Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A2BAE212CD2B11EF9BB71FBA762E951A.roa
File: A2BAE212CD2B11EF9BB71FBA762E951A.roa (raw, json)
Hash identifier: zhT7fG2+W2rAytF44qImjpLGWqzPtb7/yME4kY+OPL8=
Subject key identifier: FB:79:38:EB:F3:C9:18:7E:EE:BC:60:80:09:37:D3:7B:2B:2B:E2:52
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FDC7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A2BAE212CD2B11EF9BB71FBA762E951A.roa
Signing time: Tue 07 Jan 2025 19:14:37 +0000
ROA not before: Tue 07 Jan 2025 19:14:33 +0000
ROA not after: Mon 13 Dec 2027 19:14:33 +0000
asID: 17561
IP address blocks: 156.241.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64967 (0xfdc7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 19:14:33 2025 GMT
Not After : Dec 13 19:14:33 2027 GMT
Subject: CN=677d7d1d-f38e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:1d:71:dc:1f:45:ba:0f:50:d9:dd:ce:93:1d:
b7:37:ab:31:5f:11:dd:2a:2b:83:0a:6d:4f:4b:24:
05:e9:b2:28:b0:f2:12:71:37:e5:8e:5f:12:7b:a9:
05:40:1a:59:76:02:92:7d:20:f7:fe:ba:cf:c8:50:
80:e8:f3:8e:9c:80:39:61:85:bf:37:c5:0f:59:72:
67:1b:d9:35:c5:1f:33:8b:b8:01:71:2e:24:ac:cf:
fe:02:17:ff:21:5f:0e:b0:bf:5c:16:18:28:07:29:
7b:e0:8f:c4:96:0f:d5:6c:f0:21:74:38:b3:a2:28:
da:d0:b1:d8:8d:3c:56:9b:1f:0c:38:cf:97:a1:92:
15:72:52:b0:3e:63:b6:31:86:48:78:33:f2:31:6b:
85:06:f6:7e:e8:6d:de:98:9c:9f:93:1d:85:8b:10:
d5:48:06:42:58:c0:dc:80:9b:04:e3:e0:6e:64:13:
b7:4f:46:65:37:56:64:94:c7:b2:c1:7e:96:d0:5a:
95:76:87:ac:bd:a8:d2:b4:87:d7:bf:4f:39:69:74:
fa:4e:ea:75:2d:1c:a5:e8:e5:c8:3e:e6:a8:7e:81:
49:0e:07:57:cb:a3:41:f6:57:b3:c4:74:5c:68:51:
3b:32:4d:52:0e:eb:68:80:65:9c:82:92:4e:cb:f7:
f4:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:79:38:EB:F3:C9:18:7E:EE:BC:60:80:09:37:D3:7B:2B:2B:E2:52
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A2BAE212CD2B11EF9BB71FBA762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.241.240.0/24
Signature Algorithm: sha256WithRSAEncryption
11:cf:89:fa:b3:92:19:7e:81:a1:ef:1f:e5:c3:ea:c3:b4:2e:
cf:17:14:a6:fd:d3:0e:8f:57:fc:85:ab:b5:a1:c7:91:e7:37:
92:6f:f9:21:7f:e6:15:6f:5c:7f:9b:7a:24:95:f9:57:18:2d:
cf:ea:3c:ba:88:38:c7:64:1e:79:37:19:94:ff:af:30:af:71:
7d:41:87:c1:c4:30:36:9a:ea:a2:f1:5d:ab:b1:30:34:30:e9:
7d:b7:99:63:c2:98:e1:45:a9:db:20:11:61:fc:b4:78:01:dd:
bf:c5:57:c3:a8:a6:c1:32:93:df:ee:35:0d:8d:80:c5:f6:ed:
1a:7b:14:44:97:94:82:21:9a:18:67:1e:38:17:7a:3d:08:d8:
eb:a5:19:bb:e7:ed:32:e3:3e:b5:bb:3c:8d:e2:7f:e9:89:bf:
72:8b:30:f5:84:83:49:19:65:58:2a:0a:9d:cb:70:34:43:2a:
0e:f4:70:e1:83:71:6a:b0:e9:cb:0b:9c:54:20:ed:13:9a:1f:
df:db:ad:4c:85:44:7d:80:ac:9b:77:09:0b:6c:30:69:26:ec:
66:34:51:c1:77:a5:f8:ff:4a:73:4e:82:68:5b:c3:bc:de:02:
40:fc:c4:64:68:82:eb:a4:94:a1:51:b8:2e:7f:a8:5e:48:93:
3b:27:4f:08
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP3HMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTkxNDMzWhcNMjcxMjEzMTkxNDMzWjAYMRYw
FAYDVQQDEw02NzdkN2QxZC1mMzhlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3B1x3B9Fug9Q2d3Okx23N6sxXxHdKiuDCm1PSyQF6bIosPIScTfljl8S
e6kFQBpZdgKSfSD3/rrPyFCA6POOnIA5YYW/N8UPWXJnG9k1xR8zi7gBcS4krM/+
Ahf/IV8OsL9cFhgoByl74I/Elg/VbPAhdDizoija0LHYjTxWmx8MOM+XoZIVclKw
PmO2MYZIeDPyMWuFBvZ+6G3emJyfkx2FixDVSAZCWMDcgJsE4+BuZBO3T0ZlN1Zk
lMeywX6W0FqVdoesvajStIfXv085aXT6Tup1LRyl6OXIPuaofoFJDgdXy6NB9lez
xHRcaFE7Mk1SDutogGWcgpJOy/f0NQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPt5
OOvzyRh+7rxggAk303srK+JSMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BMkJBRTIxMkNEMkIxMUVGOUJCNzFGQkE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPHwMA0GCSqGSIb3DQEBCwUA
A4IBAQARz4n6s5IZfoGh7x/lw+rDtC7PFxSm/dMOj1f8hau1oceR5zeSb/khf+YV
b1x/m3oklflXGC3P6jy6iDjHZB55NxmU/68wr3F9QYfBxDA2muqi8V2rsTA0MOl9
t5ljwpjhRanbIBFh/LR4Ad2/xVfDqKbBMpPf7jUNjYDF9u0aexREl5SCIZoYZx44
F3o9CNjrpRm75+0y4z61uzyN4n/pib9yizD1hINJGWVYKgqdy3A0QyoO9HDhg3Fq
sOnLC5xUIO0Tmh/f261MhUR9gKybdwkLbDBpJuxmNFHBd6X4/0pzToJoW8O83gJA
/MRkaILrpJShUbguf6heSJM7J08I
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:51:03 2025 by rpki-client