Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9BF34D1AC99411EF8E4E9E7C762E951A.roa
File: 9BF34D1AC99411EF8E4E9E7C762E951A.roa (raw, json)
Hash identifier: teFh3/XM+g/LRXYyFGbWNnOlf15u59I1lgZ9mN5l8Tc=
Subject key identifier: 8F:32:7E:F6:CC:D8:65:0D:C3:98:DE:B1:10:0B:B0:CC:96:7A:72:ED
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F605
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9BF34D1AC99411EF8E4E9E7C762E951A.roa
Signing time: Fri 03 Jan 2025 05:35:58 +0000
ROA not before: Fri 03 Jan 2025 05:35:54 +0000
ROA not after: Mon 13 Dec 2027 05:35:54 +0000
asID: 17561
IP address blocks: 156.233.135.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62981 (0xf605)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 05:35:54 2025 GMT
Not After : Dec 13 05:35:54 2027 GMT
Subject: CN=6777773e-db03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:56:a4:ad:a8:1e:44:22:1a:f0:e6:20:2c:97:
fc:ea:4e:e2:77:11:fc:44:af:4b:1b:87:8b:1f:51:
89:f8:90:ab:5c:ee:4b:aa:fb:9d:db:5b:58:3e:c2:
8d:2d:83:fa:a4:91:3b:a9:1c:42:2a:3c:df:0b:69:
e3:50:33:4d:08:dd:09:32:33:da:50:03:5f:8d:3f:
75:19:d0:70:30:fc:16:00:e1:f7:ef:cb:1a:18:ab:
52:a0:85:cb:99:49:17:9a:5b:c8:4b:0d:56:c7:11:
b1:00:8c:3b:6f:76:33:a0:12:90:e7:9c:e0:4e:55:
f5:62:ee:e1:b7:5b:da:2f:be:fa:65:1f:e6:51:a0:
0f:26:c8:5a:2b:af:d9:ef:2c:a5:49:05:30:03:57:
03:87:b6:ef:a5:24:64:45:21:57:25:dc:9a:c6:2e:
ee:18:45:1e:49:37:d1:3a:3f:a3:3f:e3:21:fd:c5:
88:9b:6a:44:99:06:f9:c5:f2:10:ce:6b:30:dc:99:
8d:e4:d7:2b:96:92:c2:e9:6b:2b:44:bd:ad:e6:71:
44:a0:c7:fd:a3:e0:33:94:bd:b0:61:b2:5c:79:95:
d7:a4:6f:63:fc:6a:31:be:6d:0b:c2:2c:88:38:41:
90:ce:6b:68:df:28:4e:ef:6d:2c:8c:5e:8b:61:9e:
8a:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:32:7E:F6:CC:D8:65:0D:C3:98:DE:B1:10:0B:B0:CC:96:7A:72:ED
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9BF34D1AC99411EF8E4E9E7C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.135.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:c6:b9:0d:5b:16:80:dd:65:1c:8f:9e:98:11:1f:32:57:49:
e5:6a:87:84:46:87:2c:3d:c5:ab:0b:c0:e0:d0:35:a7:f0:66:
10:9a:cc:0b:6a:60:f2:61:50:52:30:9c:79:7d:80:fd:08:06:
a6:fd:97:36:9b:d1:1a:4a:3d:9f:23:2c:ba:34:51:dc:96:82:
f3:42:14:66:86:e7:23:db:b2:74:63:8f:0f:71:05:8a:d9:c4:
f0:2f:20:33:ae:2c:99:68:8c:52:84:77:c0:22:2f:cf:26:c1:
3a:94:72:5f:d6:a2:75:7b:1e:d6:8a:ab:0c:38:83:3e:08:91:
66:98:53:1d:1d:5b:6a:24:56:ec:64:82:85:4b:1f:fa:84:77:
8e:82:45:cf:85:31:8f:37:34:e3:42:cc:84:6a:6a:84:59:b8:
2f:77:84:03:3d:45:43:09:9a:54:62:f8:18:f1:5c:ec:2d:f6:
58:07:2f:26:cc:8a:03:25:dc:a6:6e:f2:07:7d:5c:04:45:c1:
63:3a:5e:4b:18:c5:67:95:a4:3d:35:31:c0:ef:84:24:0a:e9:
4a:74:7b:5c:02:18:ba:c2:4b:23:4b:e8:a4:5e:c5:3a:8b:53:
41:29:2b:7b:ca:89:0f:79:05:52:ba:ad:02:0a:f9:3d:bf:83:
77:6e:f4:73
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPYFMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDUzNTU0WhcNMjcxMjEzMDUzNTU0WjAYMRYw
FAYDVQQDEw02Nzc3NzczZS1kYjAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5lakrageRCIa8OYgLJf86k7idxH8RK9LG4eLH1GJ+JCrXO5Lqvud21tY
PsKNLYP6pJE7qRxCKjzfC2njUDNNCN0JMjPaUANfjT91GdBwMPwWAOH378saGKtS
oIXLmUkXmlvISw1WxxGxAIw7b3YzoBKQ55zgTlX1Yu7ht1vaL776ZR/mUaAPJsha
K6/Z7yylSQUwA1cDh7bvpSRkRSFXJdyaxi7uGEUeSTfROj+jP+Mh/cWIm2pEmQb5
xfIQzmsw3JmN5NcrlpLC6WsrRL2t5nFEoMf9o+AzlL2wYbJceZXXpG9j/Goxvm0L
wiyIOEGQzmto3yhO720sjF6LYZ6K6QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFI8y
fvbM2GUNw5jesRALsMyWenLtMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85QkYzNEQxQUM5OTQxMUVGOEU0RTlFN0M3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOmHMA0GCSqGSIb3DQEBCwUA
A4IBAQAqxrkNWxaA3WUcj56YER8yV0nlaoeERocsPcWrC8Dg0DWn8GYQmswLamDy
YVBSMJx5fYD9CAam/Zc2m9EaSj2fIyy6NFHcloLzQhRmhucj27J0Y48PcQWK2cTw
LyAzriyZaIxShHfAIi/PJsE6lHJf1qJ1ex7WiqsMOIM+CJFmmFMdHVtqJFbsZIKF
Sx/6hHeOgkXPhTGPNzTjQsyEamqEWbgvd4QDPUVDCZpUYvgY8VzsLfZYBy8mzIoD
JdymbvIHfVwERcFjOl5LGMVnlaQ9NTHA74QkCulKdHtcAhi6wksjS+ikXsU6i1NB
KSt7yokPeQVSuq0CCvk9v4N3bvRz
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:54:23 2025 by rpki-client