Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9B7C4266C97A11EF977DE350762E951A.roa
File: 9B7C4266C97A11EF977DE350762E951A.roa (raw, json)
Hash identifier: KJZlVu83jnR2yrBQvvlXNLAexypiORzGtl2Y0Wi1FaQ=
Subject key identifier: EC:0A:93:8D:47:0F:8B:66:64:F6:D0:DB:26:53:AF:C6:AB:A3:38:E0
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F511
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9B7C4266C97A11EF977DE350762E951A.roa
Signing time: Fri 03 Jan 2025 02:29:50 +0000
ROA not before: Fri 03 Jan 2025 02:29:47 +0000
ROA not after: Mon 13 Dec 2027 02:29:47 +0000
asID: 17561
IP address blocks: 156.227.122.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62737 (0xf511)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 02:29:47 2025 GMT
Not After : Dec 13 02:29:47 2027 GMT
Subject: CN=67774b9e-48bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:f5:2d:a8:15:e9:c3:de:d6:53:6a:aa:b5:3b:
35:6a:30:f1:07:aa:38:41:75:95:40:be:3c:b0:62:
00:22:03:c8:a3:d5:61:12:5a:d0:d8:55:51:61:7f:
35:8b:50:d8:1e:4c:96:e6:5f:df:b0:45:1f:f7:1d:
7b:3e:9a:26:21:91:ce:26:42:80:86:1b:9d:53:3d:
b9:ff:49:3d:f7:39:ba:b2:b6:bc:37:0e:72:88:67:
79:60:dd:1e:70:b3:ff:35:58:6c:13:11:ad:85:9c:
cf:c1:a2:5a:c8:60:e3:f0:61:d5:ff:a3:00:b5:4c:
e3:f3:a4:60:92:26:b2:75:9b:a7:d1:06:8e:25:26:
1e:a3:ff:66:dc:08:11:43:8a:ec:4a:2f:96:09:cd:
f4:39:6c:79:05:d6:9c:ad:ae:f9:ba:00:06:b1:75:
05:80:09:f7:b3:ad:ac:37:97:9b:d8:84:65:00:55:
72:b2:14:08:68:6c:ac:07:27:81:43:62:b7:e7:86:
12:76:79:fb:49:10:40:c4:48:e4:64:3f:60:ef:45:
86:a4:79:72:20:e9:e5:69:b6:3b:a9:cf:58:26:41:
fb:9a:ea:2c:c8:d4:3a:14:f8:55:f3:53:d4:ee:b0:
6c:80:e6:3f:39:8b:d6:90:1b:aa:cc:13:0e:d8:21:
81:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:0A:93:8D:47:0F:8B:66:64:F6:D0:DB:26:53:AF:C6:AB:A3:38:E0
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9B7C4266C97A11EF977DE350762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.122.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:bf:aa:c4:85:fb:be:2f:23:b8:15:93:73:6f:c1:78:de:95:
59:32:d5:39:a9:41:c6:ea:7d:c8:ff:9d:3d:5d:3e:44:c0:0a:
3c:03:e4:5b:73:cf:a5:ec:f2:d8:de:4c:d8:f5:7d:fa:87:1f:
03:a2:52:9b:35:4a:44:a3:e9:50:ce:e1:a0:15:f4:7c:85:5e:
1d:60:d1:92:93:cd:4f:52:7b:a4:2d:c5:6d:0f:1c:cc:35:c9:
84:ed:a3:14:6a:70:4f:ee:2c:38:50:bd:7c:46:3f:96:3b:5a:
00:3f:40:ff:71:fa:e4:2c:59:f0:e5:2e:00:bc:96:21:6e:bb:
70:39:19:6f:e7:c1:55:4a:9a:b5:df:3b:04:7f:dc:31:d5:35:
1f:79:f6:e0:53:ef:d0:8d:c8:d3:c9:c9:bb:a2:40:ae:58:45:
38:74:09:b1:0b:73:de:d8:ed:a4:8d:d7:d1:11:ec:6b:c9:e4:
08:16:cb:0e:75:68:fa:b7:32:b7:05:e7:f0:91:30:0f:38:10:
fb:9a:59:f4:5f:75:80:db:36:aa:70:67:86:27:86:d8:44:bc:
89:79:b1:ef:2b:52:03:3b:c9:32:99:cd:81:d8:63:4d:a2:1f:
68:11:81:c8:f3:85:8e:13:6d:a4:b5:35:3e:04:62:d6:68:48:
e4:4e:79:39
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPURMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDIyOTQ3WhcNMjcxMjEzMDIyOTQ3WjAYMRYw
FAYDVQQDEw02Nzc3NGI5ZS00OGJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAy/UtqBXpw97WU2qqtTs1ajDxB6o4QXWVQL48sGIAIgPIo9VhElrQ2FVR
YX81i1DYHkyW5l/fsEUf9x17PpomIZHOJkKAhhudUz25/0k99zm6sra8Nw5yiGd5
YN0ecLP/NVhsExGthZzPwaJayGDj8GHV/6MAtUzj86RgkiaydZun0QaOJSYeo/9m
3AgRQ4rsSi+WCc30OWx5Bdacra75ugAGsXUFgAn3s62sN5eb2IRlAFVyshQIaGys
ByeBQ2K354YSdnn7SRBAxEjkZD9g70WGpHlyIOnlabY7qc9YJkH7muosyNQ6FPhV
81PU7rBsgOY/OYvWkBuqzBMO2CGBcwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOwK
k41HD4tmZPbQ2yZTr8arozjgMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85QjdDNDI2NkM5N0ExMUVGOTc3REUzNTA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnON6MA0GCSqGSIb3DQEBCwUA
A4IBAQCnv6rEhfu+LyO4FZNzb8F43pVZMtU5qUHG6n3I/509XT5EwAo8A+Rbc8+l
7PLY3kzY9X36hx8DolKbNUpEo+lQzuGgFfR8hV4dYNGSk81PUnukLcVtDxzMNcmE
7aMUanBP7iw4UL18Rj+WO1oAP0D/cfrkLFnw5S4AvJYhbrtwORlv58FVSpq13zsE
f9wx1TUfefbgU+/QjcjTycm7okCuWEU4dAmxC3Pe2O2kjdfREexryeQIFssOdWj6
tzK3BefwkTAPOBD7mln0X3WA2zaqcGeGJ4bYRLyJebHvK1IDO8kymc2B2GNNoh9o
EYHI84WOE22ktTU+BGLWaEjkTnk5
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:51:56 2025 by rpki-client