIEcDaWRAg/MM7sR6XJ8uvUJw
PcXO+1pwcZoLkUgFgcom/qfpKPhsFwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBhJ
l1m1AU1yKWJSGqfX2EAGZXynMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85OTMxRDM0Q0QzMTQxMUVGOUFCNjNFNEQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP5HMA0GCSqGSIb3DQEBCwUA
A4IBAQCNR6xbch4Kyobpk5fHXaxOk/v/ordhYN2wdR4FiDMxuwOS2xYGm4k8Lk6A
4WBYW8Nx06sI6oO/DWcoXkLI/qiZgGirn7Bbic6ax7mlwGRXv2OODEzBsrEQZSqG
m6/lTp6ZB2pDQp36aBTBdDoH/p/jtHh22xQv2Km9+8U/4Fxd4L2DdWQh0ytJGByA
iWHYekeJChU9xoq6mlZTvUbg6kg13ue7QBeiO2xH7cupGHo73tWQFdl6qz+TcDGy
Om/r3Eciy4w4Ff1brbgubMfkhF4vF19cFC4TN7b9QqhW/7Te93MGlXv7e2+/bV1p
/baxJC7JP0cHmJWwHmu/BSce2gOM
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:59:28 2025 by rpki-client